Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 199 of 2161.
Eric Geller @ericgeller
@birnbaum_e Dupont Circle chose chaos — PolitiTweet.org
Eric Geller @ericgeller
https://t.co/wdbcrxF9x4 https://t.co/fIKpK72eTj — PolitiTweet.org
Eric Geller @ericgeller
Good morning to this tweet and this tweet only — PolitiTweet.org
Jo @MissGloop
@AshCrossan https://t.co/nH5pHQznwR
Eric Geller @ericgeller
@MissGloop @AshCrossan Screaming — PolitiTweet.org
Eric Geller @ericgeller
@admiraljello happy birthday Jay! 🎉 — PolitiTweet.org
Eric Geller @ericgeller
.@POLITICOPro subscribers can read more in my story here: https://t.co/1aeG5W6pQH — PolitiTweet.org
Eric Geller @ericgeller
For the FBI, Vorndran said, the Q is what to do next. "Should the adversary still have the opportunity to utilize these to conduct an attack? ... Our answer to that will always be ‘No,’ especially when we have the legal authorities and the capability to neutralize that botnet.” — PolitiTweet.org
Eric Geller @ericgeller
The Russian govt botnet that FBI dismantled in April still retained about 20% of its command & control servers after the FBI’s direct victim notifications, Vorndran said. So these first two stages of outreach made a huge difference, but the botnet retained significant capacity. — PolitiTweet.org
Eric Geller @ericgeller
The FBI sees botnet device counts drop sharply and quickly after initial manufacturer warnings, Vorndran said, “but it doesn’t get anywhere close to zero.” Even after 100s or 1000s of direct victim notifications, many bots remain. "There’s still a usable vector for attack." — PolitiTweet.org
Eric Geller @ericgeller
DOJ's approach is to “move from least intrusive to most intrusive” when it comes to techniques for dismantling botnets, Vorndran told me. First step is working w/ device manufacturers to warn owners of vulnerable/infected devices. Next is direct outreach to victims. — PolitiTweet.org
Eric Geller @ericgeller
Officials say malware removals remain a last resort. “You can understand why we should be appropriately cautious before we touch any private computer system, much less the system of an innocent third party,” Hickey told me. — PolitiTweet.org
Eric Geller @ericgeller
"We still do believe in taking players off the field," Vorndran told me in an #RSAC interview. "But at the end of the day, if there's an adversary that has an attack vector available, we're going to do everything we can to neutralize that." — PolitiTweet.org
Eric Geller @ericgeller
"We still do believe in taking players off the field," Vorndran told me. "But at the end of the day, if there's an adversary that has an attack vector available, we're going to do everything we can to neutralize that." — PolitiTweet.org
Eric Geller @ericgeller
The shift has also been driven by the FBI's increased willingness, as part of its recently updated cyber strategy (https://t.co/Ut0DteKkQV), to prioritize disruption over arrests. It's been devoting more money and staff to the complex work of developing malware removal tools. — PolitiTweet.org
Eric Geller @ericgeller
B/c of all this, the thinking inside USG has shifted. It's now harder to justify leaving a botnet intact than it is to justify taking action, Hickey said. "If we've done everything we can to ensure there will not be collateral damage, why would we just leave the malware there?” — PolitiTweet.org
Eric Geller @ericgeller
There's also less public backlash. "We have done things like this a number of times where I don't feel like people are like, 'Are you crazy?'" Hickey said. "There's still an appropriate level of scrutiny of these operations, but I think we have established credibility and trust." — PolitiTweet.org
Eric Geller @ericgeller
A new cadre of leaders with increasing technological fluency are growing more comfortable approving these operations, Hickey said. “They can ask questions of the FBI to assure themselves, ‘What have you done to test this? How's it going to work?’” — PolitiTweet.org
Eric Geller @ericgeller
Deputy AG Lisa Monaco, for example, has endorsed aggressive strategies for frustrating hackers, having seen the value of disruption in the CT space while serving as WH homeland security adviser. Current political leadership "is very forward-leaning,” Hickey told me. — PolitiTweet.org
Eric Geller @ericgeller
But recently, a combination of changing federal leadership and growing familiarity with the specifics of the technique have made malware removals more palatable. — PolitiTweet.org
Eric Geller @ericgeller
It wasn't just outside critics who made malware takedowns controversial. Senior DOJ leaders were reticent to approve them. “With Coreflood, it was, ‘Okay, you can stop the malware, but we're not going to delete it. That feels like that's just too much, too fast,’” Hickey said. — PolitiTweet.org
Eric Geller @ericgeller
In the 11 years since DOJ's first botnet takedown (Coreflood), DOJ has done malware removals only sparingly, wary of backlash to a novel technique. And anti-botnet ops have indeed generated criticism and skepticism in years past. https://t.co/vCnEnKgUp2 https://t.co/4lriytS80U — PolitiTweet.org
Eric Geller @ericgeller
“We have gotten more comfortable, as a government, taking that step,” Hickey, a deputy assistant attorney general for national security, told me in an interview at #RSAC. — PolitiTweet.org
Eric Geller @ericgeller
These court-approved operations, which involve sending commands to infected computers to remove malicious code, have in recent years crippled a Russian govt botnet https://t.co/Xehuk6KFk7 and the Microsoft Exchange Server hacking campaign https://t.co/NHOpvqy56P . — PolitiTweet.org
Eric Geller @ericgeller
New: I talked to DOJ cyber official Adam Hickey and FBI Cyber Division chief Bryan Vorndran about how the USG is increasingly using malware removal operations to take down botnets, thanks to top officials' increasing comfort with the sensitive technique. https://t.co/1aeG5W6pQH — PolitiTweet.org
Eric Geller @ericgeller
In today's @MorningCybersec, @samsabin923 and I wrapped up our on-site #RSAC coverage with a bunch of takeaways from the conference and my report from a supply chain cyberattacks panel with FBI officials. https://t.co/DOPVMMU9l1 — PolitiTweet.org
Eric Geller @ericgeller
Big night for things I want to tweet but can't! — PolitiTweet.org
Eric Geller @ericgeller
@JustinMBolger YES — PolitiTweet.org
Eric Geller @ericgeller
@clubjade my brain is melting — PolitiTweet.org
Eric Geller @ericgeller
@WilliamTurton @Bing_Chris we're having fun here — PolitiTweet.org
Eric Geller @ericgeller
when you desperately need a break from transcribing #RSAC — PolitiTweet.org
Chris Bing @Bing_Chris
Thursday 3pm #RSAC2022. It’s turning dark fast @ericgeller https://t.co/1u3STMVAHL
