Cyber Connections News Roundup: October 19

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 19

Do Public-Private Cybersecurity Partnerships Really Work?

As University of Maryland Global Campus continues to recognize Cybersecurity Awareness Month, Bruce deGrazia, JD, CISSP, collegiate professor of cybersecurity management and policy at UMGC, examines the effectiveness of public-private partnerships to combat cybersecurity challenges. “A public-private partnership takes various forms, from the sharing of costs and profits, as occurs with a toll road, to the sharing of information between the private sector and the government without the fear of liability for antitrust,” said deGrazia. The question remains: Can these partnerships work in a competitive marketplace where cooperation is difficult, a trade secret might be revealed, or if a company might lose a strategic advantage? Read more.

Law Enforcement Community Warns of Cyber Attacks on Water Facilities

According to a recent article on www.cyberscoop.com and based on U.S. intelligence and law enforcement reports, ransomware attackers are targeting water and wastewater facilities. A cybersecurity advisory published on Oct. 14 from the FBI, the Cybersecurity Infrastructure and Security Agency, the Environmental Protection Agency and the National Security Agency noted incidents in five states between March of 2019 and August 2021, where systems were targeted by either ransomware attacks or other hacks.  The report noted that water facilities could be vulnerable to common tactics such as spear phishing, exploitation of outdated or unsupported operating systems and software, and the exploitation of control system devices with vulnerable firmware versions. Read more.

Biden Signs K-12 Cybersecurity Act, Bolsters Safeguards for Schools

On Oct. 8, President Biden signed into law the K-12 Cybersecurity Act, legislation that requires the Cybersecurity and Infrastructure Security Agency (CISA) to create cybersecurity recommendations and tools for schools to use to defend themselves against hackers. According to a recent article on www.thehill.com, the bipartisan bill lays the groundwork for better cybersecurity policies in our K-12 schools and stronger coordination between them and the experts at CISA. Read more.

TSA to Impose Cybersecurity Mandates for Rail Transit Systems

The federal government, through the Transportation Security Administration (TSA), will impose cybersecurity mandates on “higher-risk’’ railroad and rail transit systems this year, according to a recent article on www.washingtonpost.com. The move reflects a determination by the Biden administration to compel critical industries to improve their cybersecurity in the wake of damaging cyberattacks. The new mandates will apply to passenger rail companies such as Amtrak as well as large subway systems including New York’s and Washington’s. Read more.

Deep Fake Technology Results in $35 Million Bank Heist

A recent story on www.forbes.com chronicles the power and criminal potential of deep fake technology. In early 2020, cybercriminals cloned the voice of a company director in the United Arab Emirates (UAE) to steal as much as $35 million. The article describes how a bank manager in the UAE received a call from someone he recognized who was about to make some acquisitions and needed the bank to authorize transfers totaling $35 million. The bank manager made the transfers not realizing that deep voice technology had been used to clone the director’s speech. The UAE serves as a warning about the use of AI to create so-called deep fake images and voices  in cybercrime. Read more.

Cyber Connections News Roundup: October 5

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 5

October is Cybersecurity Awareness Month: Dispelling the Myths of Cyberbullying

Join University of Maryland Global Campus as we raise awareness about the importance of cybersecurity across all aspects of our lives and provide all Americans the resources they need to be safer and more secure online. In the last 15 years or so, a new menace has emerged that threatens to erode trust and destroy lives. Learn more from Richard White, adjunct professor of cybersecurity, about what you can do to identify and prevent cyberbullying. Read more.

U.S. to Meet with Thirty Countries to Discuss Growing Threat of Ransomware

According to a recent report on www.reuters.com, US national security advisers will gather officials from 30 countries this month to discuss the growing threat of ransomware. The goal of the new informal group, called the Counter-Ransomware Initiative, is to “bolster its diplomatic push that has included direct talks with Russia as well as the NATO alliance and Group of Seven (G7) wealthy nations.” It is not immediately clear which countries will participate and when these talks will take place. Read more.

New Maryland Law Aims to Promote Cybersecurity Oversight

Among several new laws in Maryland is SB049/HB038, which requires the secretary of information technology to advise the legislative and judicial branches of the state government on the condition of cybersecurity and ransomware software, with some exceptions. According to a recent article on www.baltimoresun.com, the bill was drawn up in response to a growing number of ransomware attacks, data breaches, and other cyberattacks in 2019 and 2020. Read more.

