The FBI has uncovered evidence that foreign hackers penetrated two state election databases in recent weeks, prompting the bureau to warn election officials across the country to take new steps to enhance the security of their computer systems, according to federal and state law enforcement officials.
The FBI warning, contained in a “flash” alert from the FBI’s Cyber Division, a copy of which was obtained by Yahoo News, comes amid heightened concerns among U.S. intelligence officials about the possibility of cyberintrusions, potentially by Russian state-sponsored hackers, aimed at disrupting the November elections.Read more
An FBI electronics technician pleaded guilty on Monday to having illegally acted as an agent of China, admitting that he on several occasions passed sensitive information to a Chinese official. Kun Shan Chun, also known as Joey Chun, was employed by the Federal Bureau of Investigation since 1997.
He pleaded guilty in federal court in Manhattan to one count of having illegally acted as an agent of a foreign government. Chun, who was arrested in March on a set of charges made public only on Monday, admitted in court that from 2011 to 2016 he acted at the direction of a Chinese official, to whom he passed the sensitive information.Read more
As a modestly sized department — policing 2 million citizens with just over 1,800 sworn officers — the San Bernardino Sheriff’s Department doesn’t seem like it would be on the cutting edge of surveillance technology.
But the department has quietly become one of the most productive nodes in a nationwide iris-scanning project, collecting iris data from at least 200,000 arrestees over the last two and a half years. In the early months of 2016, the department was collecting an average of 189 iris scans each day. San Bernardino’s activity is part of a pilot program organized by the FBI, one that began as a simple test of available technology but has quietly grown into something far more ambitious.Read more
Secret FBI rules allow agents to obtain journalists’ phone records with approval from two internal officials — far less oversight than under normal judicial procedures.
The classified rules govern the FBI’s use of National Security Letters, which allow the bureau to obtain information about journalists’ calls without going to a judge or informing the news organization being targeted. They have previously been released only in heavily redacted form. Media advocates said the documents show that the FBI imposes few constraints on itself when it bypasses the requirement to go to court and obtain subpoenas or search warrants before accessing journalists’ information.Read more
The FBI maintains a huge database of more than 411m photos culled from sources including driver’s licenses, passport applications and visa applications, which it cross-references with photos of criminal suspects using largely untested and questionably accurate facial recognition software.
A study from the Government Accountability Office released on Wednesdayfor the first time revealed the extent of the program, which had been queried several years before through a Freedom of Information Act request from the Electronic Frontier Foundation.Read more
The U.S. Federal Reserve detected more than 50 cyber breaches between 2011 and 2015, with several incidents described internally as "espionage," according to Fed records. The central bank's staff suspected hackers or spies in many of the incidents, the records show.
The Fed's computer systems play a critical role in global banking and hold confidential information on discussions about monetary policy that drives financial markets. The cybersecurity reports were heavily redacted by Fed officials to keep secret the central bank's security procedures. The records represent only a slice of all cyber attacks on the Fed.Read more
Technology firm Yahoo has released the contents of three secretive National Security Letters routinely used by the FBI to request personal information and communications data about targets deemed to be a threat to the nation.
The letters outline the vast demands for data by the FBI while legally gagging Yahoo from speaking out. Over the past few years, snippets of details have emerged about the content of these requests however the move by Yahoo to release the letters marks the first case of a company being able to publicly acknowledge receiving an NSL without engaging in a years-long court battle.Read more
The FBI has proposed keeping its database of fingerprints, iris scans and photographs exempt from privacy laws, prompting companies like Lyft and Uber to join advocacy groups in saying they are “deeply concerned” about the proposed change.
The bureau wants to shield its massive biometric database, called the Next Generation Identification (NGI), from Privacy Act rules that require a person to be notified if they are in a government system, as well as rules that let people ensure that the information the government is holding about them is accurate. The FBI’s proposal was first published in early May.Read more
FBI officials are warning private industry partners to be on the lookout for highly stealthy keystroke loggers that surreptitiously sniff passwords and other input typed into wireless keyboards.
The FBI's Private Industry Notification is dated April 29, more than 15 months after whitehat hacker Samy Kamkar released a KeySweeper, a proof-of-concept attack platform that covertly logged and decrypted keystrokes from many Microsoft-branded wireless keyboards and transmitted the data over cellular networks. To lower the chances that the sniffing device might be discovered by a target, Kamkar designed it to look almost identical to USB phone chargers.Read more
The Supreme Court on Thursday approved a rule change that would let U.S. judges issue search warrants for access to computers located in any jurisdiction despite opposition from civil liberties groups who say it will greatly expand the FBI's hacking authority.
U.S. Chief Justice John Roberts transmitted the rules to Congress, which will have until Dec. 1 to reject or modify the changes to the federal rules of criminal procedure. If Congress does not act, the rules would take effect automatically. Magistrate judges normally can order searches only within the jurisdiction of their court, which is typically limited to a few counties.Read more