RSS
Translated by
2020/08/03 09:48:38

Cyber crime and cyber conflicts: USA

The USA - the most aggressive state in the field of carrying out cyber attacks to information systems of the countries of the world. In the USA Stuxnet and other samples of cyberarms of the high level were created. In 1982 the USA carried out destructive cyber attack against the Soviet trunk pipelines.

Content

Organizations

The key organizations of the USA conducting cyber attacks worldwide are

For gain of protection of the state cyber security in 2016 it was created

At the global level of the USA try to advance the policy in the field of cyber attacks and cyber security through the North Atlantic military Alliance

The facts connected with activity of data of structures are collected in the relevant articles.

Cyber wars

Russia is forced to undertake measures of control of other countries in the field of a cyberspace and thus it is involved in cyber wars. As the key opponent in this sphere the USA traditionally acts:

2020

North Korean hackers attacked the military sector of the USA

On July 30, 2020 it became known that North Korean cybercriminals attacked the defense and space enterprises in the USA. Malefactors sent to employees of war industry counterfeit offers on work with the purpose of cracking of computer networks.

As specialists from McAfee company reported, cyber attacks began at the end of March, 2020 and continued till May. The harmful campaign which received the name "Operation North Star" is connected with the North Korean cybercriminal Lazarus grouping (it is Hidden Cobra).

During the attacks criminals sent the phishing e-mails inducing receivers to open forgery documents with offers on work. As experts noted, malefactors used technology of implementation of a template (template injection). The.docx file represents the ZIP file containing several parts. Using technology of implementation of a template, the malefactor places the link in the file of a template in one of the.XML files. According to the link the file of a template (DOTM) from a remote server was loaded. Some of these files of templates are renamed into the JPEG files on a remote server to avoid any suspicions. Files of templates contain the code of a macro written in the Visual Basic language which loads a DLL implant into the system of the victim. Hackers used the harmful DLL files delivered through forgery documents for cyber espionage implementation.

Malefactors always try to remain unnoticed during the attacks therefore such equipment as simulation of User-Agent which is present at a system is often observed. For example, use of the same line User-Agent from the web configurations browser of the victim allows to avoid detection and to disguise traffic. In this case criminals using Windows API ObtainUserAgentString received User-Agent and used this value for connection with C&C-сервером.

According to experts, hackers ensured persistence on a system by bringing of the LNK file in the folder of automatic loading[1].

Fancy Bear attacks critical infrastructure of the USA

On July 27, 2020 it became known that the cybercriminal APT28 grouping also known as Fancy Bear, performed a number of earlier unsolved attacks to the American enterprises, beginning from the government organizations, and finishing with objects of critical infrastructure., As reported in the notice of FBI sent to the victims of a harmful campaign in May, 2020, transaction APT28 continued since December the 2018th till, at least, a May, 2020.

On to data FBI, malefactors generally tried to crack mail and VPN- servers accounts Microsoft Office 365 and e-mail. The list of the victims includes "a big range of the American organizations, managements of the federal government and the governments of states and also educational organizations". Besides, within this harmful campaign APT28 which the western experts consider connected with the Russian intelligence agencies attacked the electrical power enterprises in the USA.

According to the notification of FBI, malefactors got into networks of the attacked organizations using the phishing letters sent both to corporate and on personal mail of employees. Besides, they used brute force attack and so-called "spraying of passwords" (password-spraying) – the attack during which popular passwords are entered into a set of accounts at once. If the password approaches at least one, malefactors get access to it.

The number of victims in this harmful campaign is not specified. Nevertheless, as specialists from FireEye reported, they knew of several organizations compromised using the IP addresses from APT28 arsenal. However in these cases malefactors did not infect the hacked networks with the malware, and moved on them as legitimate employees.

In several days after the notification of FBI the U.S. National Security Agency warned about a wave of the attacks on Exim mail servers. This operation was performed by other grouping which U.S. authorities also consider [2] connected with the Government of the Russian Federation[3].

"Almost for certain it were the Russian intelligence agencies"

"Almost for certain it were the Russian intelligence agencies": The USA, Canada and Great Britain state that the Russian hackers "make cyber attacks to the organizations connected with search of vaccine against a coronavirus".

In the publication in July, 2020 published by the National center of cyber security of Great Britain (NCSC) it is told about attacks to the organizations which are engaged in search of vaccine from COVID-19. These attacks attribute to the hacker APT29 group also famous as Cozy Bear which as they claim, "almost for certain" works for the Russian intelligence agencies.

"The campaign of malicious actions APT29 continues. Actions are directed generally against government, diplomatic, analytical, medical and power objects. Their probable purpose – theft of valuable intellectual property", the press release says. "About probability more than 95%" this grouping is connected with the Russian intelligence agencies, approve intelligence agencies.

"The group uses different tools and methods, including a phishing and the malware known as WellMess and WellMail", the statement says. In the statement it is also mentioned that to this Cozy Bear did not connect with these programs,

Earlier today on the website of the British Parliament the statement of the Ministry of Foreign Affairs of the country that Russia "almost for certain" interfered with parliamentary elections of 2019 appeared: "Though we also have no proofs, we consider interventions inadmissible" - Dominica of Raab is said in the statement. Here it is possible to meet already familiar "shout at laykl", "it is inadmissible!" and "we leave the right to response".

File:Aquote1.png
The Kremlin commented on charges: "We have no information who could crack pharmaceutical companies and the research centers in Great Britain. We can tell one – Russia has no relation to these attempts", – the Russian President's Press Secretary Dmitry Peskov said. In the Russian Foreign Ministry these charges were also called unfounded
File:Aquote2.png

The Russian hacker went to prison for 9 years for sale of stolen bank cards

On June 26, 2020 the federal court of East district of the State of Virginia sentenced the Russian hacker Alexey Burkov to nine years of prison for cyberfraud. Read more here.

The USA does not want to lay a communication wire with China because of cyber espionage threat

On June 22, 2020 it became known that the USA does not want to lay a communication wire with China because of cyber espionage threat. Kabel allegedly will allow the Chinese intelligence services to get access to the American data.

The USA does not want to lay a communication wire with China because of cyber espionage threat. Photo: republicoftogo.com.

As it was reported, the American committee on assessment of foreign participation in the sector of telecommunication services of Team Telecom recommended to the Federal commission on communication (Federal Communications Commission, FCC) the USA, proceeding from reasons of national security to refuse laying of the underwater Pacific Light Cable Network (PLCN) cable system on a bottom of the Pacific Ocean between Hong Kong and Los Angeles.

As Team Telecom consisting of Ministry of Justice, the Ministry of Defence and the U.S. Department of Homeland Security is afraid, the cable allegedly will allow the Chinese intelligence services to get access to the American data.

