Science and Technology News

Saturday, September 22, 2018

Rhode Island Man Sentenced for Cyberstalking

Howard Bishop engaged in an endless pattern of abusive and threatening behavior toward a former girlfriend and her family, causing the woman to be taken into protective custody

PROVIDENCE, RI – A North Smithfield, R.I., man who repeatedly sent emails and text messages to a former girlfriend threatening, in specific and horrifying detail, to harm or kill her and her family was sentenced today to 41 months in federal prison on cyberstalking charges, announced United States Attorney Stephen G. Dambruch and Harold H. Shaw, Special Agent in Charge of the FBI Boston Division.

Howard S. Bishop, 39, was arrested in Rhode Island by FBI agents in January 2018, approximately four months after relocating from Texas to his family’s home in North Smithfield.

The threats from Bishop against his former girlfriend in Texas, and her family, were so severe that the woman was placed in FBI protective custody until Bishop was arrested. Her family hired around-the-clock armed security to guard their home.

At sentencing, U.S. District Court Chief Judge William E. Smith also ordered Bishop to serve 3 years supervised release upon completion of his term of incarceration. Bishop pleaded guilty in May to transmitting in interstate commerce communications containing threats to injure another person, and with harassing or intimidating another person, using an interactive computer service or electronic communication service, that placed a person in reasonable fear of death or serious bodily injury and caused substantial emotional distress.

The U.S. Sentencing Guidelines range of imprisonment in this matter is 33 – 41 months. The government recommended the Court impose a sentence of 41 months in prison.

According to court records, in February 2011, a former girlfriend of Bishop obtained a protective order against him in Travis County, TX, after their relationship ended. After the relationship ended, Bishop engaged in an endless pattern of abusive and threatening behavior towards the woman. In January 2012, Bishop was found guilty of violating the order and received a sentence of two years’ probation. In December 2017, a misdemeanor warrant was issued in Travis County for the arrest of Bishop for again violating the protective order.

According to court documents, beginning in November 2016, and continuing until his arrest in Rhode Island in January 2018, Bishop sent hundreds of harassing and threatening messages via the Internet to the former girlfriend and her family. They expressed extreme fear for their safety.

Bishop has been detained in federal custody since his arrest.

The case was prosecuted by Assistant U.S. Attorney Lee H. Vilker.

The matter was investigated by the FBI.

Friday, September 21, 2018

Hackers’ Cooperation with FBI Leads to Substantial Assistance in Other Complex Cybercrime Investigations

Defendants Responsible for Creating the “Mirai” and Clickfraud Botnets Continue to Assist FBI as Part of their Sentencing

Anchorage, Alaska – U.S. Attorney Bryan Schroder announced today that three defendants have been sentenced for their roles in creating and operating two botnets, which targeted “Internet of Things” (IoT) devices.  Paras Jha, 22, of Fanwood, New Jersey; Josiah White, 21, of Washington, Pennsylvania; and Dalton Norman, 22, of Metairie, Louisiana, were sentenced today by Chief U.S. District Judge Timothy M. Burgess.  On Dec. 8, 2017, Jha, White, and Norman pleaded guilty to criminal Informations in the District of Alaska charging them each with conspiracy to violate the Computer Fraud & Abuse Act in operating the Mirai Botnet.  Jha and Norman also pleaded guilty to two counts each of the same charge, one in relation to the Mirai botnet and the other in relation to the Clickfraud botnet.

After cooperating extensively with the FBI, Jha, White, and Norman were each sentenced to serve a five-year period of probation, 2,500 hours of community service, ordered to pay restitution in the amount of $127,000, and have voluntarily abandoned significant amounts of cryptocurrency seized during the course of the investigation.  As part of their sentences, Jha, White, and Norman must continue to cooperate with the FBI on cybercrime and cybersecurity matters, as well as continued cooperation with and assistance to law enforcement and the broader research community.  According to court documents, the defendants have provided assistance that substantially contributed to active complex cybercrime investigations as well as the broader defensive effort by law enforcement and the cybersecurity research community.

