US Treasury announced sanctions against seven Iranian nationals and other entities

Fb-Button

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and Iranian nationals for malicious cyber-enabled activity.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and individuals for malicious cyber-enabled activity.

US Dept. of Treasury announced sanctions against 7 Iranian nationals and security firms for ‘malicious cyber-activity’ against US entities.

The seven Iranians were employed by ITSecTeam (ITSEC) and Mersad Company (MERSAD), both private companies were working for the Iranian government and the Islamic Revolutionary Guard.

The Iran’s Islamic Revolutionary Guard Corps, a branch of Iran’s Armed Forces founded after the Iranian Revolution on 5 May 1979.

The Iranian nationals were indicted by the US Department of Justice in early 2016, the US authorities charged seven Iranian hackers for attacking computer systems at banks and a dam in New York.

Now the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a total of 11 Iranian entities and individuals for alleged support of hacking activities as well as two Iran-based networks that were involved in a massive distributed denial-of-service attacks that targeted the US financial institutions in 2012.

“OFAC designated private Iranian computer security company ITSec Team pursuant to E.O. 13694 for causing a significant disruption to the availability of a computer or network of computers. Between approximately December 2011 and December 2012, ITSec Team planned and executed distributed denial of service (DDoS) attacks against at least nine large U.S. financial institutions, including top U.S. banks and U.S. stock exchanges. During that time, ITSec Team performed work on behalf of the Iranian Government, including the IRGC.” states the press release issued by the US Treasury.

“OFAC also designated three Iranian nationals for acting for or on behalf of ITSec Team. Ahmad Fathi was responsible for supervising and coordinating ITSec Team’s DDoS attacks against the U.S. financial sector. Amin Shokohi, a computer hacker who worked for ITSec Team, helped build the botnet that ITSec Team used in its DDoS attacks against U.S. financial institutions. Hamid Firoozi, a network manager at ITSec Team, procured computer servers for the botnet that ITSec Team used in its DDoS activities targeting the U.S. financial sector.”

Iranian nationals sanctioned

Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan, aka Nitr0jen26, 23; Omid Ghaffarinia, aka PLuS, 25; Sina Keissar, 25; and Nader Saedi, aka Turk Server, 26; were charged to have launched DDoS attacks against 46 organizations, most of which US financial institutions from late 2011 to mid-2013.

Firoozi was also charged with hacking into a server at a New York dam between August and September 2013.

“Hamid Firoozi, a network manager at ITSec Team, procured computer servers for the botnet that ITSec Team used in its DDoS activities targeting the U.S. financial sector.” continues the press release.

The Treasury Department’s has decided to block all property and interests in property of the Iranians entities and U.S. citizens are generally prohibited from engaging in transactions with them.
“As a result of today’s actions, all property and interests in property of those designated subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them.” states the press release. “In addition, foreign financial institutions that facilitate significant transactions for, or persons that provide material or certain other support to, the entities and individuals designated today risk exposure to sanctions that could sever their access to the U.S. financial system or block their property and interests in property under U.S. jurisdiction.”
Of course, any foreign financial institutions will support the sanctioned individuals or entities will also face possible sanctions.

It Doesn’t Get Bigger Than Russian Cyber Warfare & Trump’s Capitulation To Putin

INSTAGRAM

When the history of our time is written, Vladimir Putin’s deft use of cyber warfare and disinformation as a weapon will end up being a bigger story than terrorism. While the Kremlin’s cyber armada has attacked other countries, nothing compares to its assault on our democracy, a direct hit scored because of Donald Trump, who as Putin’s rent boy put his improbable presidential campaign at Russia’s disposal because he saw climbing into bed with the U.S.’s greatest enemy as a course to victory, allegiance to America be damned.

If all of this seems too preposterous to be true, it is because the scope of what Putin and Trump have done is so huge as to boggle the mind.