File:Aquote1.png
Team Telecom recommends to FCC to satisfy a part of the request PLCN, the USA directed to connection, Taiwan and Filippin which have no property in the People's Republic of China (PRC) and separately belongs and is controlled by subsidiary companies Google and Facebook provided that subsidiary companies of the companies sign agreements on mitigation for these corresponding connections. The Pacific Light Cable Network project assumes cable laying between Hong Kong and Los Angeles through Taiwan and Philippines with a total length about 13 thousand kilometers. This decision of committee is connected with a situation in the field of national security, including efforts of the government of the People's Republic of China on receiving confidential data of the American citizens. Thus the submarine cable can be rich and vulnerable data source for China. Laying of PLCN caused for June, 2020 concern about national security as an influential investor in PLCN is the Hong Kong company Pacific Light Data — subsidiary company of the supplier of telecommunication services in the People's Republic of China of Dr. Peng Telecom & Media Group. As members of the committee noted, PLCN is only one of several similar projects, "[4] causing similar concern[5].

told in Team Telecom
File:Aquote2.png

SEC reached the agreement with accused of cracking of its system

On April 9, 2020 the U.S. Securities and Exchange Commission announced conclusion of an agreement with the citizen of Ukraine Igor Sabodakhoy whom the regulator on an equal basis with some other hackers accused of cracking of the IT system. Read more here.

CIA was suspected of 11 years' cyber espionage against China

The Chinese cybersecurity company Qihoo 360 published the report in which connected Central Intelligence Agency of the USA (CIA) with the long-term campaign for cyber espionage directed to the Chinese industrial and government organizations. It became known on March 4, 2020. According to researchers, the campaign continued during the period from September, 2008 to June, 2019, and the majority of the purposes were located in Beijing, Guangdong and Zhejiang. Read more here.

The virus racketeer attacked the American operator of the gas pipeline and interrupted its work

In the middle of February, 2020 it became known that the virus racketeer attacked the American operator of the gas pipeline and interrupted operation of the compression unit. Date of attack is not reported, but technical recommendations for other operators of crucial infrastructure facilities which will allow to take adequate measures of precaution are made. Read more here.

2019

The base of the US Coast Guard is attacked by a virus racketeer

At the end of December, 2019 the base of the US Coast Guard was attacked by a virus racketeer which put out of action of the camera, a control system of access to doors and a monitoring system. Read more here.

Cyber attacks to the system of service of airplanes on Alaska

At the end of December, 2019 the RavnAir airline cancelled nearly 20 runs on Alaska in the middle of the festive Christmas travel. Cyber attack to the system of service of airplanes became the reason. Read more here.

For capture of the Russian hacker in the USA appointed a record award

At the beginning of December, 2019  for capture of the Russian hacker in the USA appointed a record award. The State department is ready to pay $5 million for information which will help to delay the expected leader of the cybercriminal Evil Corp grouping (it is also known as Dridex Gang) Maxim Yakubts. Read more here.

Medium and small business in the USA does not believe in gravity of cyberthreats

The American SMB-segment not only does not believe in gravity of cyberthreat, but also has no means for prevention of the happened attack. The research conducted by experts of the industry showed that top managers not of large enterprises have even no idea of how to begin to conduct prevention of cybersecurity incidents[6].

Cyber attack by the Chinese hackers to National association of industrialists of the USA

In the summer of 2019 the network of National association of industrialists (National Association of Manufacturers, NAM) the USA underwent the cyber attack which is presumably performed by the cybercriminal grouping sponsored by the Chinese government. It became known on November 14, 2019. Read more here.

The USA accused North Korea of cyber attacks to the financial sector

On November 12, 2019 it became known that the U.S. Department of Defense accused the cybercriminals working for the government of North Korea of cyber attacks to the financial sector, including to SWIFT network, for the purpose of enrichment. Read more here.

Employees AT&T profited installation in network of hacker routers and viruses

At the beginning of August, 2019 AT&T brought to employees charge of fraud — they for a bribe installed the malware and the unauthorized equipment in network of the company. Read more here.

Viruses began to attack commercial vessels

In July, 2019 the US Coast Guard published two warnings in which the cyber security problem on commercial sea vessels, victims of viruses is emphasized. Several ships became the victims of a phishing of e-mail because of a set of vulnerabilities of the onboard systems.

Malefactors were represented as official bodies of the state control of the port of the USA and sent the malware intended for cracking of onboard computer systems. The coast guard warned concerned parties about the continuing attacks, but did not go into details and did not provide any copies or a hash files.

The US Coast Guard announced cyber attack to a computer system of one of courts

The second warning was sent after the incident which took place in February, 2019 during the international run. The vessel going to New York reported that it collided the serious cyber attack which affected a vehicle network of computers. The subsequent investigation made by the coast guard and other agencies showed that "though the malware considerably worsened functionality of an onboard system, main systems of management of court did not suffer". Nevertheless, the interdepartmental group of reaction found out that the vessel had no effective measures of cyber security because of what critical management systems were hackable.

According to the results of an incident the coast guard also issued recommendations about cyber security. They include segmentation of network and installation of antivirus software with timely updating. Considering the growing dependence of courts on electronic cartographic and navigation systems, their protection using proper measures of cyber security is as important as control of physical access to the ship or accomplishment of routine maintenance.[7]

The ministries of the USA cannot patch "holes" of which 10 years are known in the IT systems

In the computer networks of the different ministries of the USA vulnerabilities about which existence these ministries know ten years, but which are still not liquidated are detected. Recently submitted report of Subcommittee of the Senate on internal security and government affairs demonstrates to it. The report is made according to the results of the investigation lasting ten months writes The Hill[8].

During the investigation testing was undergone by the ministries of national security, health care and social services, transport, education, agriculture, housing construction and city development and also State Department (an analog of the MFA) and Management of social security.

What was found by check

Check showed that from the specified structures seven could not provide adequate personal data protection, and six — did not set necessary system patches against vulnerabilities in time. Eight ministries use legacy systems which any more are not supported by producers.

The ministries of national security, transport, agriculture, health care and social services still did not liquidate the vulnerabilities found more than ten years ago. In networks of Management of social security critical vulnerabilities through which it is possible to get access to personal data of more than 60 million Americans were detected.

The Ministry of Education as it became clear, since 2011 cannot close access to the networks for not authorized devices. Everything that it managed to make is to limit time of stay of such devices in network up to 90 seconds, but it is enough for attack commission.

According to the chairman of subcommittee senator Rob Portman, federal agencies in the USA are exposed to cyber attacks rather often: in only one 2017 35277 incidents were recorded. Senator emphasizes that against the background of such activity existence of vulnerabilities in networks is especially dangerous.

