New information yields the possibility of at least one ex-employee playing a role
The saga of "who really stole all that data from Sony" continues, in spite of the FBI's adherence to its findings that North Korea alone was responsible. Independent investigations by security organizations have expanded the suspect list to include ex-employees, while net vandals Lizard Squad have, in their continuing quest for attention, claimed partial credit.
Statement from FBI notes similarities between Sony Pictures hack and other intrusions by North Korea
[Updated with comments from President Barack Obama] North Korea is responsible for the attack on Sony Pictures, the Federal Bureau of Investigation (FBI) has now announced. The statement about the agency's investigation into the intrusion of the movie studio's computer network, and subsequent leaks, comes at the same time as messages supposedly coming from the hackers wanting Sony to do more than halt the release of "The Interview" movie.
Scope and scale of attack unknown; FBI briefing gives response guidelines
The US Federal Bureau of Investigation (FBI) has warned businesses, energy firms, and educational institutions all the way to the middle school level to be aware of an organized hacking effort by elements in Iran. While the FBI does not explicitly state that the Iranian government is behind the attacks, the efforts are originating from within Iran and some security experts believe that it is a state-sponsored attack.
FBI leaves with 20 boxes of documents, school district officially terminates contract
The Federal Bureau of Investigation (FBI) visited the Los Angeles Unified School District (LAUSD) on Monday in relation to an investigation of the latter's botched iPad program. The Common Core Technology Project attempted to bring iPads to each student in the 47 schools in the district, but drew scrutiny based on the way the district handled the implementation under former Superintendent John Deasy.
FBI gives guidance to major US corporations, including who to notify during attack
While not specifically naming any names, the FBI has warned that a major cyberattack has taken place against US businesses in the last two weeks. The advisory, likely given in the wake of the enormous Sony breach, gives some details about the tools used in the assault, and provides advice to the businesses on how to respond to the package, which includes informing the FBI.
DOJ could be reluctant to pursue criminal charges after criticism in other cases
The Federal Bureau of Investigation (FBI) has reportedly identified a "second leaker" that has been passing sensitive government information to journalists for months. While the subject isn't named, the FBI recently conducted a search of a government contractor's home believed to be tied to the leak of classified documents regarding government watch-lists. In addition to the search, federal prosecutors in North Virginia initiated a criminal investigation.
Comey seeking update to CALEA to give law enforcement a 'front door' into devices
Federal Bureau of Investigation (FBI) Director James Comey isn't giving up his crusade to persuade the government and businesses that law enforcement should have access to encrypted phone data. Comey took his fight to Congress recently, asking that it update the Communications Assistance for Law Enforcement Act (CALEA) to cover newer technologies.
Encryption of smartphones hampers security efforts, claims FBI head
The head of the Federal Bureau of Investigation (FBI) has asked for companies to back away from encrypting consumer devices by default. Echoing similar comments made last month, Director James Comey spoke to the Brookings Institute yesterday about the issue, which is claimed will make it difficult for law enforcement officials to collect evidence from mobile devices.
Agency thinks Android L, iOS 8 security put consumer security ahead of law enforcement
Addressing reporters in Washington today, Federal Bureau of Investigation (FBI) Director James Comey voiced his concerns over the recent shifts in security policy for Android and iOS 8. Specifically, Comey believes that the new security encryption measures that cannot be bypassed for law enforcement puts consumers before possible emergency situations.
FBI letter withdrawn after Microsoft court challenge, fought over disclosure issues
Documents related to a court battle between Microsoft and the Federal Bureau of Investigation (FBI) were unsealed this week by a federal court in Seattle, Washington. The court battle, which was over a 2013 National Security Letter requesting information on a Office 365 customer, resulted in a rare victory for consumers when Microsoft was able to successfully argue the letter's legal standing.
Carrier receives over 1K national security letters
Amid increased scrutiny over privacy regulations, Verizon has released its first transparency report detailing the number and type of government requests for customer data. The carrier was asked to respond to over 320,000 requests from federal, state or local law-enforcement agencies in the US during 2013. Notably, nearly 1,500 of the requests resulted in wiretaps and between 1,000 and 2,000 National Security Letters were included in the numbers.
Request to monitor e-mail escalated to threats of fines, jail time
Encrypted e-mail service Lavabit was pressured by the FBI to provide private SSL keys for all of its traffic, according to unsealed court documents that provide more details about the service's shutdown. The Texas e-mail provider's refusal to provide details about one specific account, believed to be that of NSA whistleblower Edward Snowden, forced the courts to threaten daily fines and possible imprisonment if it continued to disobey the FBI's order.
Exploits, malware, tools purchased by FBI for remote surveillance hacks
The Federal Bureau of Investigation is able to listen into and record conversations through microphones connected to computers, as well as through Android smartphones, according to a report. The bureau is said to have used hacking tools, including spyware and other malware, that it has purchased from individuals and hacker collectives to gain access to mobile devices, in order to eavesdrop.
DCAC in Quantico will allow FBI to increase Internet monitoring
The FBI is reportedly forming a unit to develop new technologies for electronic surveillance, enabling the agency to expand monitoring capabilities for VoIP, wireless signals, and the Internet. According to Cnet, the Domestic Communications Assistance Center, located in Quantico, VA, will serve to intercept Skype conversations and analyze data received from a social network or carrier.
Bureau seeking support for mandatory backdoors
The Federal Bureau of Investigation is reportedly meeting with Internet companies to promote upcoming legislation that will require surveillance backdoors for web-based services such as social networks, e-mail, messaging and VoIP. The agency has yet to formally announce the push, however unnamed sources have told Cnet that senior FBI officials are quietly meeting with US senators, Obama administration officials and industry executives in an attempt to muster support.
