FBI Cyber Division

Adversarial cyber techniques are growing stealthier and more sophisticated, which makes it critical to implement an event logging policy that improves your organization’s chances of detecting malicious behavior on your systems. Without a good logging policy in place, Advanced Persistent Threat (APT) actors could be sitting silently on your network for months without being detected. That's because threat actors are increasingly using “living off the land” (LOTL) techniques which are designed to evade detection by appearing benign in nature. Network defenders should read the new guide to event logging from the #FBI, the Australian Cyber Security Centre (ACSC), and other partners to improve their ability to detect LOTL and other threat activity: https://lnkd.in/einH7R6W

The Joint Ransomware Task Force (JRTF), co-chaired by the #FBI and CISA, is an interagency, collaborative effort to combat the growing threat of ransomware attacks. The JRTF was launched in response to a series of high-profile ransomware attacks on U.S. critical infrastructure and government agencies. The JRTF: • Coordinates and streamlines the U.S. Government’s response to ransomware attacks and facilitates information sharing and collaboration between government agencies and private sector partners. • Ensures operational coordination for activities such as developing and sharing best practices for preventing and responding to ransomware attacks, conducting joint investigations and operations against ransomware threat actors, and providing guidance and resources to organizations that have been victimized by ransomware. • Represents a significant step forward in enabling unity of effort across the U.S Government’s efforts to address the growing threat of ransomware attacks. For more info on JRTF, click here: https://lnkd.in/eUrPKshC

In past elections, malicious actors have sought to spread or amplify false or exaggerated claims about cyber incidents to manipulate public opinion, discredit the electoral process, or undermine confidence in US institutions. But just so you know: Ransomware attacks against state and local governments or election infrastructure would not impact the security and resiliency of vote casting or counting. Read the new #PSA from the #FBI and the Cybersecurity and Infrastructure Security Agency (CISA) to learn more: https://lnkd.in/en6Zffaz

Last week at DEFCON 32, #FBI Cyber personnel tied for first place in the Blue Team Village Capture the Flag (CTF) competition. This marks the third year in a row that a team of FBI Cyber specialists has finished atop the CTF leaderboard. Blue Team CTF at DEFCON is a digital forensics and incident response competition that draws inspiration from the latest cyber threats. Participants must leverage a diverse range of cyber skills like threat hunting and reverse-engineering malware to emerge victorious. Interested in using your technical skills to help the FBI mission? Learn more about technical careers at the FBI here: https://lnkd.in/eU52qxER And learn about Special Agent careers here: https://lnkd.in/e423jqrC Unique skillsets may qualify you for a career as a cyber agent!

The #FBI and Cybersecurity and Infrastructure Security Agency updated a joint #CybersecurityAdvisory on new Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) related to BlackSuit ransomware. Follow the recommendations in this CSA to protect your organization: https://lnkd.in/eTs8ba8S

The #FBI and the Cybersecurity and Infrastructure Security Agency (CISA) released an updated joint #CybersecurityAdvisory on BlackSuit ransomware. Updates include Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) identified through FBI threat response activities. Follow the recommendations in this CSA to protect your organization: https://lnkd.in/eTs8ba8S

The #FBI is proud to announce that Deputy Director Paul Abbate, Deputy Assistant Director Cynthia Kaiser, and FBI Cyber Division Assistant Director Bryan Vorndran have all been nominated for FedScoop 50 Awards for outstanding achievements in government leadership.

The #FBI and the Cybersecurity and Infrastructure Security Agency (CISA) released an updated joint #CybersecurityAdvisory on BlackSuit ransomware. Updates include Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) identified through FBI threat response activities. Follow the recommendations in this CSA to protect your organization: https://lnkd.in/eTs8ba8S

The #FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance to help companies evaluate a software manufacturer’s approach to cybersecurity and ensure that the manufacturer adheres to “secure by design” principles.   Today, when companies perform due diligence on their software manufacturers, they tend to focus on enterprise security measures like compliance standards. It’s equally important to scrutinize how a manufacturer approaches product security. Learn more here: https://lnkd.in/eNxw6UBd

#ICYMI: Read about the #FBI’s Cyber Action Team, or CAT, a rapid-response group that can deploy across the globe within hours to respond to major cyber threats and attacks on critical infrastructure. CAT was established in 2005 in response to the increasing number and complexity of computer intrusion investigations led by FBI field offices. Learn more here: https://lnkd.in/gjDHD-cd