Swindlers in the USA earned millions, saving users from "the Russian hackers"

The user from the USA paid $136.6 thousand to the swindlers who managed to convince her that her computer was cracked by "the Russian hackers". RIA Novosti with reference to documents of federal court across the Southern federal district of New York reports about it [9].

As defendants Gunjit Malhotra, Gurjet Singh and Jas Pal living in the Area of Bronx are connected to the case. According to the indictment, from April, 2018 to February, 2019 they repeatedly spoke from the victim by phone, being represented by employees of technical support service. They over and over again convinced the user that on ee PC problems with network system security, the license of the computer company and network equipment are detected.

For a fee swindlers agreed "help" the victim to recover security and normal operation of the computer in the remote mode. In several weeks after that they called again and reported that the device again under the threat as it is periodically cracked by the Russian hackers.

The victim transferred a payment for "services" to accounts of two false companies. In total it made at least 18 payments: eight of them for the total amount of $66 thousand for benefit of Reussite Technologies company and ten more for the amount $71 thousand for benefit of NY IT Solutions Inc.

The USA attacked computer systems of Iran under the Trump's decree

On June 23, 2019 there was information that the president USA Donald Trump approved carrying out Ministry of Defence of the country cyber attacks on computer systems Iran used for management of missile launch. As a result a system was disconnected. The The Washington Post edition with reference to the informed sources in intelligence services reported about it.

According to the newspaper, the attack organized by employees of Cybernetic command of the USA on the computer systems controlled by the Iranian Islamic Revolutionary Guards Corps (IRGC) was performed on the night of June 21, and preparation for it was conducted for "weeks if not months". Process coordinated CIA of the USA and the staff of the Ministry of Defence specializing in the Middle East. The Pentagon suggested Donald Trump to perform this operation after the attack on two oil tankers attributed by Washington to Tehran in the Gulf of Oman.

The White House and US Cybercom (the state structure which is responsible for reflection of threats and performing transactions in a cyberspace) refused to comment on information of the edition.

File:Aquote1.png
Within the pursued policy and for the purpose of ensuring operational security we do not discuss cybertransactions, intelligence information or planning — the representative of the Pentagon Elissa Smith said.
File:Aquote2.png

Earlier this month the authorities of Iran declared liquidation of the cyberespionage network which is presumably unrolled by Central Intelligence Agency of the USA.[10]

The president Trump declared a state of emergency in a cyberspace of the USA

On May 16, 2019 it became known that the President USA Donald Trump declared a state of emergency in a cyberspace of the USA. The statement contains in the decree on security supply chains of information and communication technologies and services which was signed by the president.

In the decree Trump explains that, according to it, opponents of the USA increase creation and operation of vulnerabilities in the information and communication technologies and services used in the USA. And it is about those technologies and services where confidential information or which support digital economy and also critical infrastructure and the vital abnormal services is stored. Backdoors, Trump explains, are created for the purpose of implementation of cybercriminal actions, including economic and industrial espionage against the USA.

Opponents have an opportunity to be engaged in it because in the USA purchase and use of the technologies and services developed, made or delivered by the persons under control of jurisdictions of these opponents are not limited in any way. Current situation Trump characterizes as "unusual and extraordinary threat of national security, foreign policy and economy of the USA" and notes that it can have "potentially catastrophic effect".

The president notes importance of preserving of the open investment climate in ICT and the American economy in general, but stipulates that this openness should be in balance with "need to protect our country against critical threats of national security".

To toruses summed up the result of the aforesaid:

File:Aquote1.png
In the light of these researches I declare a state of emergency concerning this threat present.
Donald Trump, U.S. President
File:Aquote2.png

The decree gives to the federal U.S. Government authority to prohibit any American persons acquisition and use of the ICT equipment and services of a foreign origin if it creates risks for national security of the USA. Define what purchases are safe and what are not present, there will be a minister of trade, consulting with the Minister of Finance, the Secretary of State, the Minister of Defence, the Attorney-General, the minister of national security, the director of the national intelligence, the head of the Federal commission on communication and other heads of different departments and departments.

At the same time the minister of trade has the right to develop some measures capable to mitigate a risk degree of this or that purchase. In this case purchase it is possible to allow even if without these measures it would be prohibited. When and by what method it is necessary to stop purchases at this or that foreign company, the minister of trade solves too.

At the same time the director of the national intelligence is offered to continue assessment of threats for the USA which bears in themselves foreign ICT. The preliminary estimate should be complete within 40 days from the moment of signing of the decree. In cooperation with profile departments, the minister of national security should carry out the same assessment on what it is given 80 days. Afterwards such assessment will be annually have to made.

The American IT editions agree in opinion that the Trump's decree is directed first of all against purchases of telecommunication equipment at the Chinese Huawei. The U.S. President is known for the dislike for Huawei long ago — he at any opportunity accuses her of complicity to Iran, of shadowing citizens and officials of the USA for benefit of the government of China.

Earlier Trump officially prohibited all American officials to use gadgets of Huawei and in passing ZTE, and in November, 2018 urged the allied countries to refuse completely telecommunication equipment of Huawei, including base stations for 5G networks. In both cases it was motivated with a possibility of espionage for benefit of China, but in fact the appeal to refuse devices 5G of Huawei results from the aspiration of the USA to become the leader in the market of the equipment for networks of fifth generation.

Huawei repeatedly denied charges, and in addition responded to them with large-scale media company, having opened for journalists access to the campus and having allowed to interview the key founder Ren Zhengfei who usually keeps in the background.

Under pressure of the authorities large mobile operators of the USA, such AT&T as well as Verizon, refused sale smartphones of Huawei in the shops. Prohibition on use in the Huawei smartphones can become one of measures of the USA the American OS Google Android, but on this case the company has an alternative: it conducts active development of own platform Kirin OS which fact of existence Huawei confirmed on November 30, 2018.

At the beginning of December, 2018 at the request of the USA the authorities of Canada Meng Wanzhou, the daughter Chzhenfeya, on suspicion of violation of sanctions against Iran and theft of technologies of the American company T-Mobile delayed the chief financial officer of Huawei. Wanzhou was released on bail, China in reply delayed three citizens of Canada. This incident became the beginning of the next round of opposition of Huawei with the American government[11].

2018

NKTsKI: The USA and NATO cooperate with producers of the malware

Intelligence agencies of the USA and other countries of NATO actively support development of the malware. Moreover, production of malware are a multimillion business in which more than forty companies in the USA, Great Britain, France and so forth are involved. It on Tuesday, December 11, at a briefing was announced by the deputy head of the National coordination center for computer incidents (NKTsKI)[12].

