Cybersecurity Saturday

David ErmerCybersecurity

From the Capitol Hill front, we learn from Cyberscoop that

  • Last Monday, September 20, nine Senate Democrats wrote a letter to the Federal Trade Commission urging the agency to adopt stronger rules cracking down on privacy violations and data breaches.
  • “The Department of Homeland Security’s cyber division, a key government agency charged with helping stop and respond to cyberattacks, might be getting ready for a bigger role in the spotlight. * * * Both chambers of Congress are contemplating legislation that would make CISA the hub where vital companies would report major cybersecurity incidents, following the string of monumental cyberattacks that began with the SolarWinds breach in December.” The article also discusses a planned large infusion of federal funding to CISA.
  • “The head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency testified at a Senate hearing Thursday [September 23] in favor of requiring critical infrastructure owners and operators, federal contractors and agencies to report attacks to CISA within 24 hours of detection. * * * At Thursday’s hearing, Easterly further advocated for CISA and the Justice Department to decide what kinds of companies would have to meet the reporting requirements, rather than writing them specifically into the bill. She also advocated fines, rather than subpoenas, to compel companies to obey the reporting requirements. * * * National Cyber Director Chris Inglis, testifying at the same hearing, said he agreed with Easterly’s preferences.”

From the guidance front

  • On September 21, CISA laid out cybersecurity goals and objectives for critical infrastructure owners. “[W]hile all of the goals outlined in this document are foundational activities for effective risk management, they represent high-level cybersecurity best practices.”
  • On the same day, the HHS Office for Civil Rights which enforces the HIPAA Privacy and Security Rules posted a list of ransomware resources for HIPAA covered entities.
  • Security Week offers an interesting article on working securely from anywhere with Zero Trust.

From the ransomware front

  • A federal government cybersecurity alert was issued on September 22 about Conti ransomware. “CISA, FBI, and NSA encourage network defenders to examine their current cybersecurity posture and apply the recommended mitigations in the joint CSA, which include:  
  • Updating your operating system and software, 
  • Requiring multi-factor authentication, and  
  • Implementing network segmentation.
  • Last but not least here is a link to current Bleeping Computer post on the Week in Ransomware.

This week’s biggest news is the USA sanctioning a crypto exchange used by ransomware gangs to convert cryptocurrency into fiat currency. By targeting rogue exchanges, the US government is hoping to disrupt ransomware’s payment system.

This other interesting news this week is a list of vulnerabilities commonly used by ransomware gangs and how the REvil operators reportedly use their operator key to hijack negotiations from affiliates.