Tim Starks – Page 36 – WindowsTechs.com

Backbone is everything, don’t be owned by your infrastructure: Lessons from Ukraine for America

Posted on February 28, 2022 by Tim Starks

After weeks and months of saber-rattling, Russia has brutally invaded Ukraine. Bullying autocracies are reaching back and executing old playbooks — in this instance exceptionally audaciously — and around the globe they will be looking to see how allied democracies react and respond to Russia’s military aggression. For both attacker and defender, cyber domain will figure prominently. Indeed, it already has. Consider “intelligence preparation of the battlefield,” or IPB. It’s what military professionals do to scope the lay of the land — both physical and virtual — before taking on their target full bore. And it’s what Russia had been doing in and to Ukraine before launching fuller-scale operations. But in the case of Ukraine, the task of IPB was immeasurably simplified for Russia. Why? Because Russia — in its Soviet incarnation — was the source of Ukraine’s infrastructure. Postwar pipes for everything from water to telecommunications in Ukraine is […]

The post Backbone is everything, don’t be owned by your infrastructure: Lessons from Ukraine for America appeared first on CyberScoop.

Continue reading Backbone is everything, don’t be owned by your infrastructure: Lessons from Ukraine for America→

FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group

Posted on February 24, 2022 by Tim Starks

U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe. The joint alert points a finger at MuddyWater, which the U.S. government for the first time last month attributed directly to Tehran. In the latest warning, the government agencies said that they have observed MuddyWater on the move in Africa, Asia, Europe and North America since 2018. “MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” reads the alert. The bulletin is the joint work of the the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the U.S. Cyber Command Cyber National Mission Force and the U.K.’s National Cyber Security Centre. MuddyWater has a long history of allegedly spying on primarily […]

The post FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group appeared first on CyberScoop.

Continue reading FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group→

Another round of ‘wiper’ malware appears in Ukrainian networks

Posted on February 23, 2022 by Tim Starks

Security researchers detected new destructive malware spreading in Ukraine on Wednesday, following evidence of distributed denial-of-service disruptions for government agencies — both of which overlapped with the beginnings of a Russian invasion. ESET said the data-wiping malware was “installed on hundreds of machines in the country,” and there were signs that the attackers had been preparing for almost two months. Silas Cutler, principle reverse engineer and resident hacker at Stairwell, said that the wiper damages a system’s master boot record, which tells a machine how to start up. That’s similar to malware known as WhisperGate that was used in an attack in January in Ukraine. Symantec, too, observed the wiper in action, and confirmed to CyberScoop that it has seen it in Latvia as well. Juan-Andres Guerrero-Saade, principal threat researcher at SentinelOne, said the wiper appeared to be more dangerous than the malware uncovered in January. None of the researchers […]

The post Another round of ‘wiper’ malware appears in Ukrainian networks appeared first on CyberScoop.

Continue reading Another round of ‘wiper’ malware appears in Ukrainian networks→

National Cyber Director Chris Inglis calls for ‘new social contract’ to redistribute risk

Posted on February 22, 2022 by Tim Starks

Cyberspace needs a “new social contract” where “isolated individuals, small businesses and local governments” no longer shoulder “absurd levels of risk,” says a top U.S. cyber official. National Cyber Director Chris Inglis, writing in Foreign Affairs over the weekend with a senior adviser, said that the tech sector should make deeper investments in hardware and software security and the U.S. government should take a greater role in fostering digital defenses. “Those more capable of carrying the load — such as governments and large firms — must take on some of the burden, and collective, collaborative defense needs to replace atomized and divided efforts,” write Inglis and Harry Krejsa, the acting assistant national cyber director for strategy and research. “Until then, the problem will always look like someone else’s to solve.” Their overarching message about the need to improve private-public cooperation has been a refrain of cyber experts for decades. The […]

The post National Cyber Director Chris Inglis calls for ‘new social contract’ to redistribute risk appeared first on CyberScoop.

Continue reading National Cyber Director Chris Inglis calls for ‘new social contract’ to redistribute risk→

Ransomware spree hitting European oil, transport companies

Posted on February 4, 2022 by Tim Starks

European oil and transportation services have spent all week under attack by ransomware. The latest victim, aviation services company Swissport, announced Friday that ransomware struck part of its IT infrastructure, causing flight delays and knocking its website offline. The company said last month that in 2019, it fueled 2.3 million flights, and claims 2,000 employees at 40 airports across six countries. ⚠️ A part of #Swissport’s IT infrastructure was subject to a ransomware attack. The attack has been largely contained, and we are working actively to fully resolve the issue as quickly as possible. Swissport regrets any impact the incidence has had on our service delivery. — Swissport (@swissportNews) February 4, 2022 The announcement comes one day after reports of attacks on oil port terminals in Belgium and the Netherlands. Earlier this week, two German oil companies became ransomware victims as well, forcing one of the companies into operating at […]

The post Ransomware spree hitting European oil, transport companies appeared first on CyberScoop.

