At a glance.
- US President Trump signs the Secure 5G and Beyond Act.
- Updates on COVID-19 emergency measures.
- States and criminals cooperate and share commodity attack tools.
- Russia's FSB busts a carding gang.
The Secure 5G and Beyond Act.
US President Trump on Monday signed the Secure 5G and Beyond Act, which Fifth Domain reports, gives the Administration one-hundred-eighty days to develop a “whole-of-government” strategy for addressing security issues 5G and subsequent generations of wireless technology will bring. Among those issues will be national security concerns, and these are to be considered in the context of working with allies to foster norms for responsible deployment of network infrastructure.
COVID-19 emergency measures.
The AP reports that today the US House, Senate, and President agreed on an emergency bill that would provide some $2 trillion in aid to individuals, businesses, and healthcare providers who've been severely affected by the COVID-19 pandemic and the public health measures taken to contain it.
The US Administration also continues to push Federal agencies toward making more extensive and more effective use of telework. According to Fifth Domain, a weekend memorandum from the Office of Management and Budget has urged the Government to adopt new authentication measures that will make remote work more secure.
Commodity malware is a sensible option for states as well as criminals.
CYFIRMA researchers report that the commodification of attack tools has enabled less capable intelligence services in developing nations to conduct effective cyber operations. Nor are established cyber powers above using the commodity tools, either. CYFIRMA sees evidence of collaboration among the big operators and client states, criminals, and allies-of-convenience.
Online chatter CYFIRMA watched in December as it monitored “hackers’ communities” devoted considerable attention to ways of running Emotet attacks. “The hacker groups were all known to be state-affiliated and funded,” CYFIRMA says, adding that “ the attack mechanism of choice is simply commodity malware.” Commodity malware is attractive because of the ease with which it can be repurposed and turned against various approved target sets.
Russia cracks down on a carding gang.
Russia’s FSB has arrested twenty-five individuals on charges of running the BuyBest (also known as the GoldenShop) carding and PII dark web souk. The FSB has also shuttered BuyBest’s online operations. CyberScoop calls it “a rare enforcement action,” which it is. Russian cyber gangs often
The FSB's biggest collar was Alexey Stroganov, nom de hack “Flint24.” Mr. Stroganov is a recidivist, having served two years of a six-year sentence for an earlier cybercrime beef. The FSB said their takedown netted about a million dollars in cash, “server equipment used for the operation of online stores, fake identification documents, including passports of Russian citizens,” as well as rifles, drugs, “gold bars and precious coins.”
US authorities have long complained that Russian criminals operate at the sufferance of the Russian government, which is content to let the gangs steal from the right set of targets as long as they serve the state in other respects, and as long as they keep their hands off protected domestic targets. The US Department of the Treasury, for example, when it announced sanctions in December's Evil Corp. case, took care to point out that "the group’s leader, Maksim Yakubets, also provides direct assistance to the Russian government’s malicious cyber efforts, highlighting the Russian government’s enlistment of cybercriminals for its own malicious purposes. Maksim Yakubets is not the first cybercriminal to be tied to the Russian government. In 2017, the Department of Justice indicted two Russian Federal Security Service (FSB) officers and their criminal conspirators for compromising millions of Yahoo email accounts."
In the case of Mr. Stroganov and his accomplices, the FSB's own announcement noted that some of the carding data being traded belonged to Russian citizens and came from Russian banks, and that may indicate the domestic line these particular alleged crooks stepped across to draw the attention of the organs.