COVID-19 Vaccine Appointments Are Latest Attack Vector for Scammers

According to a recent article on www.cyberscoop.com, hackers are targeting American and Canadian victims with a malware strain that used coronavirus-themed messages to trick users into downloading software that collects their personal information. The scammers rely on SMS text messages focused on fictional COVID-19 regulations and vaccine information to trick recipients into clicking a link. That link triggers a malicious software – TangleBot – that infects a user device to collect call data, microphone and camera access and can be combined with other hacking tools to gather financial data. Read more.

Luxury Brand Neiman Marcus Discovers Data Breach Dating Back to May 2020

According to a recent report on https://threatpost.com, Dallas-based Neiman Marcus Group revealed that that the company was breached by an attacker back in May 2020. Neiman Marcus recently acknowledged it had just discovered the compromise, which included personal customer information like names, contact information, payment card information (without CVV codes), gift card numbers (without PINs), usernames, passwords and even security questions associated with online Neiman Marcus accounts. In total, Neiman Marcus, which also controls the brands Bergdorf Goodman, Neiman Marcus Last Call and Horchow, said 3.1 million cards were affected. Read more.

Cyber Connections News Roundup: September 21

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

September 21

Apple Emergency Security Updates Close Spyware Flaw

According to a recent report on www.nytimes.com, Apple has issued emergency software updates for a vulnerability in its products after security researchers uncovered a flaw that allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, iPad, Apple Watch or Mac computer. The spyware, called Pegasus, invisibly infected Apple devices without victims’ knowledge through a method known as “zero click remote exploit.” Apple has urged customers to run the latest software updates for the fixes to take effect, by installing iOS 14.8, MacOS 11.6 and WatchOS 7.6.2. Read more.

UN Calls for Human Rights Safeguards on AI

On Sept. 15, the United Nations’ top human rights official, Michelle Bachelet, called for a global moratorium on the sale and use of artificial intelligence systems that pose human rights concerns until safeguards are put in place. According to a recent article on www.cyberscoop.com, Bachelet pointed to several ways the technology is used in decision-making that can have life-altering consequences, including the rise in the use of facial recognition technology in policing and subsequent cases of false arrests. Read more.

HHS Issues Warning About BlackMatter Ransomware

According to a recent article on www.healthcareitnews.com, the Department of Health and Human Services’ (HHS) cybersecurity arm, the Health Sector Cybersecurity Coordination Center (HC3), recently released a warning about BlackMatter ransomware. BlackMatter claims that they would not attack hospitals. Still, HC3 cautioned that this claim may not be accurate. BlackMatter’s target countries include the US, India, Brazil, Chile and Thailand, and the list is growing. HC3 issued best practices to mitigate BlackMatter, including providing social engineering and phishing training to employees; keeping patches up to date; implementing spam filters at email gateways; and blocking suspicious IP addresses at firewalls. Read more.

Preventing Man-in-the-Middle Attacks Starts with Secure Wi-Fi

A recent article on www.cisomag.com offers a primer on n a man-in-the-middle (MITM) attacks and how to prevent them. MITM attacks, in which the perpetrator places himself in an ongoing communication or data transfer between an application/service and its user to spy or impersonate someone, focus mainly on stealing personal information like bank account numbers, credit/debit numbers, account login credentials, and other banking-related data. Common attacks occur as email hijacking, IP spoofing, session hijacking, DNS spoofing or Wi-Fi eavesdropping. Detecting and preventing MITM attacks start with avoiding public or insecure Wi-Fi connections while using ecommerce or banking websites. Read more.

Moody’s Tackles Cybersecurity Risks Through Investment in BitSight

Moody’s, the is the bond credit rating business of Moody’s Corporation, has announced that it is spending hundreds of millions of dollars to better evaluate the cybersecurity risks that face America’s largest corporations, according to a recent report on www.wtop.com. The company aims to assess the risks that ransomware and other digital threats pose to Fortune 500 firms and government agencies by investing $250 million in cybersecurity ratings company BitSight, which uses an algorithm to assess the likelihood that an organization will be breached. Read more.

Cyber Connections News Roundup: September 7

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

September 7

Microsoft and Google to Invest $30 Billion in Cybersecurity

According to a recent article on https://thehackernews.com, Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years. Microsoft will invest $20 billion over the next five years to deliver advanced security solutions, in addition to making available $150 million in technical services to help federal, state, and local governments with upgrading security protections. Google will invest over $10 billion to bolster cybersecurity, including expanding zero-trust programs, helping secure the software supply chain and enhancing open-source security. Read more.

New Federal Recruiting Program Aims to Fill Cybersecurity Positions

According to a recent article on www.thehill.com, the Biden administration on August 27 announced it was establishing a program to recruit and train people to serve in digital positions within the federal government and address issues related to the COVID-19 pandemic and cybersecurity concerns. Called the U.S. Digital Corps, the program will launch later this year as a two-year fellowship for 30 initial participants. Program participants will work at federal agencies during their two years, with initial host agencies including the General Services Administration (GSA), the Department of Veterans Affairs, the Centers for Medicare and Medicaid Services, and the Consumer Financial Protection Bureau. Read more.

Wiper Malware and Malicious AI Top List of Emerging Cyber Threats in US

A recent article on Yahoo!Finance !, Wiper malware as one of the top-five emerging cyber threats in the US. Wipers are a type of malware that can be even more destructive than ransomware because they are designed for the sole purpose of erasing data. Iran, for example, has been implicated in a series of wiper attacks against Israel recently. Additionally, the emerging field of artificial intelligence (AI) will lead to smarter and autonomous malware that can adapt to changing circumstances and learn how to improve its tactics to pull off more advanced attacks. Read more.

Recent McAfee Research Reveals Vulnerabilities in Infusion Pump Software

According to a recent report on www.cyberscoop.com, McAfee researchers have found multiple vulnerabilities in infusion pump software that a skilled hacker could use to alter a patient’s medication dose to a potentially unsafe level. The vulnerabilities were detected in equipment made by multinational vendor B. Braun that are used in pediatric and adult health care facilities in the US. While there are no reports of malicious exploitation of the flaws, the research illustrates the challenge of securing devices developed decades ago from today’s digital threats. The research comes with caveats, however. The attack scenario requires a hacker to first access the local network on which the devices run, and the infusion pumps must be on standby rather than in use. Medical professionals also monitor doses administered by infusion pumps and are trained to spot irregularities. Read more.

Stemming Ransomware Attacks By Modeling the Nonvirtual World

In a recent New York Times opinion piece, Paul Rosenzweig, an attorney and former Department of Homeland Security staffer, maintains that the way to stop ransomware attacks is to tackle the problem at its root – making it harder for criminals to profit from these attacks. And the US government can make it harder by more aggressively regulating cryptocurrencies and limiting their use as an anonymous payment system for unlawful purposes. In the physical world, kidnappings for ransom are unsuccessful because as soon as victims are exchanged for cash, the criminals put themselves at great risk of identification and capture. Adopting and enforcing regulations for the cryptocurrency industry that are equivalent to those that govern the traditional banking industry would be a start. Read more.

Cyber Connections News Roundup: August 24

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

August 24

The Private Sector’s Race to Space Poses Cybersecurity Risks

According to a recent article on www.forbes.com, projects like Blue Origin and SpaceX, in which private-sector innovators like Jeff Bezos and Elon Musk are aggressively pursuing space exploration, pose cybersecurity challenges. Making space technology infrastructure and communications secure will require innovative thinking and new partnerships. The main challenges arise from scale, distance and the criticality of systems and equipment functioning. For example, if a hacker penetrates earth-based systems and provides false information to a satellite, it could potentially take out major communications systems globally. Read more.

What Companies Are Getting Wrong About Hiring Cybersecurity Professionals

A recent article on www.zdnet.com examines why and how businesses often make mistakes when hiring cybersecurity professionals, which lead to difficulties recruiting and retaining IT security staff. Why are businesses struggling to fill vacancies when there’s a workforce available? Because businesses often don’t understand what they’re looking for, leading to mistakes when trying to hire. One reason, according to the article, is that the qualifications listed in cybersecurity job ads often exceed the experience necessary to perform the job. The article maintains that it’s possible to be highly qualified and highly experienced in cybersecurity without formal qualifications. Read more.

Recent T-Mobile Data Breach Sounds the Alarm for Stringent Notification Laws

According to a recent report on www.cyberscoop.com, T-Mobile announced last week that the total number of accounts that had data stolen in a recent hack has reached approximately 55 million individuals. That total includes an additional 5.3 million subscriber accounts that had addresses, names, dates of birth, and phone numbers accessed, according to the company. T-Mobile also found that the data of 667,000 more accounts of former T-Mobile customers, including their names, phone numbers, addresses and dates of birth, had been accessed. The breach, the fifth the company has suffered since 2018, has drawn the attention of lawmakers and fueled interest on the Hill for more aggressive privacy and data breach notification laws. Read more.

Cooperation Between IT and Business Owners Is Key to Combating Cyber Threats in Financial Sector

A recent article on www.forbes.com argues that deepening the level of cooperation between IT cybersecurity teams and business owners is essential to financial service firms. The responsibility for defending firms against these attacks falls to IT and cybersecurity teams, but they cannot succeed without buy in from the businesses units they serve. IT and security professionals must approach buy in strategically. The article offers three suggestions: Rather than ask for support, help business owners understand how the security platform can help differentiate their product offerings; speak in language they understand; and proactively engage business leaders. Read more.

Maryland DOT Awarded FEMA Port Security Grant to Enhance Cybersecurity

According to a recent press release from the City of Baltimore, the Maryland Department of Transportation Maryland Port Administration (MDOT MPA)  has been awarded $1.6 million in the most recent round of the Federal Emergency Management Agency’s (FEMA) Port Security Grant Program. The funding will help solidify cybersecurity and access control policies and initiatives at the Helen Delich Bentley Port of Baltimore’s state-owned, public marine terminals. Since 2005, the Port of Baltimore’s public terminals have received more than $20 million in the Port Security Grant Program. Over that period, the Port has significantly enhanced its security program by upgrading access control procedures, installing physical security fixtures, and strengthening closed-circuit television. Read more. News Roundup: August 10

Cyber Connections News Roundup: August 10

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

August 10

New Bipartisan Bill Sanctions Countries Involved in Ransomware

According to a recent report on www.thehill.com, Senate Intelligence Committee Vice Chairman Marco Rubio (R-Fla.) and Sen. Dianne Feinstein (D-Calif.) introduced legislation that would sanction countries involved in state-sponsored ransomware attacks. The Sanction and Stop Ransomware Act would impose penalties on nations deemed by the Secretary of State and the Director of National Intelligence to be a state sponsor of ransomware attacks. The legislation would require federal agencies, government contractors and owners and operators of critical infrastructure to report ransomware attacks within 24 hours. Read more.

Israeli Cybersecurity Firm Discovers Amazon Security Flaw

According to a recent article on www.timesofisrael.com, Israeli cybersecurity firm Check Point has uncovered a security flaw in Amazon software that left a door open for bad actors to take control of your Amazon Kindle and hack your Amazon account through an eBook. According to a proof-of-concept attacked developed by Check Point, a hacker could delete all books on the device and could steal the authentication token used to get into an Amazon account. Check Point disclosed the vulnerability to Amazon in February and the company had since closed the security gap in a firmware update in April. The firmware automatically installs to devices that are connected to the internet. Read more.

New CISA Center Aims to Take a Proactive Stance on Attacks

Cybersecurity and Infrastructure Security Director Jen Easterly announced the launch of a cyber defense center, according to a recent report on www.cyberscoop.com. The center aims to foster collaboration before cyberattacks, rather than afterward, between federal agencies, the private sector and state and local governments. The goal of the Joint Cyber Defense Collaborative (JCDC) is to enhance teamwork that often happens after a major incident. Read more.

Cyber Incidents Against K-12 Schools to Rise by 86 Percent

According to the nonprofit Center for Internet Security, the number of cybersecurity incidents aimed at K-12 school systems could jump by 86% in the coming academic year. According to an article on www.edscoop.com, the organization, which operates the Multi-State Information Sharing and Analysis Center, a threat intelligence and cybersecurity advisory operation serving state and local governments, expects that increase based on a rising trend of alerts it has been getting from its members in the academic sector. The projection includes a wide range of attack vectors, including phishing schemes that can lead to ransomware, data theft and other criminal activity. Read more.

Cyber.org Releases K-12 Cybersecurity Learning Standards

According to a recent article on www.hstoday.com, Cyber.org, an organization dedicated to ensuring that K-12 student gain foundational and technical cybersecurity knowledge and skills, has released a set of voluntary K-12 cybersecurity learning standards to be used in schools and districts around the country. As the first national effort to align cybersecurity learning criteria across all 50 states, the new standards will provide students with uniform cybersecurity learning opportunities at each grade level help them prepare for cybersecurity jobs of the future. Read more.

Cyber Connections News Roundup: July 27

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

July 27

Keeping the Tokyo Olympics Cyber Safe

Law enforcement and cyber defenders are sounding alarms about possible cybersecurity attacks from Russia or elsewhere hitting the Summer Olympics, according to a recent article on www.washingtonpost.com. The FBI recently warned about the possibility of such an attack, asserting that hackers could disrupt live broadcasts, knock ticketing and other digital systems offline, steal and release athletes’ and teams’ personal data or even lock up critical Olympics tech and hold it for ransom. The warning comes after Russian hackers targeted the past two Olympic Games, seemingly in retaliation after the International Olympic Committee barred Russian athletes from competing under their country’s flag after a humiliating doping investigation. Read more.

House Passes Bipartisan Cybersecurity Bill on the Heels of Major Attacks

On Tuesday, July 20, the House passed five bipartisan cybersecurity bills designed to enhance the nation’s cybersecurity following recent major cyberattacks. According to a recent report on www.thehill.com, the package, passed in a 319-105 vote, included measures to fund cybersecurity at the state and local level, bolster reporting requirements and test critical infrastructure. One bill, the State and Local Cybersecurity Act, would establish a grant program to provide $500 million annually to state and local governments over the next five years for cybersecurity needs. Another, the Cybersecurity Vulnerability Remediation Act, would improve the reporting of cybersecurity vulnerabilities. Other bills in the package address critical infrastructure readiness and bulk power system readiness among other issues. Read more.

Cyberattacks Are Looking for Unpatched Software According to Recent Research

A recent article on www.thehindubusinessline.com points to unpatched software vulnerabilities as the root cause of the current rise in cyberattacks. These attacks are looking for publicly disclosed vulnerabilities for which a security update is yet to be installed. According to a recent report by cybersecurity firm Barracuda, which analyzed data from the attacks blocked by their systems over the past two months, Barracuda researchers identified hundreds of thousands of automated scans and attacks per day, with the numbers sometimes spiking into the millions. The data also points towards thousands of scans per day for the recently patched Microsoft and VMware vulnerabilities. Read more.

Seven Recommendations to Prevent Ransomware Attacks

An article on www.forbes.com offers seven tips that companies can use to prevent ransomware attacks. The top three recommendations are as follows: Start with an audit so that you can understand where your security vulnerabilities lie. Second, make sure you have sufficient cyber professionals working for you who are adequately trained. Companies need reliable resources and a staff that is equipped to respond quickly to attacks. Smaller companies can turn to a managed security service providers (MSSP) for round the clock service. And third, make sure you have a recovery action plan in place. If you execute office fire drills, then do the same for a cybersecurity emergency. Read more.

Nearly Half of Education Institutions Were Ransomware Targets Last Year

A recent survey of education IT professionals published by cybersecurity firm Sophos found that nearly half of all education institutions globally were targeted by ransomware in 2020, with 58% of those saying that cyber criminals succeeded in encrypting their data. As reported on www.edscoop.com, the company asked 499 education IT professionals about their organizations’ exposure to ransomware, with 44% of respondents saying they had been hit last year. Sophos also found that 33% of the education officials it interviewed said they expected to be victims in the future; 22% said they weren’t hit in 2020 and don’t expect to fall victim. Read more.

Cyber Connections News Roundup: July 13

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

July 13

Cybersecurity Training Is in Need of an Upgrade

Traditional cybersecurity training generally relies on a 30- to 60-minute session of basic training once a year, enhanced with email reminders and other reminders. According to a recent article on www.securitymagazine.com, this form of static training doesn’t work, mainly because it lacks agility and relevancy. What’s needed is a shift to mobile devices, a daily or weekly cadence, team and department interactions, specific industry relevant content, and, most notably, microlearning — training that is remembered. Just like one doesn’t go to the gym once a year to keep muscles fit, the mind is a muscle. Just like exercise, training daily and in small doses optimally helps maintain and improve performance. Read more.  

With a Return to a Hybrid Work Model Comes an Increased Threat to Cloud Security

A growing body of research indicates that a shift to a hybrid working models isn’t set to end as the pandemic recedes, according to a recent article on www.techerati.com. Cloud-based technologies will play a central role in enabling this hybrid future. But cyber attackers also see the growing usage of cloud technologies as an opportunity, according to a recent report from Netskope, a security cloud provider, that found as cloud activity increased, so too has the threat from cyberattacks. Read more.

Shared Responsibility is Key to Medical Device Cybersecurity

Medical device connectivity has helped patient care at healthcare facilities and in the home, according to a recent report on www.healthcareitnews.com. At the same time, these devices represent network vulnerabilities. Dr. Suzanne B. Schwartz, director of the Office of Strategic Partnerships and Technology Innovation at the U.S. Food and Drug Administration, says it will take collective action to address such vulnerabilities. “It has to be through partnership through collaboration, through recognition that we all have different roles to play, different types of expertise, different responsibilities,” she said. For its part, the FDA has a public-private partnership under its critical infrastructure protection program, which in turn houses the Healthcare Sector Cybersecurity Council. Read more.

A Cybersecurity Audit – Explained

Cybersecurity audits, according to a recent article on https://fedtechmagazine.com, are about assessing compliance. They allow organizations to assess whether or not they have the proper security mechanisms in place while also making sure they are in compliance with relevant regulations. It should be noted that cybersecurity audits differ from cybersecurity risk assessments, which explore an organization’s IT security protections and its ability to remediate vulnerabilities. Cybersecurity audits, rather, act as a checklist that organizations can use to validate their security policies and procedures. Moreover, cybersecurity audits should be conducted by a third-party vendor to eliminate any conflicts of interest. Read more.

Biden Administration Tackles Ransomware, Considers Banning Secret Payments

According to a recent report on www.cyberscoop.com, Anne Neuberger, the deputy national security adviser, said that that a joint FBI, U.S. Cyber Command and private sector effort like the one used to cripple the Trickbot botnet hacking tool used to disrupt the 2020 election, is the type of operation needed to tackle ransomware gangs in the future. Speaking at an event hosted by the Silverado Policy Accelerator, a nonprofit think tank, Neuberger said that before law enforcement can go fully target ransomware gangs, the U.S. government needs more “visibility” into their activity. That includes considering whether to prohibit companies from keeping ransomware payments secret. Read more.

Cyber Connections News Roundup: June 29

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

June 29

Cyber Insurance May Be Hurting Efforts to Quell the Proliferation of Ransomware Attacks

A recent article on www.zdnet.com suggests that cyber insurance may be helping perpetuate ransomware. Designed to protect organizations against the fallout of cyberattacks, some critics argue that insurance encourages ransomware victims to simply pay the ransom demand that will then be covered by the insurers, rather than have adequate security to deter hackers in the first place. Insurers argue that it’s the customer that makes any decision to pay the ransom, not the insurer. A recent paper by UK-based defense think tank Royal United Services Institute (RUSI). this practice isn’t just encouraging cyber criminals, it’s also not sustainable for the cyber insurance industry. Read more.

Russian SolarWinds Hackers Are at it Again

State-sponsored Russian hackers compromised a Microsoft customer support representative’s account, leveraging that access to try to hack other customers, according to a recent report on www.cyberscoop.com. The same group, which Microsoft calls Nobelium and is known as APT 29 and Cozy Bear, is the primary suspect in the SolarWinds attack, a hack in which spies also breached nine U.S. federal agencies and scores of technology companies. The alleged Russian hackers used information-stealing malware to infect a customer support machine, then used data found on that device to target IT companies, government agencies and non-government organizations and think tanks. Targets were in 36 countries. Learn more.

Blackberry Transforms its Business to Focus on Cybersecurity

According to a recent report on www.msspalert.com, Blackberry has reorganized its software and services business around the two groups — specifically, the Internet of Things (IoT) and cybersecurity. The IoT business unit involves such BlackBerry technologies as QNX, IVY, Certicom, Jarvis and Radar. Meanwhile, the cybersecurity business unit spans BlackBerry’s Spark endpoint security and endpoint management product, UEM, as well as AtHoc, the critical event management software, and Secusmart, secure voice and text product. Read more.