FBI and EU agencies stop criminal carding sites
The FBI, the UK Serious Organized Crime Agency, and other European authorities have shut down 36 criminal websites by seizing the domains. The sites, selling details for hundreds of thousands of stolen credit cards, were finally brought down after a two-year criminal investigation into the activities.
Also had top secret clearance in Pixar era
The US Commerce Department has confirmed that Steve Jobs did in fact serve on the President's Export Council during the George Bush Sr. administration, according to the Associated Press. This week the FBI published a 191-page file on Jobs from 1991, dealing mainly with a background investigation for an appointment to the Council. The AP remarks that Export Council members are unpaid, and meet a minimum of twice a year.
Jobs 'deceptive,' with 'questionable' character
The FBI has released a 191-page file on former Apple CEO Steve Jobs, Gawker notes. The document actually dates back to 1991, when Jobs had long left Apple, but was being considered for an appointment to the President's Export Council in the George Bush Sr. administration. It also makes reference to an earlier bomb threat against Jobs, dating back to 1985.
Anonymous shares secret FBI investigation call
The hacking group Anonymous has intercepted a 15-minute call between the FBI and the British police's cybercrime investigators, according to a Friday report. Available to download, the conference call ironically focused on how to track and prosecute the very group of hackers. The FBI has launched an investigation into how Anonymous able to attain the recording, which has some names of the suspects edited out.
Megaupload has defense trouble
Megaupload saw its troubles expand on Sunday in multiple directions. The file upload service's founder Kim Dotcom pressed for bail in a New Zealand court. In a Reuters account, his attorney argued both that he had done nothing wrong and that he wouldn't be a flight risk. He added that he wouldn't try to restart Megaupload if let out of jail.
Olympus barely avoids stock disaster post-scandal
Olympus on Friday narrowly avoided additional threats of possible delisting from the Tokyo Stock Exchange. Officials at the trading house said they would let Olympus stay after the $1.7 billion concealment scandal but would make it pay a relatively mild fine of 10 million yen, or about $129,800. The light penalty was based on the belief that just a handful of staffers had been responsible for hiding Olympus' losses and that the core of the company was safe.
Megaupload returns fire after shutdown
Megaupload reacted vigorously to shutdowns and arrests with action of its own. In conversation with Reuters, defending attorney Ira Rothken said Megaupload was "looking at its legal options" to bring its site back online. The lawyer objected to FBI and media industry claims that Megaupload was a criminal conspiracy and said that simply having a file upload service wasn't grounds for the raids this week.
FBI may use Carrier IQ to pursue suspects
The FBI in a denial of a Freedom of Information Act request may have indirectly confirmed that it uses Carrier IQ's diagnostic info to track suspects in investigations. The agency told MuckRock that it was reportedly exempt because disclosing its policies surrounding Carrier IQ might jeopardize ongoing investigations. An appeal is underway to try and force the release of information.
Government admits search to keep secrets
The US government late this week made a concession on constitutional law in a fraud case that could set a precedent protecting access to cellphones. In an affidavit (PDF), the FBI was willing to say that the use of a stingray, or fake cellular tower used to intercept and relay data from phones, represented a legal Fourth Amendment search and seizure in investigating identity theft allegations against the suspect, David Rigmaiden. Officials decided to use a court order as proof on legal grounds to avoid having to abide by a request from Rigmaiden to learn details of how a stingray worked to mount his defense on constitutional violation grounds.
FBI gets Microsoft evidence in spammer case
Microsoft is handing over all the evidence it gathered on the largest e-mail spam network to the FBI, hoping Cosma2k faces the appropriate punishment. According to CNET, Cosma2k is the ringleader of the Rustock botnet, which sends 30 billion messages a day at its peak. Said evidence includes hard drives seized at the Rustock raid back in March in its hosting facility in Kansas City, Missouri.
Two more arrested in separate investigation
Scotland Yard has announced two more arrests in conjunction with recent online attacks by hacker groups Anonymous and LulzSec. The arrests, made separately, were the result of a continuing investigation by the Yard, the FBI, and other law enforcement agencies into alleged illegal criminal activities by the two hacker groups. The men, aged 20 and 24, were charged with conspiring to commit offenses under the Computer Misuse Act 1990.
First official iOS app from crime agency
The Federal Bureau of Investigation has launched a new iOS app, Child ID. The title is meant to help with missing children cases by providing parents with quick access to identifying information. This entails photos, and details like height and weight, which are saved in a way that makes it easier to show to police officers or security guards.
MORIS iPhone add-on raises police, privacy issues
A divisive iPhone add-on from BI2 Technologies is about to reach police in a way that could challenge civil rights. The MORIS case, already used in the military and a few limited areas, will let officers snap a photo of a person's face from up to five feet away and automatically cross-check it against a police database to see if it's a known suspect or if the person has a criminal history. If they have strong reason to believe a person is a suspect, they can even scan the iris from six inches away.
LulzSec police raid turns up mystery Kayla insider
An FBI raid newly publicized Tuesday may have given clues as to some actual identities but at the cost of a person's well-being. The search, conducted against chatroom participant but otherwise believed innocent Laurelai Bailey, has narrowed down one member to a mystery figure known as "Kayla." The FBI was "particularly interested" whenever Kayla was mentioned, Bailey tells Gawker, but gives little away even with a reported Twitter account.
FBI, New Scotland Yard cooperating to stop hackers
Officers of the Police Central e-Crime Unit have arrested a 19-year old man in Essex, England for his part in a series of network hacks and denial of service attacks. New Scotland Yard stopped short of saying that the man is suspected of belonging to LulzSec, but confirmed that the FBI had helped with the investigation. Earlier this month a second member of the group was rumored to be in FBI in custody. The impact of the arrests on LulzSec's activities is unclear. Today the group said it had breached security for the UK Census database.