Murashov gave nowadays nonexistent French company Vupen selling exploits to the U.S. National Security Agency as an example. After Vupen closing its founder moved to the USA and created the Zerodium company offering to researchers of security the huge amounts for vulnerabilities of zero day. During the performance Murashov provided relevant quotations of Zerodium. For example, vulnerabilities in iPhone cost up to $1.5 million, and in messengers Telegram Viber, WhatsApp and iMessage – to $500 thousand.

The deputy head of NKTsKI noted also need of conducting fight against production of the malware at the global level and first of all in the legal plane. According to the expert, prohibition on development of malwares "practically everywhere" is absent.

NATO will start the cybercommand center

On October 18, 2018 there was information that the North Atlantic alliance intends to start the cybercommand center capable to constrain and perform cyber attacks. It is supposed that the structure will be fully completed and functional in 2023, transfers the Euractiv edition.

According to a resource, the staff of the center of cyberoperations in the Belgian Mons will consist of 70 experts who by 2023 will obtain military intelligence information and information in real time.

File:Aquote1.png
Our ultimate goal — completely to realize our cyberspace, to constantly understand a status of our networks that command could rely on them — the head of cyber security in communication NATO agency and information Ian West said.
File:Aquote2.png

Earlier the NATO Secretary General Jens Stoltenberg allowed a possibility of application by the countries of the North Atlantic alliance of Article 5 about collective defense in case of serious cyber attacks from Russia. [13]

The agency of national security of the USA looks for information on espionage microchips from the People's Republic of China

On October 11, 2018 it became known that the National Security Agency (NSA) of the USA conducts search of witnesses who could confirm information on installation of the Chinese espionage microchips on servers of the American companies. The Bloomberg agency with reference to the expert of the NSA Rob Joyce reported about it. Read more here.

China spied on Apple and Amazon via chips in the equipment

At the beginning of October, 2018 it became known that China spied on Apple, Amazon and other technology companies, installing special chips in the equipment used in data centers.

According to Bloomberg, the American authorities suspected China of secret use of chips for shadowing in 2015 and then began confidential investigation. Super Micro Computer could install these chips.

The Chinese hackers were convicted of theft of corporate information from servers of Apple, Amazon and other American companies

In 2015 Amazon purchased software developer for distribution of video content of Elemental Technologies to expand possibilities of the service of stream video playback of Amazon Prime Video. Though the main interest of Amazon in this transaction was not connected with government contracts of Elemental, they added the corresponding business of Amazon Web Services (AWS) within which, in particular, cloud services of CIA are provided.

For careful check of safety of purchase of Elemental the Amazon company employed third-party firm. In the fixed interest of Amazon there were expensive servers which the startup used in the networks for video compression. In these servers which for Elemental were made by Super Micro Computer foreign tiny microchips by the size less rice grain were detected — their use was not provided by the engineering design.

Notified by Amazon on it the American authorities, and those strongly began to worry, the Elemental servers were installed in data centers of the Ministry of Defence, were used during the operations with UAVs performed by CIA and also on VTR warships. Elemental was one of hundreds of clients of Super Micro Computer.

In three years of investigation which continues by the beginning of October, 2018 it became clear that the chips implemented in a computer hardware allowed to create "an invisible door in any network", allowing including to make changes to operation of the equipment.

According to the informed interlocutors of Bloomberg, espionage chips were integrated at the enterprises belonging to production subcontractors in China.

17 people, including 6 operating and former high-ranking employees of services of national security, confirmed to the edition the fact of manipulations with Super Micro Computer component parts and other elements of the attack.

The news agency notes that this attack is much more serious in comparison with cracking of program systems to which in the world already got used. It is difficult to eliminate hacker penetration via the equipment, and it can be more destructive as provides the long-term hidden access to systems. Prospecting bodies are ready to invest millions of dollars in such technologies many years.

According to the edition, Apple removed from the data centers the Super Micro servers in 2015 right after it became known of date leak. In the 2016th the contract between the companies was completely terminated.

Afterwards several additional investigations by the American governmental bodies were made. Affirms as the publication that no data of users were stolen within that expected hacker campaign.

Washington suspects Beijing of mass espionage using the equipment made by the Chinese companies long ago. The majority of electronic components is manufactured in the People's Republic of China. Theft of intellectual property became one of arguments of the U.S. President Donald Trump at introduction of new duties on commodity importation from China.

The fact of espionage was said also by the Vice President of the United States Mike Pence in the speech at Hudson's Institute. He noted that intervention of Russia in affairs of the USA "fades as compared does China".[14]

The USA permited themselves preventive cyber attacks against Russia, China and own allies

US military men received expanded powers for carrying out "preventive" cyber attacks. It follows from the document under the name "Kiberstrategiya" published in September, 2018 by the U.S. Department of Defense[15].

New strategy allows use of cyber attacks from the American military for "violation or blocking of harmful cyberactivity at its source, including activity which is lower than the level of armed conflict".

The strategy signed by the Minister of Defence James Mattis also means "creation of more lethal force", i.e., formations of the hackers capable to strike pre-emptive strikes to infrastructure of the conditional opponent.

In the document makes a reservation that preventive strikes will be struck for prevention of cyber attacks to a critical infrastuktura of the USA, including systems for vote and power network. By new rules military hackers will have the right to work at own discretion; earlier to start active actions in a cyberspace approval from National council of security at the U.S. President would be required. Now conducting "preventive cyber attacks" will require neither permission of the Security council, nor approval of the Agency of national security.

The Pentagon called the Russian Federation and China the main threats of cyber security of the USA

The Pentagon published[16] in September, 2018 new strategy for cyber security, in which called Russia, China, North Korea and Iran the main threats to the interests of the USA[17]. As noted in the document, the USA faces "inevitable and unacceptable threats" in the form of "harmful cybercriminal activity".

"the USA was involved in long strategic rivalry with the Russian Federation and China. Russia used information transactions in a cyberspace to have an impact on our population and to throw down a challenge to our democratic processes", - it is specified in the document. China, according to the Pentagon, tried to steal confidential information from the American government and the companies from the private sector.

In addition to the Russian Federation and the People's Republic of China, North Korea and Iran which as consider in the Defense Ministry, try to use transactions in a cyberspace were among the main threats that "do much harm to the American citizens and the interests of the country".

Further the Pentagon intends beforehand "stop or stop harmful activity" and also create "more killing forces" including for counteraction to cybertransactions, is emphasized in the document.

The State Department of the USA published recommendations to Trump on gain of cyber security

On Thursday, May 31, Gosdepatament of the USA published[18] of the recommendation to the president Donald Trump on strengthening of cyber security. As noted in the accompanying statement of the Secretary of State Mike Pompeo, the recommendation emphasize importance of interaction of State Department and U.S. Government with foreign partners for fight against threats in a cyberspace[19].