But it is true — sickeningly true — and evidence of that sickening truth is accumulating steadily as Special Prosecutor Robert Mueller and investigative reporters peel away the layers of Trump’s lies, exposing a conspiracy shocking not just because of its magnitude, but the eagerness of Trump, ever willing to do wrong in the service of power and greed, to engage in something so profoundly vile.

By offering up his campaign, including his own family members and top aides, the avaricious Trump enabled Putin to home in on the biggest target of all — voters whose support for Hillary Clinton was soft enough that barrages of Russian sourced and expertly-aimed fake news and hacked emails, backed by Russian propaganda disguised as real news, moved them into the Trump column and this profoundly unqualified narcissist into the White House.

While sending Trump packing remains an abstraction with so few congressional Republican having the guts to stand up to his treason, I am uncharacteristically optimistic that he will be taken down for two reasons:

First, the size of the Putin-Trump conspiracy.

Conspiracies with only a few closed-lipped actors have a much better chance of succeeding, but there are literally dozens of people in and beyond Trump’s inner circle who participated in or have intimate knowledge of how the Putin-Trump conspiracy worked.

It will only take a few of them to buckle under Mueller’s steely grip and conclude that ratting out a man for whom loyalty always is a one-way street is preferable to prison time. And while Trump can pardon family members and close aides in the face of federal prosecution, they remain vulnerable to criminal charges at the state level, where Trump has no power to pardon.

Second, Trump’s proclivity for unforced errors.

When Trump fired FBI Director James Comey, his impetuousness and inattention to the consequences of his actions — trademarks of his presidency — quickly led to the appointment of Mueller, who is possibly the only person on the planet with the investigative chops to bring him down.

Had Trump not fired Comey, it is possible that his nascent investigation would have collapsed under the weight of Republican pressure and claims that Democrats being sore losers and were sitting on the “real” story behind the hacking of the Democratic National Committee, which has spawned thus far unfounded conspiracy theories that it was an inside job.

The case of Oliver North is instructive.

The Marine lieutenant colonel was a National Security Council staffer in the Reagan White House who lied under oath and altered official records concerning Reagan’s secret sale of weapons to Iran to fund the anti-communist Contra rebels in Nicaragua.

North seemed to be headed for prison until a joint House-Senate investigative committee decided that his information was “vital to the public interest” and granted him immunity before the FBI could build a case against him. North testified before the committee at a widely watched televised hearing and declared he was merely doing his patriotic duty to great huzzahs, effectively undercutting the FBI’s criminal case.

§

There is an element of hypocrisy in all the handwringing over Russia’s rude intrusion in the 2016 presidential election. This is because it is, from an historical perspective, merely a resumption of the post-World War II propaganda war between the U.S. and Soviet Union.

As Jim Rutenberg notes in a compelling article in the New York Times Magazine headlined “R.T., Sputnik and Russia’s New Theory of War,” Stalin understood that propaganda was the best weapon to counter the immense Marshall Plan, which beyond food relief and the rebuilding of cities and industries was a $13 billion effort (a staggering 143 billion in today’s dollars) to advance democracy.

In 1947, Stalin formed the Communist Information Bureau to coordinate anti-American messaging among European Communist parties and their newspapers, pamphlets and posters. That message was that the Marshall Plan was an American plot to subjugate Europe.

The U.S. fired back by enlisting journalists, Hollywood filmmakers and Madison Avenue ad agencies, who under the aegis of the U.S. Information Agency produced hundreds of gauzy news features and documentaries that promoted Western values like representative democracy and free trade.

All of that, of course, is tame compared to what Putin’s hackers unleashed in the Trump-Clinton election in coordination with Russian government-run news services. But that only serves to make even more alarming the widespread disinterest in preventing a repeat in the 2018 off-year and 2020 presidential elections.

Other than minor actions such as the FBI questioning a former White House correspondent for Sputnik, a Kremlin-run news service, and the Justice Department requiring RT America, a Kremlin-run network available on Comcast, Cox, Charter, Fios and DirecTV, to register as a “foreign agent” under a World War II-era law originally devised for Nazi propaganda, there has been no groundswell of concern that Russia’s subversive role in Trump’s election may have been merely a warmup.

