Pittsburgh’s place in cybersecurity

screen-shot-2017-01-03-at-10-29-31-amWith the Obama administration striking back at supposed Russian hackers and the Trump administration raising questions, Pittsburgh continues to remain at the center of much of this discussion.

When the White House named two suspected top Russian hackers accused of meddling in the president election, it identified Evgenii Bogachev. As a suspect, he’s already familiar to federal prosecutors in Pittsburgh: They indicted him in 2014 for running the massive GameOver Zeus scam.

David Hickton, the former U.S. Attorney for Western Pennsylvania, told me that he hopes the Trump administration will keep up the push to identify foreign hackers and hold them accountable:

“This is serious business and we realized this is serious business a long time ago,” Hickton told the Tribune-Review. “It’s not something we can put aside. We need to get to the bottom of this and resolve it.”

Separately, the Independent Journal Review raises some interesting points about cybersecurity and attribution. It linked back to one of my old stories to note that there’s not really any such thing as a totally secure computer:


“Really, the only safe computer is one that’s turned off and unplugged from the Internet, and even that may not be safe,” [J. Keith] Mularski told an audience at Carnegie Mellon University on Monday evening as he and co-panelists Nicolas Christin, an information systems security expert in CMU’s Cylab, and Pittsburgh Tribune-Review investigative reporter Andrew Conte debated the pros and cons of an increasingly wired world.


Ransomware goes rogue

It’s bad when hackers lock up computers and hold them for ransom — but it’s about to get a whole lot worse. My first freelance article for the Tribune-Review delves into this frightening new world where hackers don’t want your bitcoin and they’re interested in deleting more than your files…


As bad as it seemed when hackers locked up computer systems at Los Angeles’ Hollywood Presbyterian Medical Center in February, demanding a $17,000 ransom, the attack could have been much worse, experts tell the Tribune-Review.

The cybercriminals used so-called ransomware that seeks victims through emails and websites, then locks their computer equipment until they pay a ransom.

dt.common.streams.StreamServer-1When a victim pays the ransom — typically in digital bitcoins — the thieves provide a digital key to unlock the system. Yet hackers who aren’t motivated by money could refuse to offer a key, said Brian Nussbaum, a former security intelligence analyst who teaches computer security at State University of New York at Albany.

“There is certainly the potential for you to have organizations where the data is simply gone,” Nussbaum said. Read the full story here.

Cyber warfare: Exclusive

I always love being the only reporter in the room.

When that happened again at the Journal of Law & Cyber Warfare conference in New York City, I landed exclusive interviews with top NATO experts planning for both future online wars — and the kind of ongoing cyber-skirmishes that we see with more frequency.

dt.common.streams.StreamServerNEW YORK — After President Obama publicly blamed North Korea for a computer attack on Sony Entertainment and vowed the United States would respond in some fashion, that country’s Internet service went out for more than nine hours.

No one knew whether the United States caused the outage. But if it did, the administration could have been justified in taking Continue reading

Getting sources on the record

An old, bearded photo of me hosting Essential Pittsburgh at WESA-FM.

An old (bearded) photo of me hosting Essential Pittsburgh at WESA-FM.

The thing about covering cybersecurity is that some of my best sources never want to be identified. They know just how bad things can get with hackers and so they stay out of the limelight. As they tell me, “You don’t need to name us. Just know we’re here working to keep people safe.”

That’s fine, but it doesn’t fill newspapers (or the Internet, for that matter).

I finally got three top cybersecurity experts in Pittsburgh to sit down with me for interviews. Because the moment was so rare, I told them I would do a story for the Tribune-Review — but I also wanted to know if they would do the interviews on Essential Pittsburgh, the daily talk show on WESA 90.5 FM, Pittsburgh’s NPR station.

A cool shadowy photo of FBI agent Chris Geary. Taken by the Trib's Stephanie Strasburg.

A cool shadowy photo of FBI agent Chris Geary. Taken by the Trib’s Stephanie Strasburg.

They all agreed. First, you can hear two Pittsburgh FBI agents — Mike Christman, assistant special agent in charge of cyber, and Chris Geary, who heads one of two Pittsburgh-based cyber investigations teams. They talk about growing up nearby and how they take threats to Pittsburgh companies as a personal issue.

Later, I interviewed Maria Vello, president emeritus of the National Cyber-Forensics & Training Alliance, a Pittsburgh nonprofit that tracks down black hat hackers — and that keeps such a low profile you’ve probably never heard of them. Maria’s description of the precautions she takes with her own debit card and online persona will freak you out. It did me.

images_0Finally, I talked with Peter Singer, author of a new fiction book (with nonfiction footnotes) about the consequences of a cyber attack on the United States. We figured that interview would round out a solid hour of cyber talk!

PA Bar Association journalism award

dt.common.streams.StreamServerJust found out the Pennsylvania Bar Association picked my cybersecurity reporting as the winner of its journalism competition for a special report/series. This is a big deal for the Trib and a nice recognition from a group of professionals that I respect.

The story looked at how hackers are targeting lawyers because they often have great information on their clients that is propriety, highly valuable and typically very well organized! The Bar Association plans to give out the William A. Schnader Print Media Award for Special Report/Series in November.

The Untouchables for the digital age

An inside look at an FBI hacker sting: Drinking Red Bulls to stay up all night. Posing as online criminals. Assembling an international hall of justice at Europol.

I had the rare opportunity to see behind the scenes as the FBI in Pittsburgh brought down the Darkode online black market. I spent some time with the Bureau as they disabled the network and then I had an exclusive interview with the undercover agents about how it went. The case ultimately involved 70 criminals from Brazil to Pakistan to the campus of Carnegie Mellon University.

J. Keith Mularski, the FBI cyber guy in Pittsburgh, once posed as the hacker Master Splyntr to take down a crime ring.

J. Keith Mularski, the top FBI cyber guy in Pittsburgh, once posed as the hacker Master Splyntr to take down a crime ring.

Assistant U.S. Attorney Jimmy Kitchen and two FBI agents from Pittsburgh sat two weeks ago around a large square table inside the ultramodern, glass-walled offices of Europol, Europe’s leading law enforcement agency.

The Pittsburghers were joined by top prosecutors and police officers from 20 nations. Some were familiar from FBI training they had done in Pittsburgh, and others had become friendly during the previous six months as they worked together to take down Darkode, a private online black market for hackers and criminals.

“It was like we were the United Nations,” Kitchen told the Tribune-Review in an exclusive interview. “We had our little placard in front of us that said, the United States, and every country had its own.”

Read more: http://triblive.com/news/editorspicks/8749274-74/agents-darkode-fbi#ixzz3g45WTx91

Then my colleague Mike Wereschagin jumped in when I needed help tracking down the local man charged in the FBI’s Darkode sting. Our boss Jim Wilhelm challenged him to come up with this killer lede…

Agents say this CMU student operated online as a hacker known as Android.

Agents say this CMU student operated online as a hacker known as Android.

A fresh-faced college student who once designed a mobile app to bring Pittsburghers together slipped from his prestigious Carnegie Mellon University classrooms into the shadows of the Web, where he sold a program that put thieves inside people’s pockets, federal authorities said Wednesday.

Read more: http://triblive.com/news/editorspicks/8749286-74/culbertson-fbi-android#axzz3fmxQzP3p 

Out in the field

andy conte 06As an investigative reporter, I often work at a computer screen going over data or talking with sources on the phone. But you never know.

It was interesting then recently to get out into the field for a day with photographer Evan Sanders. We were covering a story about the Pennsylvania Office of Attorney General executing a search warrant at a monastery near Hollidaysburg.

It was a chance to utilize the modern “newsroom” — with a mobile phone in hand (actually two of them) and a laptop computer on my lap.

andy conte 04

The Inside Job

cyber logoAs journalists, we often report on secret meetings — closed to everyone but the participants. I dedicated “Breakway” to “anyone who has ever wondered what happens behind closed doors.” I did that mostly because I always wonder what decisions are made and deals reached behind closed doors.

For my latest assignment, I actually got to go behind closed doors. I went behind armed guards too. The U.S. Army War College permitted me to attend a policy planning session on “Cyber Sovereignty.” The three-day workshop brought together top minds from all branches of the military, from the private sector and from academia.

The event allowed me to provide readers of the Tribune-Review exclusive access to these deliberations about the future of our nation’s cybersecurity. I also discussed my findings on 90.5 WESA-FM, Pittsburgh’s NPR station.

My stories…

Infrastructure ‘legitimate target’ in battle for cyber supremacy

Summer Fowler

Summer Fowler

When Summer Fowler goes to sleep, the Cranberry mother of three knows computer hackers around the world are working through the night to undo the defenses she spends her days building.

Fowler, 37, is deputy technical director for cybersecurity solutions at CERT, the nation’s first computer emergency response team, at Carnegie Mellon University’s Software Engineering Institute. She works with Pentagon soldiers, intelligence directors and corporate titans to help them identify key electronic assets, secure them from cyber attacks and plan for what happens if someone steals them.

But at the end of the day, once her children are tucked into bed, Fowler wonders what the impact would be from a real cyber 9/11 attack…Read more.

How Pittsburgh invented computer emergency response

Richard Pethia

Richard Pethia

Pittsburgh’s prominent and growing role as a national center for cybersecurity started with a chance encounter more than 25 years ago.

On Nov. 2, 1988, researchers at the Defense Advanced Research Projects Agency, or DARPA, were ending the workday when calls started coming in from across the country. Something was slowing computer connections on the early Internet — moving freely, guessing passwords to break into systems, accessing files and quickly replicating.

About 60,000 people were connected to the infant web in those days, and many knew each other. The idea had been to build a network for military operations and research that could withstand attacks on any one or two individual computers.

But as the so-called Morris worm spread, questions about security quickly arose. The first computer virus had been unleashed…Read more.

Sony hack redefines online warfare

0212151306a-1CARLISLE — Rarely has a raunchy movie done so much to change the world.

When hackers broke into computer systems at Sony Pictures Entertainment in a failed attempt to stop the release of “The Interview” late last year, the cyberattack changed the way top American military policymakers look at online warfare, experts say.

Electronic skirmishes that had played out quietly among computer technicians at a hacked company and a federal agency contacted for advice instead went all the way to the Oval Office, as President Obama blamed the Sony incident on a nation-state attack by North Korea. Read more.

Intelligence agency to battle online threats

CARLISLE — If President Obama’s proposed new agency to coordinate federal cybersecurity efforts leads to increased information sharing among government agencies and private companies, that will improve defenses against hack attacks all around, experts gathered here this week said. Read more.

Off the record…

header_person2Off the record. Three words no reporter ever wants to hear. Unless the information in return makes the bargain worthwhile.

When I walked into the Journal of Law & Cyber Warfare one-day symposium in New York City, those were the first three words I heard. Nothing said at the conference could appear in a story, a tweet or even a text message. Unless I later obtained the speaker’s permission.


Daniel Garrie, founding editor of the Journal of Law & Cyber Warfare, (left) and Mitchell Silber, executive managing director of K2 Intelligence, talk during a rare on-the-record moment.

What at first seemed a burden turned into a blessing. Experts at the event talked freely about the fears that keep them up at night. It’s stuff that would keep up many Americans too, if they knew about it. That has been my driving objective with the ongoing Cyber Rattling series: Making people aware of the large, and rapidly growing, cyber threat.

As it turned out, I was able to talk with many of the experts in on-the-record conversations. And I was able to turn out this story about the potential for cyber warfare. The lines between cyber criminal acts and state-sponsored attacks are becoming blurry. More stories will turn up in the coming weeks and months as I continue to expand my coverage of this topic.


Why Nutella?

nutellaJif crunchy peanut butter would have felt much more threatening, right? Like, how did this ISIS fighter in Syria get his hands on the most-American of sandwich spreads? Instead, the guy went for Nutella. Don’t get me wrong. I love Nutella. But that’s more of a threat to Italians maybe. Europhiles, for sure. ProdAdminImageRegardless, my latest cyber story looks at jihadist fighters using Twitter to taunt the United States and Europe from the frontlines of the battle.

As an aside, the New York Post had this take on an ISIS fighter mourning Robin Williams’ death. These guys might be fighting Western culture — but they also are deeply embedded in it.

My story…

One British fighter mockingly says he was so upset about American bombing raids on jihadists like himself in northern Iraq that he took a selfie while buying Nutella to “comfort my brittle heart.”

Another jihadist, dressed in black, posed for a photo with a young boy dressed likewise, adding a hashtag about swapping PlayStation video games for a real gun. Others posted images of American equipment left behind in Iraq, inviting troops to return.

Online taunts might seem glib, but fighters with the Islamic State of Iraq and Syria — or now simply the Islamic State — have a growing desire to strike in the United States and Europe as a result of bombing to support Kurdish fighters, security experts told the Tribune-Review. Read more.