Cyber Connections News Roundup: April 20

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

April 20

FIN7 Administrator Sentenced to Prison

According to a recent report on www.cyberscoop.com, a U.S. federal judge on April 16 sentenced Fedir Hladyr to 10 years in prison for his alleged role as an administrator of the multibillion-dollar cybercrime group known as FIN7, which has breached hundreds of U.S. firms. FIN7, one of the most formidable cybercriminal groups of recent history, allegedly siphoned off millions of credit card numbers from restaurant and hospitality chains in 47 U.S. states. Hladyr allegedly controlled an instant messaging service that the crime group used to upload stolen payment card data and screenshots from hacked financial firms. Read more.

Promoting Diversity Is Key to Closing the Jobs Gap

The shortage of cybersecurity professionals in the U.S., which is only expected to grow, according to a recent article on www.washingtonpost.com, has encouraged government officials to ramp up their efforts to address barriers surrounding diversity. In a recent speech Department of Homeland Security Secretary Alejandro Mayorkas said the agency plans to launch a diversity and workforce development initiative in the coming months. The plan includes equal access to professional development opportunities to fill the current half-million cyber vacancies across our country and to prevent future shortages that threaten our ability to compete. Read more.

Wind Energy Latest Concern Among Cybersecurity Experts

In a recent opinion piece on www.theepochtimes.com, Bonner Cohen, senior fellow at the National Center for Public Policy Research, warns that by announcing its intention to increase the dependence of the American energy grid on renewable sources such as wind, the Biden administration may also be increasing the threat of cyber attacks on infrastructure by random hackers and hostile governments such as Communist China. Cohen said that the more wind installations that come into service, the more cybersecurity challenges their integrated control systems and related technologies will pose. As tensions rise between the United States and China, a growing Chinese presence in the wind power industry could end up becoming a national cybersecurity threat. Read more.

Recent Annual Threat Assessment Report Pins SolarWinds Attack Squarely on Russia

The Office of the Director of National Intelligence released its Annual Threat Assessment on April 13. A recent article on www.cyberscoop.com breaks down that report, noting that the intelligence communitymade its most direct public attribution, yet that Russia perpetrated the SolarWinds attack in order to facilitate a sweeping espionage operation, impacting hundreds of companies and U.S. federal agencies. Specifically, and without directly naming SolarWinds, the report said that a Russian software supply chain operation against a US-based IT firm exposed approximately 18,000 customers worldwide, including enterprise networks across US Federal, state, and local governments. Under the Trump, the intelligence community had stated that the operation was “likely” Russian in origin. Read more.

Democrats Reintroduce IoT Bill

According to a recent article on www.msspalert.com, Democrats have reintroduced the Cyber Shield Act, a bill to legislate cybersecurity into Internet of Things (IoT) devices. The bill calls for a voluntary certification program that would allow manufacturers to verify their connected devices as hacker proof. The bill was first introduced in 2017 and again in 2019, with this latest attempt again sponsored by Senator Edward J. Markey (D-MA) and Congressman Ted Lieu (D-CA). The Act establishes cybersecurity benchmarks for IoT devices based on standards set by an advisory committee of cybersecurity experts from academia, industry, consumer groups, government and the public. Read more.

UMGC Cyber Experts Predict Rise in Attacks on Software, Cloud and Critical Infrastructure in the Year Ahead

In this end-of-the-year post we offer a reprint of our annual predictions and trends to watch out for in 2021, featured on the University of Maryland Global Campus Global Media Center back in November.  

UMGC Cyber Experts Predict Rise in Attacks on Software, Cloud and Critical Infrastructure in the Year Ahead

What a year 2020 has been. The Covid-19 pandemic has had an impact on our lives in so many ways—how we work, conduct business, socialize, learn and simply go about our daily routines. It also has affected the security of the workplace and individuals. We have seen a rise in phishing, ransomware and other types of malicious attacks due, in large part, to the dramatic increase in remote work and learning.

Meanwhile, the lead-up to the November 3 election exposed both the real—and imagined—vulnerabilities in the nation’s disparate voting systems. A citizenry that was already anxious about voting during a pandemic also had to sort through a tsunami of news stories questioning the legitimacy of election results and the accuracy and security of our voting process.

Will the cybersecurity concerns of 2020 carry over into the new year?

Here are the top six trends and predictions to watch for in 2021, according to University of Maryland Global Campus cybersecurity faculty experts Valorie King, program director for UMGC Cybersecurity Management and Policy; Bruce DeGrazia, collegiate professor, Cybersecurity Management and Policy; and James Robertson, program director for Cyber DevOps.

From Valorie King, program director, UMGC Cybersecurity Management and Policy

  • Attacks on Remote Workers: Phishing attacks, ransomware, and other types of malicious software-based attacks will create more havoc in the coming year as perpetrators shift their attack vectors and methods to focus on remote workers. Organizations will need to update their incident response plans and procedures to account for attacks against a dispersed workforce that is using an increasing variety of remotely connected and potentially vulnerable devices.
  • Demand for IT Support: In order to protect geographically dispersed IT assets and information as they defend against threats and attacks, organizations with remote workers will need to hire and train more IT technicians and IT help desk personnel who have advanced cybersecurity skills and knowledge. This trend will be fueled by the need to patch and maintain increasing numbers of laptops and other digital devices, the need to remotely install and maintain more software, and the need to set up and then deploy new computers, tablets, phones and other equipment to a remote workforce.

From Bruce DeGrazia, collegiate professor, Cybersecurity Management and Policy

  • State-Sponsored Cyberattacks: The Russians, Chinese, North Koreans and Iranians have already seen how effectively they can create chaos both through cyberattacks and disinformation campaigns. Expect to see further attempts at disruption as these countries test the incoming Biden administration.
  • Attacks on the Utility Infrastructure: We will see a rise in critical infrastructure attacks, particularly to the electrical grid, but also against alternative energy-generating industries as we continue to shift away from fossil fuels. These attacks will soon target alternative energy-generation facilities as they become more prevalent.

From James Robertson, program director for Cyber DevOps

  • Threats to Cloud Security: As more organizations move to the cloud, security issues resulting from poor or expedited implementations will result. Understanding the shared responsibility model—the responsibility for security is shared between the provider and the customer—is key in mitigating these issues.
  • AI Vulnerabilities: Increases in artificial intelligence/machine learning applications will cause an increase in vulnerabilities and weaknesses, including the ability to contaminate training pools, modify validation sets, and create AI systems that learn from previous successful attacks to expedite attacks on other hosts.