Not surprisingly, Trump has shown no interest in how to prevent future election interference.

Comey has testified that Trump never asked him about how to prevent future Russian attacks. The National Security Council has neither asked for nor received classified briefings on Russian interference, while many key jobs at the Department of Homeland Security remain unfilled eight months into the Trump presidency.

And all the while the man whom Putin foisted on America and the world continues to insist it’s all fake news and a witch hunt.

Click HERE for a comprehensive timeline of the Russia scandal.

Related:

Get to the bottom of Equifax breach

The Equifax data security breach affecting up to 143 million U.S. consumers is bad enough, yet what’s equally shocking is to learn that credit score agencies aren’t regulated by federal authorities.

So is it fair that Equifax and similar credit agencies wield so much power without being subject to federal accountability measures?

How they formulate a person’s individual credit score — which amounts to a rating of creditworthiness — can dictate whether someone receives financing to purchase a car, home, television, personal loan, etc.

It serves to reason that credit agencies would be subject to basic government oversight as to how they protect the confidential data used to make a determination on an individual’s ability to borrow money.

The significance of what happened at Equifax can’t be understated, even though security experts say the breach’s full impact might not be known for months, if not years.

Criminal cyberhackers gained access to files containing names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers, according to Equifax officials. Armed with this data, the hackers can go on an identity theft field day, while racking up a ton of debt before the victim ever becomes aware of the fraudulent activities.

According to state Attorney General Maura Healey, nearly three million Massachusetts consumers are at risk from the data breach based on information supplied by Equifax.


Advertisement

That’s almost 47 percent of the state’s population of 6.4 million.

Healey has joined with other state attorney generals nationwide to review the circumstances of the breach and the steps being taken by Equifax to address them.

Federal lawmakers are also calling for investigations to determine if the company had proper safeguards in place to protect consumer information. Also under considering is legislation that would institute federal compliance measures on credit rating agencies.

The rush to regulation may seem like a good idea, but we believe the immediate focus should be placed on finding the criminal masterminds behind the breach and protecting all affected consumers from serious financial damage.

Equifax and other major credit rating agencies — TransUnion and Experian come to mind — should be championing the efforts by assisting the FBI and other government agencies that can help.

To date, Equifax has seemed more interested in fending off class-action lawsuits than tightening up its ship and rebuilding public confidence in its services. Company officials were totally unprepared for this crisis, possibly believing the unexpected could never happen to the company. In this day and age of cyberwarfare, that attitude is a sure sign of business complacency and neglect.

Related:

Locked Shields: The world’s largest cyber-war game

In an age when most conflicts seem to have a cyber dimension, what can this cyber defence exercise teach us?

Tallinn, Estonia – Things are bad on the small island nation of Berylia after a diplomatic row with Crimsonia, its bigger neighbour and rival. There are street protests by the Crimsonian minority in Berylia, which then suffers a wave of cyber-attacks that make it lose control of its drones and its only international airbase.

Crimsonia is blamed for the cyberoffensive even though there’s no hard proof. Crippled by the attacks, Berylia, a new member of the North Atlantic Treaty Organisation (NATO), weighs its options. One of them is to invoke Article 5 and take the military alliance to war against Crimsonia.

Berylia and Crimsonia are fictional and so is this scenario, which is part of Locked Shields, a cyberwar game. But the fact that the situation doesn’t sound that far-fetched is one of the reasons why Locked Shields is so relevant today.

Locked Shields is “the world’s largest and most advanced international technical live-fire cyber defence exercise”, as described by the NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCDCOE), which has been organising it since 2010 in Tallinn, Estonia.

This year, the event was organised at a five-star hotel in Tallinn’s city centre in late April. An entire floor of the plush hotel was dedicated to the cyber games. Everyone was armed with a laptop, monitors were placed all over the place and a drone hung from the ceiling in the Control Room where people in white, green and yellow T-shirts mingled.

