Skip Navigation

Homeland Security News

A collection of open-source homeland security and terrorism news from around the world.
Keyword: critical infrastructure

A Wichita Falls man who plotted to blow up a data center in Virginia pleaded guilty Wednesday to malicious attempt to destroy a building with an explosive, announced Acting U.S. Attorney for the Northern District of Texas Prerak Shah.

Seth Aaron Pendley, 28, was arrested in April after attempting to obtain an explosive device from an undercover FBI employee in Fort Worth. He entered his guilty plea today before U.S. Magistrate Judge Hal R. Ray, Jr.

“Due in large part to the meticulous work of the FBI’s undercover agents, the Justice Department was able to expose Mr. Pendley’s twisted plot and apprehend the defendant before he was able to inflict any real harm,” said Acting U.S. Attorney Prerak Shah. “We may never know how many tech workers’ lives were saved through this operation – and we’re grateful we never had to find out. Bringing to justice domestic extremists remains one of the Department’s top priorities.”

Read more: Department of Justice

The head of Colonial Pipeline told U.S. senators on Tuesday that hackers who launched last month’s cyber attack against the company and disrupted fuel supplies to the U.S. Southeast were able to get into the system by stealing a single password.

Colonial Pipeline Chief Executive Joseph Blount told a U.S. Senate committee that the attack occurred using a legacy Virtual Private Network (VPN) system that did not have multifactor authentication in place. That means it could be accessed through a password without a second step such as a text message, a common security safeguard in more recent software.

"In the case of this particular legacy VPN, it only had single-factor authentication," Blount said. "It was a complicated password, I want to be clear on that. It was not a Colonial123-type password."

Read more: Reuters

The federal government has recovered millions of dollars in cryptocurrency paid in ransom to cybercriminals whose attack prompted the shutdown of the country's largest fuel pipeline and gas shortages across the southeastern U.S. last month, the Department of Justice announced Monday.

On May 8, Colonial Pipeline paid a ransom worth roughly $4.3 million in bitcoin to the Russia-based hacking group known as DarkSide, which had used malicious software to hold the company hostage. Colonial Pipeline CEO Joseph Blount told The Wall Street Journal that the company paid the pricey ransom because the company feared a prolonged shutdown and did not know how long it would take to restore operations.

The ransom allowed Colonial to restore fuel transport through its pipeline, which stretches from Texas to the Northeast and delivers 45% of all fuel consumed on the East Coast.

Read more: CBS News

The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters.

Internal guidance sent on Thursday to U.S. attorney's offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.

"It's a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain," said John Carlin, principle associate deputy attorney general at the Justice Department.

Read more: Reuters

A group of hackers suspected to have links to the Chinese government breached computer systems belonging to New York's Metropolitan Transit Authority (MTA) in April, according to the New York Times.

Transit officials told The Times that the breach did little damage and hackers did not gain access to train controls.

A forensic analysis of the attack further found that hackers did not access nor compromise customers' personal data or put riders in danger, The Times reported. The hack was reported to law enforcement and other state agencies but was not announced to the public.

"The M.T.A.'s existing multilayered security systems worked as designed, preventing spread of the attack," Rafail Portnoy, the MTA's chief technology officer, told The Times. "We continue to strengthen these comprehensive systems and remain vigilant as cyberattacks are a growing global threat."

Read more: Business Insider