Information Security News
by Sean Gallagher
US intelligence agencies have been forthright in their insistence that the Russian government was behind not only the hacking of the Democratic National Committee (DNC) and other political organizations in the US, but a concerted effort to undermine confidence in the results of the US presidential election, including attacks on state election officials' systems. But the US is not the only country that the Russian government has apparently targeted for these sorts of operations—and the methods used in the DNC hack are being applied increasingly in attempts to influence German politics, Germany's chief of domestic intelligence warned yesterday.
In a press release issued on December 8, Germany's Bundesamt für Verfassungsshutz (BfV)—the country's domestic intelligence agency—warned of an ever-mounting wave of disinformation and hacking campaigns by Russia focused on increasing the strength of "extremist groups and parties" in Germany and destabilizing the German government. In addition to propaganda and disinformation campaigns launched through social media, the BfV noted an increased number of "spear phishing attacks against German political parties and parliamentary groups" using the same sort of malware used against the Democratic National Committee in the US.
The statement from the BfV came on the same day that Alex Younger, the chief of the United Kingdom's Secret Intelligence Service (MI6) made more veiled references to disinformation and hacking campaigns. In remarks Younger delivered at Vauxhall Cross, MI6 headquarters, he warned of the mounting risks posed by "hybrid warfare."
A former IT specialist at Expedia has admitted he used his privileged position to access executives' e-mails in an insider stock-trading scheme that netted almost $330,000 in illegal profits, prosecutors said.
During the two-year span that Jonathan Ly, 28, of San Francisco, worked at the online travel service, he accessed e-mail accounts belonging to the company's chief financial officer, head of investor relations, and other high-ranking employees, prosecutors with the US attorney's office in Seattle alleged in a criminal complaint filed late last week. The correspondence included upcoming earnings reports, a draft of an upcoming press release announcing Justice Department approval of Expedia's acquisition of competitor Orbitz, and other stock-moving developments that weren't yet public. Ly used the information to buy Expedia stock at a low price and then sell it after the disclosures went public at a much higher price.
"Beginning in 2013, and continuing through October 2015, Ly secretly and fraudulently accessed the contents of Expedia executives' computer files and corporate e-mail accounts in order to obtain material, non-public, and proprietary information belonging to Expedia without the knowledge and permission of the executives or Expedia," the complaint alleged. "Ly fraudulently obtained the information in order to execute a series of well-timed and lucrative securities trades in Expedia options. As a result of his scheme, Ly obtained through his securities trades net profits in excess of $331,000."