READ MORE: Russia’s soft warfare

Sharing the duties

The White Team is in charge of the scenario and the Green Team is responsible for the physical and online infrastructure of Locked Shields, which includes more than 3,000 virtualised systems, some highly specialised and all mirroring the top IT trends. They operate via private networks not accessible from the open internet.

The Yellow Team is tasked with situation awareness and the people in red T-shirts have their own adjacent room: they are the in-game malignant hackers who will be attacking Berylia, and who in their day jobs are penetration testers, network and system administrators, cyberthreat analysts and such.

Many of the participants are CCDCOE staff, and the rest are a mix of techies and cyber-security experts from the private and public sectors of 25 countries.

Most are male and aged between their mid-20s and mid-40s, some are older, some are of obvious military background. There are very few women: cyberwar, it seems, is still a men’s game.

One colour is missing here: that of 19 participating Blue Teams, each one playing the role of Berylia’s Rapid Cyber-Response Team.

All but one are national teams from NATO members and allied countries, and the remaining one is from the NATO’s cybersecurity wing, Computer Incident Response Capability (NCIRC).

The Blue Teams usually play from their host countries where they all start with the same scenario and then follow their own paths as they are more or less successful at keeping the cyber-attackers at bay. Locked Shields is a competition: the Blue Teams are scored and at the end ranked. Last year Slovakia won ahead of the NCIRC and Finland.

After two days of preparations, the exercise was launched on April 26. The 19 defending teams spread all over Europe woke up to a fake news story accusing Berylia of having produced a drone for spraying chemical weapons.

This causes protests in Berylia and condemnation by Crimsonia, then the cyber-attacks begin and immediately, several Blue Teams have their firewalls compromised by the Red Team hackers in Tallinn.

As long as they remain inside and invisible, the attackers can steal and modify data, and maybe even control the systems.

In real life, it would not be exactly like this, though.

“During this game, they are giving you the infrastructure to protect web pages or mailing systems that are already vulnerable. In the real world, you are protecting your systems on a daily basis,” says Klaid Magi, leader of the Estonian Blue Team, which is playing from a room in the Estonian Information System Authority, where Magi works as head of the cybersecurity unit.

Once attackers get inside your systems, havoc may follow, as happens for some Blue Teams when fuel pumps in their airbase are hacked and spill their contents, causing a fire. Smoke can be seen and suddenly these teams start receiving emails and Skype calls from the in-game journalists in Tallinn.

In the hotel, the Control Room is frantic with people in white, green and yellow typing, walking around and speaking to each other, mostly in English and Estonian. However, the room next door where the people in red are sitting and where the cyberattacks are coming from is eerily silent and calm.

Playing a game of catch-up

“You need to be very concentrated, it’s really distracting if there’re people talking, it’s like chess,” says a Red Team member who cannot reveal their name. The way cyberattacks work, the aggressor makes the first move, often expecting to be caught and, as in chess, sacrificing a piece to prod their rival’s defences, who then responds before it’s the attacker’s turn again, and so on until the game is over.

“Attackers are usually a step ahead, so often it’s a catch-up game,” explains Mehis Hakkaja, the Red Team leader and CEO of a cybersecurity company in Tallinn.

Attacking is easier than defending because – be it a smart toy, a mobile phone or an airport’s power grid – the hackers may just need access to one entry point while the defenders have to protect all the possibilities.

“The internet is very vulnerable to manipulation if the actors are professional, and especially if they are nation states [which can use their bureaucracy to set well-organised cyberoffensives],” says Kenneth Geers, senior fellow at the Atlantic Council’s Cyber Statecraft Initiative and a CCDCOE ambassador.

In 2014, the Russian offensive in eastern Ukraine and the annexation of Crimea included – like this year’s Locked Shields – cyberattacks against power grids and an airport.

The Russian campaign in Georgia in 2008 had already been preceded by cyberattacks against Georgian websites. And the year before the target had been Estonia, which after a diplomatic row with Russia received three waves of cyberattacks that blocked government, banks, media and telecom companies’ websites.

