Cyber Connections News Roundup: Jan. 26

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

January 26

Covid-19 Vaccine Producers Facing a Growing Number of Threats

Pharmaceutical companies have rolled out Covid-19 vaccines in record time, which also has exposed a number of new cybersecurity threats. According to a recent article on www.forbes.com, in R&D, clinical trials, manufacturing and distribution, we’re seeing a proliferation of new threat surfaces cyber attackers are targeting today. A new report from the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) describes how cyberattackers, impersonating an executive from a biomedical company known for having end-to-end cold chain expertise, conducted credential harvesting spear-phishing attacks against global companies who support the global cold chain needed for distributing vaccines. Read more.

White House Taps Rob Silvers as New CISA Chief

According to a recent article on www.cyberscoop.com, the Biden administration plans to select Rob Silvers, a lawyer and former Department of Homeland Security (DHS) official, to run the Cybersecurity and Infrastructure Security Agency (CISA), the federal agency in charge of election security and stopping hacking threats to government networks. The choice of Silvers, according to the report, signals the new administration’s intent to strengthen CISA’s role in cyber-defense. If confirmed, Silvers would assume the position previously held by Christopher Krebs, whom former President Donald Trump fired via Twitter. CISA is now investigating one of the largest cyber-espionage campaigns against U.S. government networks in recent memory, in which Russian hackers exploited software from the federal contractor SolarWinds to infiltrate multiple federal agencies. Read more.

Government May Have Failed to Heed Warnings that Led to SolarWinds Hack

A recent article on www.bloomberg.com suggests that congress and federal agencies were slow or unwilling to address warnings about cybersecurity, shelving recommendations and investing in programs that have fallen short. The SolarWinds cyber-attack by suspected Russian hackers came after years of warnings from a watchdog groups and cybersecurity experts, according to the report. For instance, the Cyberspace Solarium Commission, which was created by Congress to come up with strategies to thwart sizable cyber-attacks, presented a set of recommendations to Congress in March that included additional safeguards to ensure more trusted supply chains. By then, the alleged Russian hackers may have already breached the government’s software supply chain. Read more.

Underground Cyber Attackers Feasted on States’ Pandemic Unemployment Program

According to an article on www.statescoop.com, online actors specializing in financial fraud took advantage of a widely used unemployment insurance program designed in response to the COVID-19 pandemic, making it one of the single biggest targets for cybercrime in 2020. According to a report by threat intelligence firm Recorded Future, the Pandemic Unemployment Assistance program — implemented to help freelance and gig workers through the health crisis’ economic shutdowns — quickly became one of the most widely mentioned targets on dark-web forums where criminals gather shortly after it was created last March. Read more.

The Threat of Fake Content Generated from Laptops Stolen During Capitol Occupation Could Have Long-Term Implications

An article on http://lawfareblog.com noted that cybersecurity issues raised by the loss of physical control in the U.S. Capitol during the occupation may have long-term implications. Laptops that were stolen during the occupation of the Capitol are now in the hands of adversarial threat actors who are now in a position to create messages or files containing any kind of content and then claim that they were retrieved from one of these devices. Such faked content released to the public could sow additional confusion and create endless problems for the owners of the devices. Read more.