Jha, White, and Norman became subjects of a federal investigation when, in the summer and fall of 2016, they created a powerful botnet – a collection of computers infected with malicious software and controlled as a group without the knowledge or permission of the computers’ owners.  The Mirai Botnet targeted IoT devices – non-traditional computing devices that were connected to the Internet, including wireless cameras, routers, and digital video recorders.  The defendants attempted to discover both known and previously undisclosed vulnerabilities that allowed them to surreptitiously attain control over the victim devices for the purpose of forcing the devices to participate in the Mirai Botnet.  At its peak, Mirai consisted of hundreds of thousands of compromised devices.  The defendants used the botnet to conduct a number of powerful distributed denial-of-service, or “DDoS” attacks, which occur when multiple computers, acting in unison, flood the Internet connection of a targeted computer or computers.  The defendants’ involvement with the original Mirai variant ended in the fall of 2016, when Jha posted the source code for Mirai on a criminal forum. Since then, other criminal actors have used Mirai variants in a variety of other attacks.

Additionally, from December 2016 to February 2017, the defendants successfully infected over 100,000 primarily U.S.-based computing devices, such as home Internet routers, with malicious software.  That malware caused the hijacked home Internet routers and other devices to form a powerful botnet.  The victim devices were used primarily in advertising fraud, including “clickfraud,” a type of Internet-based scheme that makes it appear that a real user has “clicked” on an advertisement for the purpose of artificially generating revenue.

“Cybercrime is a worldwide epidemic that reaches many Alaskans,” said U.S. Attorney Bryan Schroder.  “The perpetrators count on being technologically one step ahead of law enforcement officials.  The plea agreement with the young offenders in this case was a unique opportunity for law enforcement officers, and will give FBI investigators the knowledge and tools they need to stay ahead of cyber criminals around the world.”

“The sentences announced today would not have been possible without the cooperation of our partners in international law enforcement and the private sector,” said Special Agent in Charge of FBI’s Anchorage Field Office, Jeffery Peterson.  “The FBI is committed to strengthening those relationships and finding innovative ways to counter cybercrime.  Cyber criminals often develop their technical skills at a young age.  This case demonstrates our commitment to hold criminals accountable while encouraging offenders to choose a different path to apply their skills.”

These cases were investigated by the FBI’s Anchorage Field Office.  The Mirai Botnet and Clickfraud Botnet cases were prosecuted by Assistant U.S. Attorney Adam Alexander of the District of Alaska and Trial Attorney C. Alden Pelker of the Computer Crime and Intellectual Property Section of the Justice Department’s Criminal Division.  Additional assistance was provided by the FBI’s Newark, New Orleans and Pittsburgh Field Offices, Homeland Security Investigations (HSI) Atlanta – Greenville South Carolina Office, the U.S. Attorneys’ Offices for the Eastern District of Louisiana and New Jersey, the United Kingdom’s National Crime Agency, the French General Directorate for Internal Security, the Police Service of Northern Ireland, the National Cyber-Forensics & Training Alliance, Palo Alto Networks Unit 42, Google, Cloudflare, Coinbase, Flashpoint, Oath, and Akamai.  Former Department of Justice prosecutors Ethan Arenson, Harold Chun, and Yvonne Lamoureux provided invaluable support during their tenure at DOJ. 

White House Releases First National Cyber Strategy in 15 Years

By Terri Moon Cronk, DoD News, Defense Media Activity

WASHINGTON -- The first new National Cyber Strategy in 15 years is built on four pillars: protecting the American people, the homeland and the American way of life; promoting American prosperity; preserving peace through strength; and advancing American influence.

“We cannot ignore the costs of malicious cyber activity — economic or otherwise — directed at America’s government, businesses and private individuals,” President Donald J. Trump said in a statement yesterday announcing the new strategy. “Guided by this [strategy], the federal government will be better equipped to protect the American people, the American homeland, and the American way of life.

“Through it,” he continued, “we will accomplish critical security objectives while supporting American prosperity, preserving peace through strength and advancing American influence. Informed by the strategy’s guidance, federal departments and agencies will more effectively execute their missions to make America cyber secure.”