Continue reading Ransomware spree hitting European oil, transport companies→

State Department sounds alarm over Red Cross breach

Posted on February 3, 2022 by Tim Starks

The U.S. State Department said the hack of the International Committee of the Red Cross last month was a “dangerous development” that has harmed the organization’s family re-unification mission. The commentary from Foggy Bottom comes in response to a Jan. 19 announcement from the Red Cross that a cyberattack compromised personal data for more than half a million people from at least 60 Red Cross and associated Red Crescent national organizations across the globe. “Targeting the Red Cross and Red Crescent Movement’s sensitive and confidential data is a dangerous development,” said Ned Price, a spokesman for the State Department. “It has real consequences: this cyber incident has harmed the global humanitarian network’s ability to locate missing people and reconnect families. This is why it is so vital that humanitarian data be respected and only used for intended purposes.” Price also called on other nations to join the State Department and […]

The post State Department sounds alarm over Red Cross breach appeared first on CyberScoop.

Continue reading State Department sounds alarm over Red Cross breach→

DHS assembles Cyber Safety Review Board to imitate fed agency that studies aviation accidents

Posted on February 2, 2022 by Tim Starks

The Homeland Security Department is establishing a Cyber Safety Review Board that will convene after major cyber events to review and act on them, according to a Federal Register notice scheduled for publication Thursday. The Federal Register notice brings to fruition an idea long circulated among cybersecurity policymakers and thinkers, one set in motion by an executive order President Joe Biden signed in May 2021. The idea is to mimic the National Transportation Safety Board that reviews civil aviation accidents. The board (CSRB) will have no more than 20 members, with one each required from DHS, its Cybersecurity and Infrastructure Protection Agency, the Department of Justice, the National Security Agency and the FBI. The DHS undersecretary for strategy, policy and plans — a post held by Rob Silvers — will serve as the inaugural two-year chair. It will kick into effect when an incident prompts formation of a Cyber Unified […]

The post DHS assembles Cyber Safety Review Board to imitate fed agency that studies aviation accidents appeared first on CyberScoop.

Continue reading DHS assembles Cyber Safety Review Board to imitate fed agency that studies aviation accidents→

Voluntary Biden administration control system security initiative coming to water sector

Posted on January 27, 2022 by Tim Starks

The Biden administration announced Thursday it is extending a voluntary cybersecurity initiative for essential control systems in the electricity sector and pipelines to facilities that supply water across the U.S. Under the initiative, the administration is pushing participating water sector facilities to adopt detection technologies that would monitor cyber threats to industrial control systems (ICS), which automate processes such as the treatment, storage and distribution of water. It’s also urging them to more rapidly share threat data with the U.S. government. The 100-day plan will first aim to bring in larger facilities. The water sector, which includes what a senior administration official estimated at over 150,000 facilities that provide water to approximately 300 million Americans, has long been considered one of the most vulnerable in the U.S. to cyberattacks. A hack last February on a facility in Florida temporarily altered the plant’s sodium hydroxide setting to a level harmful to […]

The post Voluntary Biden administration control system security initiative coming to water sector appeared first on CyberScoop.

Continue reading Voluntary Biden administration control system security initiative coming to water sector→

Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency

Posted on January 26, 2022 by Tim Starks

Bob Kolasky, head of the National Risk Management Center at CISA, announced Tuesday that he is leaving the agency. Kolasky’s work with the NRMC since its formation in 2018 has put him in the middle of the federal effort to help critical infrastructure companies assess their cyber risk. He’s also been active in a lot of other agency business. He co-chairs the Information and Communications Technology Supply Chain Risk Management Task Force, leads CISA’s work on secure 5G network development, chairs the High-Level Risk Forum for the international Organisation for Economic Co-operation and Development and serves on the executive Committee for the Election Infrastructure Government Coordinating Council. Kolasky hasn’t announced his plans after leaving the center, nor has CISA named a successor. During his 15 years of government service, CISA Director Jen Easterly said, “Bob worked tirelessly to expand collaboration across state, local, tribal, and territorial governments and the private […]

The post Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency appeared first on CyberScoop.

Continue reading Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency→

SEC’s Gensler signals enhancement of cybersecurity, breach disclosure rules for financial sector

Posted on January 25, 2022 by Tim Starks

U.S. Securities and Exchange Commission Chairman Gary Gensler is exploring an expansion of the SEC’s core cybersecurity rules to cover a broader swath of entities and require public companies to improve disclosure of breaches and risks. Gensler said in a speech on Monday that he instructed staff to look into an update of the commission’s “Regulation Systems Compliance and Integrity,” or Reg SCI, which the SEC adopted in 2014. Staff will examine whether the regulation — under which trading organizations and others must take security steps like backing up data — should extend to include the largest market-makers and broker-dealers. Gensler also said he asked staff to consider recommendations on bolstering the financial sector’s cybersecurity hygiene and incident reporting, how customers and clients receive notifications of financial sector breaches and how public companies disclose cybersecurity practices and risks. And he wants staff to examine how to better address cyber risk […]

The post SEC’s Gensler signals enhancement of cybersecurity, breach disclosure rules for financial sector appeared first on CyberScoop.

Continue reading SEC’s Gensler signals enhancement of cybersecurity, breach disclosure rules for financial sector→