In the document five main directions on ensuring cyber security which will pursue particular purposes are selected. In particular, main goals are: strengthening of stability in a cyber domain; identification and counteraction to cyber attacks and also search of their organizers; protection of freedom of the Internet and rights of its users; development of technical standards and protection of intellectual property.

The president is also recommended to create the mechanism according to which organizers and participants of cyber attacks will be made responsible. Besides, it is offered to develop a range of "fast, sensitive and transparent effects below a threshold of use of force" for violators. It is going to develop mechanisms of implementation of similar "effects". Also to the president recommend to build cooperation with the partner states for ensuring more effective response to cyberincidents.

Atlanta did not begin to pay the redemption to hackers and spent $3 million after cyber attack

On April 23, 2018 it became known that the authorities of the American city of Atlanta spent $3 million for recovery of IT systems after cyber attack though could pay much less.

According to the SlashGear portal, Atlanta underwent the powerful attack for the purpose of redemption racketing as a result of which especially important IT systems suffered. Hackers demanded the redemption in bitcoins for the amount, equivalent $51 thousand, but the city refused to pay. Instead officials spent recovery IT infrastructures much more after cyberattack.

The Atlas refused to pay $51 thousand to hackers racketeers and spent $3 million for recovery of IT systems after cyber attack

The attack happened on March 22, 2018 therefore the set of authorities and officials lost access to the systems containing digital data, e-mails, etc. Why the city administration did not want to pay the redemption, is not reported.

Sometimes in attempts of racketing hackers increase the redemption size after initial payment is made. Perhaps, officials assumed that criminals will increase the amount of compensation.

However some taxpayers are dissatisfied that Atlanta eventually paid millions of dollars for the solution of this problem. According to the data published on the website of the government of Atlanta, officials paid large amounts of money to several contractors, including SecureWorks and Pioneer Technology Group.

As a result of the power of Atlanta spent more than $2.5 million for the solution of this problem.

The attacks for the purpose of racketing of the redemption become more and more widespread and can affect the small and large companies. Some companies concede to requirements and pay the required amount then the malware is disconnected. For example, at the beginning of 2016 the Californian hospital paid bitcoin redemption for recovery of the IT systems after as a result of negotiations the amount of the redemption was reduced approximately to $17 thousand[20]

The USA already actively prepares for possible cyberstrike against the DPRK

The last half a year the U.S. Government conducts active preparation for possible cyberstrike against the DPRK. According to the Foreign Policy edition with reference to the informed sources, between the intelligence agencies responsible for espionage and a cyber war, this fight[21] burst[22].

According to one of sources, the first blow to the DPRK will be struck more likely using digital, but not physical weapon. "The first shot will be made in a cyberspace", – quotes the edition of the former head of one of intelligence agencies.

Due to the nuclear threat posed by North Korea within the last six months the U.S. Government conducts confidential preparation for possible cyberblow to it from South Korea and Japan. Preparation assumes installation in the territory of these countries of fiber optic cables and bridges, setup of remote bases and stations for interception of communications using which hackers will be able to get access to the North Korean Internet isolated from the rest of the world.

According to sources, now the attention of intelligence agencies was entirely displaced towards the DPRK. The government invests billions of dollars in creation of technical infrastructure and training of specialists for cyber attacks to North Korea. Also the analysts specializing in these or those regions are reassigned. "If your specialization – Africa, was not lucky you", – noted one of sources.

Preparation for cyberstrike against the DPRK also assumes return to service from a stock of analysts of military investigation. For the last several months the American government also opened vacancies to a position of analysts with knowledge of Korean.

2017

Program of the Pentagon for remuneration of hackers for detection of vulnerabilities

In November, 2017 it became known of carrying out the extensive program of encouragement of hackers by the U.S. Department of Defense (DoD) for detection of holes in security systems of government agencies. About $300 thousand were paid for the instruction on thousands of vulnerabilities in total.

The Pentagon paid $300 thousand to hackers for the instruction on thousands of vulnerabilities

In June, 2015 information that the office of Personnel management underwent the serious hacker attack therefore these 4 million people fell of malefactors into hands appeared. After this incident and several other similar American Ministry of Defence began to investigate a possibility of encouragement of third-party specialists for detection of vulnerabilities.

The first program under the name Hack the Pentagon ("Crack the Pentagon") passed from April 18 to May 12, 2016. For this period 138 unique and legal reports on holes in a security system were submitted that led to the total amount of payments in the amount of $75 thousand with dispersion of individual encouragement from $100 to $15 thousand. Several months later — in November, 2016 — the Pentagon also started the Hack the Army program ("Crack army") to find problems with the websites facilitating acceptance in army then, in May, 2017 — Hack the Air Force ("Crack the Air Force") for the purpose of protection of the online assets belonging to other type of military forces. Total amount of payments in these programs grew approximately to $300 thousand.

These measures limited on terms were followed by the open program which received the name "Policy of Disclosure of Vulnerabilities" (Vulnerabilities Disclosure Policy, VDP). The program does not provide remuneration for detection of problems in a security system, but offers not the available earlier legal method allowing individuals to note problems with the public websites and web applications. Within a year of 650 people reported in total about 3 thousand vulnerabilities.

File:Aquote1.png
VDP just really sharply started and began to present value in that form which nobody could assume when we started the program — Alex Rice the technical director of HackerOne — the company jointly working with the U.S. Department of Defense over the program reported the Wired edition. — It was assimilation something new. The Ministry of Defence understood it... if someone still worked on identification of problems in the system of cyber security, they had no legal channel to deliver it to the government.
File:Aquote2.png

According to the website HackerOne, the Pentagon could create the infrastructure allowing to solve these problems rather quickly in comparison with private companies which in the past started similar programs.[23]

FBI blindly cracked computers in Russia

According to promulgated court documents, FBI regularly cracked devices abroad within standard criminal investigations. During the investigation of case of the website Playpen extending a child pornography in 2015 FBI cracked devices in Russia, China, Iran and other countries, reports the The Daily Beast edition. Hacker operation with use of the malware was performed in the Deep web (a shadow part of the Internet). Visitors of Playpen visited the website through Tor therefore their real IP addresses were hidden, and law enforcement authorities initially did not know true location of those whom they cracked.

The U.S. State Department will close department of cyber security

On July 20 it became known that in U.S. State Department the division which was engaged in coordination of questions of cyber security at the international level will be closed, writes the Bloomberg edition with reference to the anonymous sources familiar with a situation.[24]

As noted, liquidation of division is a part of the reorganization of State Department implemented by the Secretary of State Rex Tillerson. The reorganization purposes, in turn, are called the exception of duplication of the functions performed by similar departments of a special purpose and regional departments and also reduction of the budget for 30% according to intention of the president Donald Trump. Trump considers excessive expenditure for foreign affairs manifestation of "mentality of Cold War", Bloomberg writes. Instead he intends to focus on state security and fight against terrorism.