Fingers have been pointed at Russia for the attacks, but there isn’t definite evidence of the Kremlin being behind them. And it’s of course not just Moscow: the most famous cyber-attack of all, the malware Stuxnet, which managed to damage the Iranian nuclear industry, is believed to have originated in the US and Israel.

By the second day of attacks in Locked Shields, some Blue Teams have had their airbase’s power grid hacked, leaving the airport without electricity, which means no planes could land or take off from the island nation, effectively cutting if off from the rest of the world. As the prime minister of Berylia, what would you do in this situation?

The overall aim of the political game is to push the Blue Teams to a point where they are forced to consider invoking Article 5 and taking NATO to war against Crimsonia.

“And surprisingly most nations did. Basically, they all went to war, we didn’t expect it,” says Matthijs Veenendaal, head of this part of the game and Strategy Branch Chief at the CCDCOE.

Veenendaal says last year in a similar situation, no team invoked Article 5.

But he believes that the teams that went to war did so on purpose to push the scenario to its limits and make the most of the learning experience.

In today’s tense geopolitical situation, and seeing how in the past supposed cyberaggressors got away with attacking, why don’t rival countries launch more damaging cyberoffensives against each other?

Share this:

Like this:

LikeLoading…

Related

Related:

Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare

Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare

Cyberspace is the 21st century’s greatest engine of change. And it’s everywhere. Telecommunications, commercial and financial systems, government operations, food production – virtually every aspect of global civilization now depends on interconnected cyber systems to operate; systems that have helped advance medicine, streamline everyday commerce, and so much more. Which makes keeping these systems safe from threat one of the most pressing problems we face.

Related:

Essay about cyber law

  • Home / Essay about cyber law | Views: 17193 | #19850
  • essay about cyber law

    (Part I is here and provides links to the other parts in the series.) The recent Wanna Cry and Not Petya global cyber incidents have fueled the debate already raging over the role of and limits on corporate self-defense in cyberspace.Similarly, company may file litigation against its employee on the basis of e-main sent by that employee to some other person which contains defamatory or objectionable material.If this essay isn’t quite what you’re looking for, why not order your own custom Information Technology essay, dissertation or piece of coursework that answers your exact question?To write this paper, review the summaries of the proposed legislation, prepared by the Library of Congress. That is, what topics raised in class would it have addressed, regarding cybersecurity? It is also critical for the future social and economic development of the world.Computer and internet enable the business organizations to execute the Electronic commerce business model, which has become very popular. Mutation und selektion beispiel essay gilded age political cartoon dbq essay. My essay geeks reviews on hydroxycut bacons essay world war 2 student essay essay in sanskrit of man vidyalaya alice pung unpolished gem. Cyber essays – Papers and resumes at most affordable prices. Please be sure to use an in-text citation for all quotes.In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. When Internet was developed, the founding fathers of Internet hardly had any inclination that Internet could transform itself into an all pervading revolution which could be misused for criminal activities and which required regulation.Having made these preliminary remarks, the original question, to which the introductory statement refers, remains: is cyberlaw an area of law?

    • Oct 29, 2014. What is Cybercrime? – Definition, History, Types & Laws. What is Cyber Terrorism ? – Definition, Cases & Examples. Crimes Against Property.
    • The Impact of Cyber Warfare under International. Humanitarian Law A Critical Legal Analysis. A Senior Essay. By Yohannes Eneyew. Advisor; Shimles Sisay.
    • This essay will examine the concept of online hate speech and highlight the specific. For example, under the Bangladesh cyber laws, a blogger or Internet.
    • Bullying involves two people, a bully or intimidator and a victim. The bully abuses the victim through physical. * Keywords bullying, cyber bullying, law, statistics.

