Mossad boss hints at less than subtle Stuxnet follow-up • The Register
In short Outgoing Israeli foreign intelligence chief Mossad suggested that Stuxnet was not the only key in the work his agency has put into Iran’s nuclear program.
In an interview last week, Yossi Cohen hinted that Iran’s uranium enrichment centrifuges at the Natanz facility were physically destroyed last year, requiring reconstruction. While Cohen did not explicitly take credit for the sabotage, he made it clear that Israel was determined to prevent Iran from building nuclear weapons.
It is said that a marble plinth, on which the centrifuges were placed, was fueled by explosives hidden inside which were set off to ruin the factory. There have indeed been reports of explosions at Iranian nuclear sites in 2020, which have been attributed to the Mossad.
He also hinted that the assassination of Mohsen Fakhrizadeh, one of Iran’s top nuclear scientists, using what the Iranians have described as a machine gun controlled by “an intelligent satellite system”, may have been committed by Israel.
“If man constitutes an ability that endangers the citizens of Israel, he must cease to exist,” Cohen said.
This kinetic approach is a far cry from ten years ago or more, when a combined US and Israeli operation secretly installed Stuxnet malware on the vacuum computer systems used to control some of Iran’s centrifuges. The sophisticated malware surreptitiously interfered with the speed of the centrifuge to derail Iran’s uranium fuel enrichment process.
Fujifilm says FU to ransomware
While Colonial Pipeline and JBS are willing to pay several millions to organized ransomware gangs, Fujifilm has apparently taken a different approach.
Last week, the Japanese conglomerate confirmed it had been the victim of an online intrusion and shut down all external communications and part of its internal network. Two days later he said it was ransomware, but it looks like the company isn’t paying and is doing it the hard way.
“Fujifilm Corporation in Tokyo is not commenting on the request but I can confirm that we have not paid any ransom,” a Fujifilm spokesperson told The Verdict. “Fujifilm has implemented safeguards as part of its standard operating procedure aligned with its policy.”
Which is frankly admirable, and good security practice. Ransomware garbage has taken its toll when companies, or their insurers, decide it’s cheaper to pay rather than fix the problem, but once you have malware on a system, chances are you will ‘there is other malware and you will need to reformat anyway – if you follow best practices.
Suspected Trickbot malware developer indicted
The US government scored a rare victory when it managed to stick a collar on what it claims to be a malware developer, and it doesn’t fit the stereotypes.
In February, Latvian national Alla Witte, 55, was arrested in Florida and the United States has now filed an indictment with 47 counts against her in federal court in Ohio. She is accused of developing code for the Trickbot malware botnet and creating ransomware to be sent to infected PCs.
“The accused is accused of working with other members of the transnational criminal organization to develop and deploy a digital suite of malicious tools used to target companies and individuals around the world for theft and ransom,” said Deputy Attorney General Lisa Monaco said earlier this month.
“These accusations serve as a warning to potential cybercriminals that the Justice Department, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use whatever tools at our disposal to disrupt the cybercriminal ecosystem. “
According to social media posts, Witte, who called himself Max Online, grew up in Russia, studied mathematics and worked as a teacher in the 1980s, before embarking on computer science and coding on the turn. of the century. She is accused of joining the Trickbot Network in 2015, acting as a key programmer, and potentially faces life in prison if found guilty.
Meanwhile, police around the world moved this week to bring down the infamous Slilpp online souk.
The marketplace, in operation since 2012, sold stolen credentials and email accounts to the highest bidder and operated a wire transfer payment system. U.S. authorities estimate that it caused more than $ 200 million in damage to U.S. citizens, and in a coordinated attack its servers and control systems were seized by U.S. and European police. More than ten individuals have been charged.
“The Slilpp deal is said to have caused hundreds of millions of dollars in losses to victims around the world, including allowing buyers to steal the identities of American victims,” said Acting Deputy Attorney General Nicholas McQuaid of the Criminal Division of the Ministry of Justice. “The ministry will not tolerate an underground economy for stolen identities.”
RSA creates a fraud wing as an Outseer
Barely a year after being sold by Dell to private equity player Symphony Technology Group for $ 2.1 billion, RSA is splitting its fraud and surveillance business units into a separate company.
You may remember STG from buyouts like McAfee’s corporate business, for which it paid $ 4 billion in cash in 2020, and made other corporate security acquisitions. She has now implemented Outseer, a combination of RSA’s Adaptive Authentication Monitoring System and its FraudAction Threat Detection Unit led by Reed Taussig, who joined RSA’s Fraud & Risk Intelligence unit at the end of Last year.
“Outseer’s raison d’être is not just about eliminating payments and account fraud,” he said. “These fraudulent transactions are often the pretext for more sinister drug and human trafficking, terrorism and other nefarious behavior. Outseer has the ability to help make the world a safer place.” ®