Former Uber Security Chief Convicted

With organised ransomware gangs, government-backed hacking teams and anarchist kids targeting companies, being a chief information security officer is already a daunting job.

The verdict ended a dramatic case that pitted Joe Sullivan, a prominent security expert who was an early prosecutor of cyber crimes for the San Francisco US attorney’s office, against his former government office.

In between prosecuting hackers and being prosecuted, Sullivan served as the top security executive at Facebook, Uber and Cloudflare.

Now, a jury in San Francisco found Joe Sullivan, who was fired from Uber in 2017, guilty of obstruction of justice and concealing a felony.

At the time, prosecutors alleged he arranged to pay the hackers $100,000 (£87,964) in bitcoin and had them sign nondisclosure agreements that falsely stated they had not stolen data. Increasingly, companies negotiate with ransomware hackers. But investigators said they must "do the right thing" when their systems are breached.

The conviction is a dramatic reversal for Sullivan, who had at one point in his career prosecuted cyber-related crime for the San Francisco US attorney's office.

After Sullivan's conviction his lawyer, David Angeli, said "Mr Sullivan's sole focus, in this incident and throughout his distinguished career, has been ensuring the safety of people's personal data on the internet," said The Washington Post.

But prosecutors said the case was a warning to companies. “Technology companies in the Northern District of California collect and store vast amounts of data from users... We expect those companies to protect that data and to alert customers and appropriate authorities when such data is stolen by hackers," the US attorney Stephanie  Hinds said. 

Ms. Hinds accused Sullivan of working to hide the data breach from US regulator the Federal Trade Commission (FTC), adding he "took steps to prevent the hackers from being caught".

At the time, the FTC was already investigating Uber following a 2014 hack. When it was hacked again, the attackers emailed Sullivan and told him they had stolen a large amount of data, which they would delete in return for a ransom, according to the US Department of Justice (DOJ) .

Staff working for Sullivan confirmed that data, including about 57 million Uber users' records and 600,000 driving-licence numbers, had been stolen.

According to the US Dept of Justive (DOJ) Sullivan arranged for the hackers to be paid in bitcoin in exchange for them signing non-disclosure agreements to not reveal the hack to anyone. The hackers were paid in December 2016, even though they had refused to provide their true names. The payment was disguised as a "bug bounty", a reward used to pay cyber-security researchers who disclose vulnerabilities so they can be fixed.

The Washington Post reported that the process enabled Uber to gather clues about the two hackers. The firm eventually identified the pair - both of whom have since been convicted of criminal offences - in January 2017 and required them to sign new agreements in their own names. The two cyber criminals were Brandon Charles Glover and Vasile Mereacre who pleaded guilty in 2019.

Sullivan, who now serves as Cloudflare’s CSO, told a subordinate that information about the breach needed to be “tightly controlled” and that the story outside of the security group was to be that “this investigation does not exist.”

BBC:     Washington Post:     DOJ:     Computing:     Guardian:     Register:    Techcrunch:

You Might Also Read: 

The CISO's Job Is Getting More Complex:

 

« British Spy Chief Warns Of The Threat From China
Russian Hackers Shut Down US State Government Websites »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Academy - University of Southampton

Cyber Security Academy - University of Southampton

An industry/University partnership established to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

Northwave

Northwave

Northwave is 100% focused on providing integrated high quality information security services.

Norwegian Business & Industry Security Council (NSR)

Norwegian Business & Industry Security Council (NSR)

NSR is a member organization serving the Norwegian business sector in an advisory capacity on matters relating to crime and security including cyber.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Crayonic

Crayonic

Crayonic digital identity technologies protect and guarantee the identity of people and things.

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

CyberSAFE Malaysia

CyberSAFE Malaysia

CyberSAFE Malaysia is an initiative to educate and enhance the awareness of the general public on the technological and social issues and risks facing internet users.

CloudSecOps

CloudSecOps

CloudSecOps provide cutting edge security professional services in web applications, networks, and cloud specializing in modern infrastructures on AWS.

Human Security

Human Security

Human (formerly White Ops) Bot Mitigation Platform enables complete protection from sophisticated bot attacks across advertising, marketing and cybersecurity.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

Armo

Armo

Armo technology enhances any Kubernetes deployment with security, visibility, and control from the CI/CD pipeline through production.

Cider Security

Cider Security

Cider Security - It’s time to revolutionize the way Security, Dev and DevOps teams work together to supercharge security at the speed of engineering.

NetGain Technologies

NetGain Technologies

NetGain Technologies helps small to medium-sized businesses gain access to expert IT talent. We provide strategies that use technology as a driving force behind business growth.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.