Photo: 24smi.org

The so-called Office of the coordinator on cyberquestions was created in State Department in 2011 at the president Barack Obama. The office will stop existing as independent department and other division of State Department is integrated into Bureau for economy and business. As the result, the cyberquestions coordinator will not report directly to the Secretary of State — all reports will be sent "upward" on a chain of Bureau of economy. The current coordinator Christopher Painter will leave the post until the end of a month.

According to a source of Bloomberg in State Department, new provision will strengthen positions of the coordinator on cyberquestions. Besides, in new department he will be able to get advice, necessary for work, on policy.

The judge of the Supreme Court herself transferred to Internet thieves $1 million

At the beginning of June, 2017 the judge of the American Supreme Court Lori Sattler lost more than $1 million, having fallen a victim of the Internet swindler who deceived it by means of e-mail.

According to Bleeping Computer with reference to the New York edition Daily News, the judge received the letter by e-mail from a certain person who was called her real estate lawyer. Issuing itself for the lawyer, the swindler convinced the 51-year-old woman to transfer into his bank account a lump sum — $1,057,500.

The judge of the American Supreme Court lost more than $1 million, having fallen a victim of the Internet swindler

Having received money, the swindler right there transferred them to the Chinese bank Commerce Bank of China. Further parts it is not announced.

The malefactor, most likely, knew that the judge buys the new apartment instead of old and corresponds about it with the lawyer who is engaged in execution of the transaction on real estate acquisition.

The letter from the swindler came on June 7, however the woman contacted police only nearly 10 days later — on June 16.

The press secretary of Management of judicial administration Lucian Chalfen confirmed that the judge really fell a victim of crime, but refused comments, having referred to unfinished investigation.[25]

The edition notes that for the last several days it is the second notorious incident in the USA connected with Internet fraud.

Earlier the Mail Tribune edition announced a similar case in Oregon as a result of which the American university Southern Oregon University lost more than $1.9 million.

Administration of educational institution also misled by e-mail. The university believed that transfer money to the contractor for works in the new recreational center for students, however in practice it turned out that means were sent to the unknown malefactors issuing themselves for representatives of Andersen Construction construction company.[26]

Donald Trump's decree on strengthening of cyber security

At the end of January, 2017 the president USA Donald Trump unexpectedly postponed indefinitely signing of the decree devoted cyber security. The draft copy of this decree got to media and was very widely discussed in the press, however for not a really obvious reason its signing did not take place yet. Explanations from the White House did not follow yet.[27]

Representatives of presidential administration shortly before expected signing of the decree briefly informed media of its contents. Comprehensive gain of cyber defense of public institutions was the general principle of the decree. Assignment of all completeness of responsibility for penetration of hackers into infrastructure of federal structures, the agencies and the ministries on heads of these organizations became one of key points.

Donald Trump

For the beginning of 2017 each federal institution itself is responsible for the cyber security owing to what at each organization — own regulations and practice of work with IT.

The Department of Homeland Security lobbied transfer to the maintaining all aspects of cyber defense of federal institutions while Trump, according to the draft version of the decree, was going to transfer it to the jurisdiction of Administrative and budget management at the U.S. President.

The decree also assumed that all government organizations will be obliged to take of "optimal approaches of the private sector" as for protection of information infrastructure advantage.

According to some data the president Donald Trump decided at first "listen to opinions of those who have ideas". The note transferred to the president's press secretary directly during the press briefing devoted to cancelled signing of the decree demonstrates to it.

It should be added that the large-scale assessment of shared state of cyber security of government structures in the USA was not carried out yet, but there are all bases to believe that a situation with it unimportant.

File:Aquote1.png
Any large-scale information systems without fail require regular audit, especially governmental — Dmitry Gvozdev, the CEO of Security reference monitor company says. — Large information infrastructures - that in the industry that in the government organizations, - usually do not appear suddenly: as a rule, they expand for a long time, becoming harder and harder in structural terms, and, respectively, more and more vulnerable and less managed. Great Britain announced the beginning of the program of comprehensive audit of cybersecurity of the government agencies recently, and, by and large, the governments of all countries with in the slightest degree the developed information infrastructure do not need to follow the example.
File:Aquote2.png

Donald Trump signed the decree on strengthening of cyber security


On May 15, 2017 the U.S. President Donald Trump signed the decree on strengthening of cyber security of the federal government and protection of critical infrastructure of the country against cyber attacks yesterday. The Reuters agency with reference to the senior representative of administration reported about it.

The agency notes that the document is signed against the background of a hot discussion in the American society concerning possible intervention of Russia in a presidential campaign of 2016 when hackers allegedly cracked the mail server of Democratic party.

However, as the adviser to the U.S. President for internal security Tom Bossert said at a briefing, the Trump's decree on measures in the field of cyber security is connected not with actions of Russia, and with needs of the USA. According to Bossert, the document meets the imminent needs of containment policy for a cyberspace long ago, and Russia — not the only opponent of the USA in the Internet.

"Russians are not only who behaves on the Internet negatively. Russia, China, Iran, other countries are interested in use of cyberopportunities to attack our people, our government and its data" — Bossert said.

The American marines gather in staff of 3000 experts in a cyber war

The US Marine Corps wants to expand the cyberdivision, having increased staff number by three thousand people. In more detail - Marines of the USA.

2016

Zecurion: In the USA the most developed cybertroops in the world

Russia can enter in top-5 the countries with the most developed cybertroops — specialized divisions on cyber security for the military or prospecting purposes. These researches Zecurion Analytics which are brought by Kommersant[28] demonstrate to it [29][30].

So, according to data of a research, the most developed cybertroops in the world the USA has now. According to analysts, public financing of this direction in the States can make about $7 billion a year, and the number of the hackers cooperating with the state — 9 thousand people.

Exact digits in the company refused to open, however, according to the interlocutor of the edition on information security market, expenses of Russia on cybertroops make about $300 million a year, and the number of the Russian special forces is about 1 thousand people.

On the second place in Zecurion delivered China where financing of this direction can make $1.5 billion a year, and the cyberarmy is estimated as the most numerous, up to 20 thousand people.

The three of the countries where special forces on cyber security are most developed, Great Britain selecting to the cybertroops consisting of 2 thousand people, $450 million a year closes. On the fourth place South Korea with the budget of $400 million a year and structure in 700 hackers.

The American hackers against Turkey

While the Russian hackers allegedly break an electoral system of the West, the Minister of Energy and Natural Resources of Turkey Berat Albayrak announced in the end of the year the intensive hacker attacks which are conducted presumably from the territory of the USA[31].