DoD’s Role

The strategy highlights the critical and growing threat that malicious cyber actors pose to U.S. national security. “The Defense Department stands ready, as part of the synchronized whole-of-government approach articulated in the National Cyber Strategy, to preserve peace through strength by identifying, countering, disrupting, degrading and deterring behavior in cyberspace that is destabilizing and contrary to U.S. national interests,” DoD officials said in a statement, adding that the department's focus is on preserving U.S. superiority in cyberspace and defending forward to disrupt the activities of malicious cyber actors before they reach U.S. networks.

DoD also is strengthening its defensive posture through network hardening, improved cybersecurity and working with its international allies and partners, in addition to its Defense Industrial Base and Defense Critical Infrastructure partners to secure critical information and infrastructure, the Pentagon statement noted.

Protecting America’s Networks

Officials said the strategy will:

-- Protect American networks by securing federal networks and information and the nation’s critical infrastructure;

-- Combat cybercrime and improve incident reporting;

-- Promote American prosperity by fostering a vibrant and resilient digital economy;

-- Protect American ingenuity from threats such as intellectual property theft;

-- Develop a superior cybersecurity workforce through education and recruitment; and

-- Stand up to destabilizing behavior in cyberspace by promoting responsible behavior among nation states, working to ensure consequences exist for irresponsible cyber behavior, launching an international Cyber Deterrence Initiative and exposing and countering online malign influence and information campaigns.

The National Cyber Strategy will promote an open and secure internet by encouraging other nations to advance internet freedom and advance a multi-stakeholder model of internet governance, officials said, and also will promote open, interoperable, reliable and secure communications infrastructure in addition to opening overseas markets for American ingenuity and building international cyber capacity.

Protecting the People, Homeland, Way of Life

The strategy notes that pursuing the objectives of the first pillar will require the U.S. government, private industry and the public to take immediate and decisive actions to strengthen cybersecurity, with each working on securing the networks under their control and supporting each other as appropriate.

For the government’s part in that effort, the strategy says, the administration will act to further enable the Department of Homeland Security to secure federal department and agency networks, with the exception of national security systems and Defense Department and Intelligence Community systems.

The government also will align its risk-management and information technology technologies, improve risk management in the federal supply chain, strengthen federal contractor cybersecurity, and ensure the government leads in best and innovative practices.

Promoting American Prosperity

The strategy’s second pillar seeks to preserve U.S. influence in the technological ecosystem and the development of cyberspace as an open engine of economic growth, innovation and efficiency.

To enhance the resilience of cyberspace, the administration expects the technology marketplace to support and reward the continuous development, adoption and evolution of innovative security technologies and processes and will work across stakeholder groups, including the private sector and civil society, to promote best practices and develop strategies to overcome market barriers to the adoption of secure technologies.

Preserving Peace Through Strength

Challenges to U.S. security and economic interests from nation states and other groups, which have long existed in the offline world, are now increasingly occurring in cyberspace, the new strategy notes, adding that this now-persistent engagement in cyberspace is altering the strategic balance of power.

As part of the National Cybersecurity Strategy’s third pillar, cyberspace will no longer be treated as a separate category of policy or activity disjointed from other elements of national power. The United States will integrate the employment of cyber options across every element of national power to Identify, counter, disrupt, degrade and deter behavior in cyberspace that is destabilizing and contrary to national interests, while preserving United States overmatch in and through cyberspace.

Advancing American Influence

In outlining its fourth pillar, the strategy says the world looks to the United States, where much of the innovation for today’s internet originated, for leadership on a vast range of transnational cyber issues.

The United States will maintain an active international leadership posture to advance American influence and to address an expanding array of threats and challenges to its interests in cyberspace, the strategy says. Collaboration with allies and partners is part of this pillar, which the strategy says is essential to ensuring continued benefit from cross-border communications, content creation and commerce generated by the internet’s open, interoperable architecture.

This pillar’s objective, the strategy says, is to preserve the internet’s long-term openness, interoperability, security, and reliability, which supports and is reinforced by U.S. interests.