    essay about cyber law

    There are UK writers just like me on hand, waiting to help you.Therefore, there are as many legal orders in cyberspace as there are national (or supranational) legal orders.Cyber law Name Institution Professor’s Name Course title Date of submission Cyber laws or internet laws refer to legal issues which are directly or indirectly related to the use of the internet and cyber.Jody Westby, CEO of Global Cyber Risk LLC., stresses the need for international rule of law.It is the opinion of the author of this essay that cyberlaw is not (yet) an area of law, but that it is a legal order.Cyberspace is such a term, which is not yet completely defined and also has no geographical limitation.The harassment can have wide-reaching effects on the victim, as the content used to harass the victim can be spread and shared easily among many people and often remains accessible for a long time after the initial incident.For authentication purposes, additional information needs to be carried with cyberspace transactions for identity purposes.Capable of shutting down nuclear centrifuges, air defense systems, and electrical grids, cyber-attacks pose a serious threat to national security.This includes acknowledging that there is a major difference of perspective within the international community between those states that prefer to talk about “information security,” including protecting citizens from what they consider harmful content, and others states that focus on “cybersecurity,” a narrower subset of information security.

    Cyber space is something that exists nowhere, geographically speaking, but can be accessed from any place in the world through a computer with an Internet connection.The offender might be in Asia while the Internet server used to commit the offence concerned may be located somewhere in the US or Africa. Yet, as Chris Reed argues, it is possible to proceed to a localisation in the ‘physical’ world of the constituent elements of any given activity in cyberspace, and national laws will therefore apply, in accordance with rules on applicable law (such as the Rome I and Rome II Regulations, at the level of the European Union).Email: All selected Writings will be published in the form of a blog.Free 5-day trial Cyber crimes are any crimes that involve a computer and a network.It is essential to instill confidence in online trade, commerce, banking, telemedicine, e-governance and host of other applications.A frequently used definition of cyberbullying is “an aggressive, intentional act or behavior that is carried out by a group or an individual, using electronic forms of contact, repeatedly and over time against a victim who cannot easily defend him or herself.” There are many variations of the definition, such as the National Crime Prevention Council’s more specific definition: “the process of using the Internet, cell phones or other devices to send or post text or images intended to hurt or embarrass another person.” Cyberbullying is often similar to traditional bullying, with some notable distinctions.

    essay about cyber lawessay about cyber law

    What Is Cyber Crime? – Definition, Types & Examples – Video.

    Essay about cyber law: Rating: 80 / 100 All: 360

    Navin Shetty

    Related:

    ‘acts of war,’ says admiral

    The United States has habitually tolerated cyber attacks from several great and regional powers that, perhaps a decade ago, Washington would have considered an act of war, according to the ranking U.S. Navy admiral in charge of information warfare.

    “We’ve had an awful lot of examples of what, 10 years ago, we assumed would be construed as an act of war,” Vice Adm. Jan Tighe said Thursday. “And, in a lot of cases, there has not been a response, either a military response or a diplomatic response.”

    Tighe, the deputy chief of naval operations for information warfare, suggested that policy makers in recent years failed to develop international standards due to a belief that cyber technology was too nascent. But the danger of hacking threats grew quickly, leaving U.S. officials uncertain of how to respond.

    For example, Russian-linked hackers shut down an electrical grid in Ukraine, leaving hundreds of thousands of people without power for several hours.

    “The international community did not even really come out strongly and say, ‘this is unacceptable, you cannot go after critical infrastructure,’” she said at the Center for Strategic and International Studies. “Where is the hue and cry in that? And so, what that says is, that must be okay. That must be perfectly acceptable. When you’re not at war, you can attack someone’s critical infrastructure.”

    A number of experts believe the U.S. may be ill-prepared to defend its critical civilian infrastructure from cyber attacks. And while the U.S. government can no doubt respond in kind, that doesn’t make our experts sleep any better at night. [source]

    Why it’s on our radar: Information in this article helps several Priority Intelligence Requirements: What are the latest indicators of a conflict with Russia, China, North Korea, and in the Middle East? Each week in our Strategic Intelligence Summary, we gauge the likelihood and scope of conflict with these nations and regions and track the latest developments in each region. Subscribe here to receive our premium intelligence products prepared by Intelligence and special operations veterans.

    Share this:

    Related

    Related: