Amdall Gallery

Media Note Office of the Spokesperson Washington, DC December 11, 2018 On December 11, 2018, Deputy Secretary of State John J. Sullivan hosted a ministerial on counterterrorism at the Department of State focused on the Western Hemisphere. Thirteen key North, Central, and South American partners joined for this meeting, including Argentina, The Bahamas, Canada, Chile, Colombia, Honduras, Jamaica, Panama, Paraguay, Peru, and Trinidad and Tobago. Brazil and Mexico participated in observer roles. Participating governments discussed the threat that transnational terrorist groups, including ISIS, al-Qa’ida, and Lebanese Hizballah, pose to the collective security and safety of their citizens at home and abroad. The participating governments highlighted that transnational terrorist groups seek to exploit gaps in national and regional counterterrorism capabilities, including in border security, law enforcement, counterterrorist financing, and information sharing. The […]

Remarks John J. Sullivan Deputy Secretary of State Loy Henderson Auditorium Washington, DC December 11, 2018 DEPUTY SECRETARY SULLIVAN: Thank you very much. Good morning, everyone. Thank you, Nathan, for that kind introduction. It’s my pleasure to welcome you all – esteemed ministers, colleagues, and guests – to this important discussion on counterterrorism in the Western Hemisphere. I’d like to begin, as Nathan said, to thank all of you for making what in many cases was a long trip here to Washington, D.C. for this gathering. When we think about transnational terrorism, many immediately picture families grieving after a large-scale attack on civilians who are halfway around the world, or black ISIS flags flying in the group’s last pocket of resistance in Syria. But transnational terrorism poses an immediate threat to us here in the Western Hemisphere. Although the perceived center of gravity seems far away, groups like ISIS, […]

Remarks Kirsten D. Madison Assistant Secretary, Bureau of International Narcotics and Law Enforcement Affairs Nairobi, Kenya December 10, 2018 Let me begin by thanking NACADA for hosting us here in sunny Nairobi. A workshop of this magnitude is no small task; we are grateful for Kenya’s leadership in organizing what is truly a global conference and to ISSUP and the African Union for your tireless efforts to make ISSUP-4 a reality. We’re also joined by participants from more than 80 countries, including more than 40 African states; all of whom have dedicated their professional lives to preventing and treating those with substance use disorders. And it’s really humbling to be in a room with such important people. Coming from the United States, where we are suffering through a drug-use epidemic of unprecedented scale in our history, these issues could not be more relevant to us, and the opportunity to come here and learn from you is very powerful. […]

Original release date: December 03, 2018Summary The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, this report provides recommendations for prevention and mitigation.The SamSam actors targeted multiple industries, including some within critical infrastructure. Victims were located predominately in the United States, but also internationally. Network-wide infections against organizations are far more likely to garner large ransom payments than infections of individual systems. Organizations that provide essential functions have a critical need to resume operations quickly and are more likely to pay larger ransoms.The actors […]

Original release date: November 27, 2018Systems Affected Microsoft Windows Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). DHS and FBI are releasing this TA to provide information about a major online ad fraud operation—referred to by the U.S. Government as "3ve"—involving the control of over 1.7 million unique Internet Protocol (IP) addresses globally, when sampled over a 10-day window. Description Online advertisers desire premium websites on which to publish their ads and large numbers of visitors to view those ads. 3ve created fake versions of both (websites and visitors), and funneled the advertising revenue to cyber criminals. 3ve obtained control over 1.7 million unique IPs by leveraging victim computers infected with Boaxxe/Miuref and Kovter malware, as well as Border […]

Original release date: October 11, 2018Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5]In it we highlight the use of five publicly available tools, which have been used for malicious purposes in recent cyber incidents around the world. The five tools are:Remote Access Trojan: JBiFrostWebshell: China ChopperCredential Stealer: MimikatzLateral Movement Framework: PowerShell EmpireC2 Obfuscation and Exfiltration: HUC Packet TransmitterTo aid the work of network defenders and systems administrators, we also provide advice on limiting the effectiveness of these tools and detecting their use on a network.The individual tools we cover in this report are limited examples of the types of tools used by threat actors. You should not consider this an exhaustive list when planning your network defense.Tools and techniques for exploiting networks […]

Original release date: October 03, 2018Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs). Since May 2016, APT actors have used various tactics, techniques, and procedures (TTPs) for the purposes of cyber espionage and intellectual property theft. APT actors have targeted victims in several U.S. critical infrastructure sectors, including Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing.This Technical Alert (TA) provides information and guidance to assist MSP customer network and system administrators with the detection of malicious activity on their networks and systems and the mitigation of associated risks. This TA includes an overview of TTPs used by APT actors in MSP network environments, recommended mitigation […]

Original release date: October 03, 2018Systems Affected Network Systems Overview This technical alert addresses the exploitation of trusted network relationships and the subsequent illicit use of legitimate credentials by Advanced Persistent Threat (APT) actors. It identifies APT actors' tactics, techniques, and procedures (TTPs) and describes the best practices that could be employed to mitigate each of them. The mitigations for each TTP are arranged according to the National Institute of Standards and Technology (NIST) Cybersecurity Framework core functions of Protect, Detect, Respond, and Recover. Description APT actors are using multiple mechanisms to acquire legitimate user credentials to exploit trusted network relationships in order to expand unauthorized access, maintain persistence, and exfiltrate data from targeted organizations. Suggested best practices for administrators to mitigate this threat include auditing credentials, […]

Original release date: October 02, 2018 | Last revised: October 08, 2018Systems Affected Retail Payment Systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Department of the Treasury (Treasury), and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS, Treasury, and FBI identified malware and other indicators of compromise (IOCs) used by the North Korean government in an Automated Teller Machine (ATM) cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.FBI has high confidence that HIDDEN COBRA actors are using the IOCs listed in this report to maintain a presence on victims’ networks to enable network exploitation. […]

Original release date: July 20, 2018Systems Affected Network Systems Overview Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors.This joint Technical Alert (TA) is the result of Multi-State Information Sharing & Analysis Center (MS-ISAC) analytic efforts, in coordination with the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC). Description Emotet continues to be among the most costly and destructive malware affecting SLTT governments. Its worm-like features result in rapidly spreading network-wide infection, which are difficult to combat. Emotet infections have cost SLTT governments up to $1 million per incident to remediate.Emotet is an […]

Original release date: May 29, 2018 | Last revised: May 31, 2018Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:a remote access tool (RAT), commonly known as Joanap; anda Server Message Block (SMB) worm, commonly known as Brambul.The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and […]

Original release date: May 25, 2018 | Last revised: June 07, 2018Systems Affected Small office/home office (SOHO) routersNetworked devicesNetwork-attached storage (NAS) devicesOverview Cybersecurity researchers have identified that foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide [1] [2] [3]. The actors used VPNFilter malware to target small office/home office (SOHO) routers. VPNFilter malware uses modular functionality to collect intelligence, exploit local area network (LAN) devices, and block actor-configurable network traffic. Specific characteristics of VPNFilter have only been observed in the BlackEnergy malware, specifically BlackEnergy versions 2 and 3.The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) recommend that owners of SOHO routers power cycle (reboot) SOHO routers and networked devices to temporarily disrupt the malware.DHS and […]

Original release date: May 21, 2018 | Last revised: May 22, 2018Systems Affected CPU hardware implementations Overview On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Description Common CPU hardware implementations are vulnerable to the side-channel attacks known as Spectre and Meltdown. Meltdown is a bug that "melts" the security boundaries normally enforced by the hardware, affecting desktops, laptops, and cloud computers. Spectre is a flaw that an attacker can exploit to force a CPU to reveal its data.Variant 3a is a vulnerability that may allow an attacker with local access to speculatively read system parameters via side-channel analysis and obtain sensitive information.Variant 4 is a vulnerability […]

Thirty years after the terrorist bombing of Pan Am Flight 103 over Lockerbie, Scotland, the FBI and its partners are still actively seeking justice for the 270 victims and their families. […]

The FBI released information on more than 6 million criminal offenses submitted to its National Incident-Based Reporting System last year, as law enforcement continues transitioning to the more robust system. […]

A man who profited from the ransomware known as Reveton, which appropriated the FBI logo to scare victims into paying to unlock computers infected with the malware, will be spending time in prison. […]

A fraudster and his associates who bought credit card numbers online and used them to buy prepaid gift cards and money orders—stealing thousands of dollars in the process—have been sentenced for their crimes. […]

Two Iranian men were indicted in connection with the deployment of the sophisticated and sinister SamSam ransomware that crippled the operations of critical facilities in the U.S. and Canada. […]

Samuel Little has confessed to 90 murders to date, and the FBI’s Violent Criminal Apprehension Program is working with partners nationwide to match those confessions to killings that occurred between 1970 and 2005. […]

A Canadian man was sentenced to more than 11 years behind bars for orchestrating a telemarketing credit card scam that defrauded at least 60,000 victims, many of them elderly, out of more than $18 million. […]

Prosecutors secured a 35-year prison sentence for an armed robber who hit three Philadelphia corner stores during a violent two-day crime spree in 2016. […]

The owner of a Maryland telemarketing company that defrauded small businesses, schools, churches, non-profits, and others out of millions of dollars will be spending time behind bars. […]

The number of hate crime incidents reported to the FBI increased about 17 percent in 2017 compared with the previous year, according to the latest annual Hate Crime Statistics report. […]

The FBI uses science, technology, engineering, and math in nearly every investigation, and STEM Day serves as an opportunity to highlight career opportunities for individuals with these skill sets. […]

The creator of the purported luxury music festival Fyre Fest will be spending time behind bars for defrauding investors and customers out of more than $26 million in two separate schemes. […]

Thirty years ago, a graduate student unleashed the first major attack on the Internet and became the first person convicted of a new type of crime. […]

Two unrelated sextortion crimes committed months apart and hundreds of miles away from each other illustrate the dangers of compromising personal photos being in the wrong hands. […]