"These attacks were carried out systematically on different objects of the Ministry of Energy, but we reflected them all" — the head of department noted. Thus Albayrak explained the become frequent interruptions in power supply.

It is not the first time when Turkey accuses of cyberintervention of the USA. So, in July, 2016 after attempt of a military coup in the country the state agency of information of Turkey Anadolu stated that its servers underwent the attack at the time of the publication of statements of the authorities of the country.

The American hackers, according to the Turkish side, tried to break normal work of web services of the agency with the subsequent removal from a system of all system.

Visualization of archive of correspondence of Hillary Clinton

On December 20, 2016 the analytical center InfoWatch announced completion of data analysis from archive of personal correspondence of the U.S. presidential candidate on elections of 2016 from Democratic party Hillary Clinton published in open sources of the Internet.

You look in more detail - DLP: loud information leaks

The USA will use Internet of Things for total shadowing users

In the future intelligence services USA will be able to use Internet of Things Internet of Things IoT (—) for identification and position fix of people and also for observation of their actions and movements and also for gaining access to computer networks and credentials of users. It to the commission of the U.S. Senate within the report on national threats was told by the director of the National intelligence of the USA James Clapper[32].

At the beginning of February, 2016 researchers from the Berkmansky center of studying of the Internet and society at the Harvard law school came to a conclusion that development of Internet of Things will have an adverse effect on personal privacy. According to them, growth of quantity of signals using which devices will exchange with each other data eventually will lead to the fact that technologies of enciphering will not play so important role for intelligence services any more as now.

"Right" of the attack of FBI to any computer in the world

In April, 2016 the U.S. Supreme Court approved amendments in the legislation under which the American courts will be able to issue to investigating bodies, in particular FBI, sanctions for access to any computers including located behind borders of the USA. On the order of the judge operating earlier could issue sanctions only for access to the computers located in their jurisdiction.[33]. For more details see FBI.

2015

The USA will raise expenses on cyber security by $1 billion

The draft budget of the USA for 2016 provided by the U.S. President Barack Obama Kongressu includes $14 billion for cyber security that is $1 billion more, than is put for 2015 and was in the last several years,[34] writes[35].

The budget was increased after carrying out a series of well planned hacker attacks, including an attack to Sony corporation which, according to the American officials, was organized by North Korea. According to the U.S. Department of Homeland Security, in 2014 about 56 thousand cyber attacks only to computer networks of federal authorities and the system of utility companies were made.

"Hackers attack the private sector, critical infrastructure and the federal government. Any sector, any network and any system is not immune if someone will wish to take control of commercial or state secrets" — say in the White House.

the U.S. Department of Homeland Security intends to direct $480 million from the budget for cyber security to the initiatives intended for protection against the hacker attacks of personal computers of officials. A part of the specified means will go for improvement of the Einstein system intended for protection against penetration into networks of the ministries and departments. The National Cyber Security Division of the USA is engaged in management of this system.

Department is going to spend other $100 million for purchase hardware, the software and services necessary for continuous support of networks of federal authorities.

About $230 million, according to the draft budget, in 2016 are going to be spent for construction of the Civilian Cyber Campus center in the suburb of Washington. There will be government employees and hired employees here, they will be engaged in monitoring of threats and reflection of the attacks on civil objects.

Principles of safety of Obama:

  • the principle of separation — the government and business should work on ensuring cyber security together, information exchange should be adjusted;
  • focus on strengths — business strengthens the protection and develops technologies, the state provides standards and their universal implementation;
  • focus on privacy — security and respect of private life;
  • a cyber security framework — monitoring of cyberthreats 24/7, data collection, development of counteraction;
  • standards on informing users on plunder of their personal data;
  • users should know what their personal information gathers and as it will be used;
  • creation of the joint center of fight against cyberthreats — the companies should direct information on the attacks and be divided practices by counteraction;
  • information exchange hubs for data acquisition acceleration;
  • creation of committee on cyber security;
  • investments into biometric identification.

Creation of Information Security Center (CTIIC)

U.S. authorities created the new agency in the field of information security — Cyber Threat Intelligence Integration Center (CTIIC) which became a part of Management of the director of the National intelligence of the USA reports Washington Post[36].

The agency will be engaged in the analysis of external cyberthreats and coordination of response of different authorities. Initially the staff of CTIIC will consist of 50 employees. The budget of the agency will make $35 million, the newspaper writes.

"CTIIC will become "the prospecting center which "together will connect" different external attacks to the state and will inform the relevant ministries and the agencies on these attacks in real time" — reported to Reuters agency a source in authorities. "Now in the USA there is no agency performing these functions" — he added.

The departments which are engaged in monitoring and a research of the hacker attacks are in many federal structures of the USA, including National Security Agency, the U.S. Department of Homeland Security, FBI and CIA. The White House tries to integrate all these commands and to create "the uniform button of alarm for all American government", Shawn Henry, the president of CrowdStrike explained.

As notes Washington Post, creation of the new agency was about to happen in recent years as the USA began to face the attacks from other states (the newspaper among them mentions Russia and China). At the same time a recent attack to Sony Pictures strengthened this idea and forced the authorities to accelerate project implementation. Let's remind that as a result of the attack in November, 2014 on the Internet there were several movies planned to rolling and personal data of staff of the company. The USA accused North Korea of the attack.

Expenses of the USA on cyber security

In February, 2015 the U.S. President Barack Obama entered to the draft budget for 2016 increase by $1 billion the public expenditures for cyber security to $14 billion that will make about 16% of all IT budget of the country ($86 billion for 2016). For comparison, the corporate sector spends about 4% of the budget for the same purposes.

As now writes Reuters, the actual increase in expenses of the USA at cyber security in 2016 can be more considerable. The agency does not specify what it, but writes that work in this direction is conducted.

The Ministry of internal security intends to direct about $480 million from the budget for cyber security to the initiatives intended for protection against the hacker attacks of personal computers of officials. A part of the specified means will go for improvement of the Einstein system intended for protection against penetration into networks of the ministries and departments. The National Cyber Security Division of the USA is engaged in management of this system.

Department is going to spend other $100 million for purchase hardware, the software and services necessary for continuous support of networks of federal authorities.

About $230 million, according to the draft budget, in 2016 are going to be spent for construction of the center in the suburb of Washington. In it government employees and hired employees who will be engaged in monitoring of threats and reflection of the attacks on civil objects will work.

It is offered to Pentagon to select about $5.5 billion in the draft budget. The Ministry of Defence will receive these means for security of military communications and computers, including on a software update and release of regular patches.

2013

A third of the hacker attacks against China is made by Americans

A third of the hacker attacks on the Chinese websites and computers in 2013 was performed from the USA, follows from the report of the national agency of Internet security of China.

