Arizona man gets 20 months in prison for emergency system DDoS attacks

Denial of service attacks are serious by themselves, but doubly so when they target vital systems… and one perpetrator is finding that out first-hand. A court has sentenced Arizona resident Randall Charles Tucker (who nicknamed himself the "Bitcoi…

Pondering an IPO, cyber security company CrowdStrike raises $200 million at over $3 billion valuation

CrowdStrike, the developer of a security technology that looks at changes in user behavior on networked devices and uses that information to identify potential cyber threats, has reached a $3 billion valuation on the back of a new $200 million round of funding.

The company’s hosted endpoint security technology has seen tremendous adoption worldwide and its popularity was able to win the attention of General Atlantic, Accel, and IVP which co-led the company’s latest round. Previous investors March Capital and CapitalG both participated in the company’s new financing.

For companies seeing the number of devices that are accessing their corporate networks proliferate rapidly, the CrowdStrike hosted security technology is one of several potential fixes to what’s becoming a significant problem.

For CrowdStrike that’s meant doubling revenues and headcount and winnin contracts with over 16% of the Fortune 1000 companies and 20% of companies in the Fortune 500.

The company claims that its software processes over 100 billion “security events” a day and its automated threat detection service makes 2.3 million decisions each second.

The company has a $1 million warranty offer on its EPP Complete solution.

Other security companies like Cylance and Carbon Black have raised hundreds of millions for similar technologies. Indeed, the security market remains hotly contested in part because no technology has yet come up with a silver bullet for cyber attacks even as the number of attacks continue to proliferate.

Many chief security officers at big companies have mandates to only work with vendors that can replace at least three existing technologies that they’re already deploying, according to sources in the security industry.

In a blog post announcing the company’s new round, chief executive George Kurtz acknowledged the increasingly complex security environment that companies face, calling it “more global and dangerous” with lines blurring between “nation state and criminal adversaries”.

That’s why security companies like Cylance, Carbon Black and CrowdStriike have raised over $800 million between them. And why security remains such an attractive area for new venture investment.

Fraudster caught using OPM hack data from 2015

Way back in 2015, the US Office of Personnel Management (OPM) was electronically burgled, with hackers making off with 21.5 million records. That data included social security numbers, fingerprints, usernames, passwords and data from interviews condu…

Ex-CIA engineer charged in ‘Vault 7’ leak

Last month when we learned that Joshua Schulte still had not been charged for allegedly providing CIA hacking information to Wikileaks despite being in custody for months, his family said he was a "scapegoat" for the data bungle. Today he was charged…

Trump directs Pentagon to form a Space Force military branch

It looks like the US could have a sixth military branch sometime in the future, one focused entirely on space. President Trump said during a National Space Council meeting today that he has called for the development of a Space Force, CNBC reports. "…

Kaspersky pulls plug on Europol joint venture after EU parliament vote to ban its software

Fresh political woes for Russian security firm Kaspersky, which has reacted angrily to a vote in the European Union Parliament last week to ban its software — on the grounds that it has been “confirmed as malicious“.

Kaspersky denies this characterization of its software, saying it’s “untrue”.

It has also retaliated by pulling the plug on an existing collaboration with Europol, at least temporarily.

In a statement, a company spokesperson said: 

Today, the European Parliament voted on a report in which Polish representative, MEP Fotyga included an amendment referencing Kaspersky Lab which is based on untrue statements. Although this report has no legislative power it demonstrates a distinct lack of respect for the company which has been a firm friend of Europe in the fight against cybercrime. It is for that reason that Kaspersky Lab has taken the difficult decision to temporarily halt our numerous collaborative European cybercrime-fighting initiatives, including that with Europol, until we receive further official clarifications from the European Parliament .

On account of this news, we will regretfully have to pause one of our successful joint initiatives – NoMoreRansom project – recognised by the European Parliament Research Services as a successful case of public-private cooperation in their recent report – helped many organisations and users to decrypt files on their devices, saving them from financial losses. We hope to be able to resume this and other European collaborative efforts soon.

Founder Eugene Kaspersky added that the company has been “forced to freeze” its co-operation as a result of the parliament’s vote.

“This decision from the European Parliament welcomes cybercrime in Europe. I do not wish to do anything to further encourage the balkanization of the internet, but I feel that the decision taken in Europe leaves me with no choice but to take definitive action. Kaspersky Lab has only ever tried to rid the world of cybercrime. We have showed time and again that we disclose cyber threats regardless of origin and author, even to our own detriment. This is a setback for the fight against cyber threat, but we remain undeterred in our mission – to save the world from Cybercrime,” he also said in a statement.