Bipartisan Bill Introduced to Promote Cybersecurity Literacy

A bipartisan group of U.S. House members introduced legislation to establish a cybersecurity literacy and public awareness campaign. According to a report on www.channelfutures.com, U.S. Rep. Adam Kinzinger of Illinois leads the cybersecurity literacy initiative. U.S. representatives of both parties from Florida, California, Texas and Pennsylvania are co-sponsoring the bill, called the American Cybersecurity Literacy Act. The legislation would require the National Telecommunications and Information Administration (NTIA) to establish a cybersecurity literacy campaign to help promote understanding of how to stay safe online and prevent successful cyberattacks. It would also include lessons on how to identify malicious phishing emails, the need to change passwords often and use multifactor authentication (MFA) on sensitive accounts. Read more.

Embracing Neurodiversity Will Help Close the Cybersecurity Skills Gap

A recent article on www.techcrunch.com explains how embracing neurodiversity can help address the cybersecurity skills gap and strengthening your own security team by embracing different minds and perspectives. Neurodiversity is a concept that views the spectrum of neurological differences —ADHD, autism, dyslexia, Tourette’s and other cognitive and developmental disorders — as natural variations of the human brain. The article argues that to have a chance at closing the cybersecurity skills gap, we would benefit from people with a variety of different abilities and thought processes. For example, many people with autism are pattern thinkers and are highly detail-oriented. This allows someone in a threat-hunting position to find those subtle differences between malicious and non-malicious code and catch the threats that automated tools might miss. Read more.

Cyber Connections News Roundup: June 15

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

June 15

UMGC Ahead of the Field in Emerging Cyber Accounting Field

According to a recent article on the University of Maryland Global Campus Global Media Center, cybersecurity and IT experts are working alongside a new breed of accountants with the technological and financial training to assess risk and help combat cyber threats. “Public accountants have a huge volume of financial data that belongs to their clients,” said Dr. Sharon L. Levin, professor of accounting at University of Maryland Global Campus (UMGC). “If you are a management accountant, working for an individual company such as Apple, IBM or Target, you are responsible for implementing internal controls to protect corporate assets,” she added. “The skill set that accountants possess is a natural fit for cyber audits,” said Bruce deGrazia, professor of Cybersecurity Management and Policy at UMGC. Read more.

Inglis Closes in on Cyber Director Appointment

According to a recent report on www.washingtonpost.com, congress is close to confirming the Chris Inglis as the first-ever national cyber director. Inglis faced a confirmation hearing on June 11 before the Senate Homeland Security and Governmental Affairs Committee — the first step in what is likely to be an easy path to confirmation. If confirmed, he will be responsible for recovering from a massive Russian theft of data and a scourge of ransomware attacks against vital U.S. infrastructure. Inglis comes to the job after a nearly three-decade tenure at the National Security Agency, including as deputy director. Since leaving the NSA, he’s taught at the U.S. Naval Academy and served on the boards of FedEx and Huntington Bancshares. Read more.

Misinformation Now Poses a Threat to Cybersecurity

Warnings of misinformation are common on Facebook and Twitter, but now pose a new threat to scientific and technical fields such as cybersecurity, public safety, and medicine, according to an article on www.inputmag.com. There is growing concern that it is now possible for artificial intelligence systems to generate false information in critical fields like medicine and defense that is convincing enough to fool experts. For example, artificial intelligence models, called “transformers,” which help Google and other companies improve their search engines, can also generate false cybersecurity misinformation to cybersecurity experts for testing, thus fooling them. Read more.

U.S. Coast Guard to Create Cybersecurity Red Team

According to a recent article on www.fedtechmagazine.com, a Coast Guard official indicated that the service branch would create its first cybersecurity “red team” as part of its approach to IT security. In a red team exercise, the red team acts as an adversary attempting to identify and exploit potential weaknesses within the organization’s defenses by using sophisticated attack techniques. Additionally, according to the article, the Coast Guard is turning its cybersecurity “blue team” unit into a more holistic IT security outfit called the Cyber Operational Assessments Branch. The red team is being launched this summer. Read more.

Cybersecurity Needs a New Market Model

A recent article on www.techtarget.com makes a case for a new cybersecurity market model, one based on efficacy. The article argues that in a fast-paced cyber threat landscape, organizations often buy new technology solutions without being able to fully assess their efficacy and then must move on to new problems before they have a chance to optimize the new tools. A new model for acquiring cybersecurity tools based on efficacy will help buyers gain visibility into available technologies and base their purchasing decisions on detailed assessments of how well those technologies do what they’re supposed to do. Read more.