The number of the hacker attacks on the Chinese websites and computers performed from abroad for 2013 grew by 62%. About 11 million computers passed under control of foreign servers, 61 thousand websites were cracked by foreign hackers, reports the agency.

Generally the attacks were made by malefactors from the USA, South Korea and Hong Kong. In China important information systems are regularly endangered, and all security system of the country is under the threat, declares the agency.

In March, 2014 the The New York Times newspaper published article based on Edward Snowden's information about the espionage of the American services which is conducted since 2007 against the Chinese producer of telecommunication equipment Huawei. The USA rejected charges of espionage.

2012: An attack on computers of electoral commission during the election of the president of the USA

In 2012 during the presidential elections in America the set of viruses got into the equipment for counting of votes. Confiscation of all infected computers became result.

2011: Attacks to 760 American organizations

In 2011 announced 760 American organizations among which consulting and auditing company PriceWaterhouseCoopers, banks Wells Fargo and Citigroup, online store Amazon, IT giant the hacker attacks IBM Intel Yahoo Cisco Google, Facebook and Microsoft.

For all years of existence of a global network from actions of hackers of the USA lost $400 billion.

Barack Obama's administration seriously puts the clamps in war with botnets, in particular, for neutralization of the infected PC networks assuming to cooperate with private companies. According to Howard Schmidt data responsible on a cyber of security of the White House, one of ten Americans has a malicious code on the PC or the mobile device.

Addressing audience from officials and representatives of business, the secretary of Department of national security of the USA Janet Napolitano provided a cyber crime as "the greatest threat", not smaller, than "Al-Qaeda and activity of the related groups represents".

Referring to data of Symantec, Napolitano designated a world annual turnover a crime cyber at the level of $388 billion: it is more, than an annual turnover of the world market of heroin, cocaine and marijuana combined. "I consider these estimates conservative as they is based only on that information which Natsbez has", - she added.

The White House considers botnets as "heavy artillery a cyber of criminals". And any attempts of fight against botnets as roads, and require serious coordination of actions between a number of concerned parties, including producers of antiviruses and vendors of operating systems, such as Apple and Microsoft.

Natsbez's secretary of the USA Janet Napolitano said that the kiberpreustupnost is not less terrible, than terrorism, and already now network malefactors around the world earn more, than drug dealers

It is not surprising that in the industry ranks of volunteers on fight about a bot networks spread. So, at the end of 2011 a number of trade and non-profit organizations founded alliance Industry Botnet Group. Earlier in March, 2011 other task force under the name Communications Security, Reliability and Interoperability Council (CSRIC) which is engaged in providing consultations of the Federal communication commission of the USA released "The code against botnets for service providers of the USA" (U.S. Anti-Bot Code of Conduct for Internet Service Providers).

Michael O'Reirdan who heads one of the working groups CSRIC and also the Messaging Anti-Abuse Working Group (MAAWG) organization, said that the purpose of a release of such code consisted in inducing the service providers to problem solving connected about a bot networks. Providers can set this code on a voluntary basis, it is technology neutral.

Industry Botnet Group and Administration of U.S. President also jointly prepared nine fundamental principles of fight against botnets. In other, at the moment they have rather general formulations ("separate responsibility"", "approach solution globally", "train users", "advance innovations" and so on). No specific examples of their embodiment are provided yet.

2004: Chinese attack Lockheed Martin

In 2004 in network of one of the enterprises of defense concern Lockheed Martin the Chinese hackers broke through the system of protection of computers, left a set of marks of the stay in a type of trojans and backdoors. Still it is not clear whether hackers managed to copy important data, but a part of data of the company was strongly damaged.

Hackers and a computer network of the American Ministry of Defence which system administrators did not even notice that malefactors have already 2 years free access to valuable information did not ignore. The U.S. Government accused of the hacker attack of the Russian programmers, but the Official Kremlin disproved this charge.

See Also





Notes

  1. North Korean hackers attacked the military sector of the USA
  2. [https://www.securitylab.ru/news/510543.php by Fancy Bear
  3. attacks critical infrastructure of the USA]
  4. [https://www.securitylab.ru/news/509377.php the USA
  5. do not want to lay a communication wire with China because of cyber espionage threat]
  6. Medium and small business in the USA does not believe in gravity of cyberthreats
  7. Coast Guard warns about malware designed to disrupt ships' computer systems
  8. of the Ministry of the USA cannot patch "holes" of which 10 years are known in the IT systems
  9. Swindlers in the USA earned millions, saving users from "the Russian hackers"
  10. The USA attacked computer systems of Iran under the Trump's decree
  11. Trump declared a state of emergency in a cyberspace of the USA
  12. Nikolay Murashov NKTSKI: The USA and NATO cooperate with producers of the malware
  13. [https://www.securitylab.ru/news/496003.php of NATO will start the new cybercommand center Learn more: https://www.securitylab.ru/news/496003.php]
  14. The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
  15. of CNews: The USA permited themselves preventive cyber attacks against Russia, China and own allies
  16. SUMMARY DEPARTMENT OF DEFENSE CYBER STRATEGY 2018
  17. , the Pentagon called the Russian Federation and China the main threats of cyber security of the USA
  18. Recommendations to the President on Securing America's Cyber Interests and Deterring Cyber Threats Through International Engagement
  19. the State Department of the USA published recommendations to Trump on gain of cyber security
  20. Atlanta paid nearly of $3m by to recover from ransomware attack
  21. [https://www.securitylab.ru/news/491614.php of the USA already
  22. half a year actively prepare for possible cyberstrike against the DPRK]
  23. The Department of Defense’s Bug Bounty Program Has Flagged Thousands of Vulnerabilities
  24. Trump closes department of cyber security in State Department: Too expensive and boringly
  25. State Supreme Court judge loses over of $1 M in real estate email scam
  26. NY Supreme Court Judge Loses Over of $1 Million in Email Scam
  27. Big changes in Trump's cybersecurity executive order
  28. [http://www.kommersant.ru/doc/3187320 Into the Internet
  29. entered cybertroops]
  30. Analysts called Russia among five countries with the best cybertroops
  31. Hackers from the USA attack Turkey, and Russians crack OSCE and Germany
  32. of CNews: The USA will use Internet of Things for total shadowing users
  33. The U.S. Supreme Court permitted sanctions for access to any computer in the world
  34. [http://safe.cnews.ru/top/2015/02/04/ssha_podnimut_na_1_mlrd_rashody_na_kiberbezopasnost_592370 Washington Times CNews
  35.  : The USA will raise expenses on cyber security by $1 billion]
  36. of CNews: Russia, China and North Korea forced the USA to create state department on cyberthreats