An Indiana resident who pledged his support to ISIS was sentenced to 15 years in prison for distributing information on explosives and poisons for use in a terror attack. […]

Joel Michael Bane received two years' probation after pleading guilty on September 13, 2018 to one count of interference with flight crew. […]

Brittany Theophile received 21 months' imprisonment for her role in attempting to introduce controlled substances into the Orleans Justice Center. […]

Juan Valdez of Milton received 20 years in prison for leading a large scale international drug trafficking operation. […]

Former New York State Senator Marc Panepinto has been sentenced to serve two months in prison for providing a benefit in exchange for political activity. […]

Lieutenant Jason Millican, Woodburn Police Department, recently completed the FBI National Academy. […]

Tonya Topel of North Kansas City, Missouri, has been charged with embezzling $116,367 from her employer. […]

Hanibal Tayeh of Westfield has been charged in Springfield in connection with a scheme to obtain bank loans and money for projects in Saudi Arabia. […]

Steven J. Perry of Elkhart, Indiana, has been charged with transportation and possession of child pornography. […]

Robert Johnson and 23 others have been charged with drug trafficking and firearms charges related to a distribution ring operating in Georgia and Florida. […]

Pablo Rangel-Rubio, Juan Rangel-Rubio, and Higinio Perez-Bravo have been charged with plotting the murder of a whistleblower who exposed a fraud scheme. […]

Yves Joseph Legault of Canada received 16 years in prison for coercing and enticing the production of child sexual exploitation images over the Internet. […]

Craig Alan Castaneda of California has been found guilty of traveling from San Diego to Atlanta to have sex with a nine-year-old girl and enticing a minor. […]

Allen Young of Oak Park has been sentenced to 21 years in prison for sex trafficking several children in the Chicago area. […]

Jichun Zhang of Durham pleaded guilty to stealing money from federal research grants. […]

Mark E. Fisher and Joseph F. Capuozzo pleaded guilty in connection with a $1 million pump and dump securities fraud scheme. […]

The official launch of the National Use-of-Force Data Collection, which offers a comprehensive view of use-of-force incidents, will take place on January 1, 2019. […]

For two decades, the National Instant Criminal Background Check System (NICS) has been ascertaining a person’s eligibility under law to receive or possess a firearm. […]

The number of hate crime incidents reported to the FBI increased about 17 percent in 2017 compared with the previous year, according to the Uniform Crime Reporting Program’s annual Hate Crime Statistics report. […]

The FBI’s National Data Exchange (N-DEx) System was instrumental in helping the Troup County Sheriff's Office in Georgia locate two wanted felons. […]

A U.S. Customs and Border Protection officer in Virginia used the FBI’s N-DEx System to help identify an unknown kidnapping suspect who became part of a larger human trafficking investigation. […]

Both violent crime and property crime declined in 2017 when compared with 2016 data, according to the FBI’s annual Crime in the United States report. […]

The second installment of Law Enforcement Officers Killed and Assaulted, 2017, was released on on July 30 and includes statistics about officers assaulted in the line of duty. […]

The FBI’s National Data Exchange (N-DEx) System is instrumental in helping the Tennessee Department of Corrections locate probation and parole absconders. […]

The CJIS Division’s Special Processing Center (SPC) identified an unknown deceased subject in Ohio after submitting fingerprints to the Department of Homeland Security's IDENT System. […]

The FBI’s National Data Exchange (N-DEx) System helped an investigator in West Virginia identify a previously unknown suspect who participated in the violent attack of a woman in a grocery store parking lot. […]

The CJIS Division’s Special Processing Center used fingerprints to identify the remains of a male victim found in New York City, bringing closure to a cold case that had been open since 1995. […]

The FBI’s National Data Exchange (N-DEx) System has helped the California Polytechnic State University Police Department save hundreds of hours and enhance its casework. […]

The National Incident-Based Reporting System (NIBRS), a more detailed and comprehensive crime reporting system, is replacing the Summary Reporting System (SRS) on January 1, 2021. […]

The UCR Program has begun developing methodology to collect and publish data on police-involved shootings and use of force. […]

The CJIS Link is a publication that tells our partners about new services and system capabilities, as well as relevant changes in policy. […]

During World War II, Argentina was a hotbed of intrigue and proved to be a tough environment for […]

During a meeting of intelligence and national security leaders, FBI Director Christopher Wray […]

The FBI's Weapons of Mass Destruction Directorate was established 10 years ago and today serves as […]

New collaborative program at FBI Academy integrates agents and intelligence analysts. […]

Director Comey joined Director of National Intelligence Clapper and several other Intelligence […]

The FBI vigilantly investigates cases of industrial espionage and theft of intellectual property, […]

Standing outside the White House on a sunny day in May 1955, President Dwight Eisenhower smiled as […]

Economic espionage is a significant threat to our country’s economic health and security. […]

Investigating financial crime is like working a puzzle—you have to fit all of the pieces of […]

At the National Virtual Translation Center’s offices near FBI Headquarters in Washington […]