The security firm has been battling controversy for around a year now, after the US government became suspicious of ties between the company and Russian intelligence agencies — and went on to ban its products for government use in September last year.

Kaspersky has continued to deny the allegations. But in May this year it announced it would be moving some of its core infrastructure outside Russia in a bid to combat suspicion that its software has been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.

It reiterates the steps it has been taking — “as a sign of our commitment to transparency and openness” — in its response to the EU parliament’s vote, but also lashes out, accusing the parliament of taking a decision that “encourages cybercrime in Europe”.

“We believe that is does not contribute towards building an open and secure Digital Single Market but rather make it more fragmented and less competitive,” it also writes.

Our 400 million users around the globe, trust us to protect their data. We will continue to successfully work with institutions and organisations to deliver a tangible positive impact by fighting cybercrime and defending European and global citizens from cyberthreats. Indeed, in April the European Commission officially stated that ‘the Commission has no indication for any danger associated with this anti-virus engine’.”

Despite its aggressive response to the EU parliament’s motion, the company adds that it remains “willing to meet with MEPs to address any questions about the business, its leadership, expertise, technologies and methodology that they may have”.

During the vote last week, the parliament also resolved to perform “a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous programmes and devices”.

F-Secure to buy MWR InfoSecurity for ~$106M+ to offer better threat hunting

The ongoing shift of emphasis in the cyber security industry from defensive, reactive actions towards pro-active detection and response has fueled veteran Finnish security company F-Secure’s acquisition of MWR InfoSecurity, announced today.

F-Secure is paying £80 million (€91,6M) in cash to purchase all outstanding shares in MWR InfoSecurity, funding the transaction with its own cash reserves and a five-year bank loan. In addition, the terms include an earn-out of a maximum of £25M (€28,6M) in cash to be paid after 18 months of the completion subject to the achievement of agreed business targets for the period from 1 July, 2018, until 31 December, 2019.

F-Secure says the acquisition will enable it to offer its customers access to the more offensive skillsets needed to combat targeted attacks — specialist capabilities that most companies are not likely to have in-house.

It points to detection and response solutions (EDR) and managed detection and response services (MDR) as one of the fastest growing market segments in the security space. And says the acquisition makes it the largest European single source of cyber security services and detection and response solutions, positioning it to cater to both mid-market companies and large enterprises globally.

“The acquisition brings MWR InfoSecurity’s industry-renowned technologies to F-Secure making our detection and response offering unrivaled,” said F-Secure CEO Samu Konttinen in a statement. “Their threat hunting platform (Countercept) is one of the most advanced in the market and is an excellent complement to our existing technologies.”

As well as having experts in-house skilled in offensive techniques, MWR InfoSecurity — a UK company that was founded in 2002 — is well known for its technical expertise and research.

And F-Secure says it expects learnings from major incident investigations and targeted attack simulations to provide insights that can be fed directly back into product creation, as well as be used to upgrade its offerings to reflect the latest security threats.

MWR InfoSecurity also has a suite of managed phishing protection services (phishd) which F-Secure also says will also enhance its offering.

The acquisition is expected to close in early July, and will add around 400 employees to F-Secure’s headcount. MWR InfoSecurity’s main offices are located in the UK, the US, South Africa and Singapore.

“I’m thrilled to welcome MWR InfoSecurity’s employees to F-Secure. With their vast experience and hundreds of experts performing cyber security services on four continents, we will have unparalleled visibility into real-life cyber attacks 24/7,” added Konttinen. “This enables us to detect indicators across an incredible breadth of attacks so we can protect our customers effectively. As most companies currently lack these capabilities, this represents a significant opportunity to accelerate F-Secure’s growth.”

“We’ve always relied on research-driven innovations executed by the best people and technology. This approach has earned MWR InfoSecurity the trust of some of the largest organizations in the world,” added MWR InfoSecurity CEO, Ian Shaw, who will be joining F-Secure’s leadership team after the transaction closes. “We see this approach thriving at F-Secure, and we look forward to working together so that we can break new ground in the cyber security industry.”

The companies will be holding a webcast to provide more detail on the news for investors and analysts later today, at 13:30 EEST.

Let’s hope Trump didn’t give Kim Jong Un the wrong ‘direct number’

President Trump's historic meeting with Kim Jong-Un may not have resulted in the complete de-nuclearization of the Korean Peninsula, but it did lead to a fascinating exchange in which the President claims to have given Kim a "very direct number" if t…