Tim Starks – Page 49 – WindowsTechs.com

Two cyber insurance industry initiatives grapple with rise of ransomware

Posted on July 6, 2021 by Tim Starks

Twice in the past few weeks, insurers have joined together in response to the spiraling ransomware attacks that have rocked their industry. In mid-June, seven top insurance companies formed CyberAcuView, a company to combine their data collection and analysis powers in a bid to strengthen risk mitigation in the cyber insurance industry. The chief executive officer of CyberAcuView told CyberScoop that ransomware was one of the factors that drove creation of the company. Then, last week, the American Property Casualty Insurance Association (APCIA) released its guiding principles on cyber extortion and ransomware, including its views on regulation. Both are signs of the cyber insurance world trying to wrap its arms around ransomware, a phenomenon that is leading to costlier payouts, prompting insurers to demand security improvements from policyholders and in some cases driving companies to step back from what they’re willing to cover. For instance, the annual growth rate in […]

The post Two cyber insurance industry initiatives grapple with rise of ransomware appeared first on CyberScoop.

Continue reading Two cyber insurance industry initiatives grapple with rise of ransomware→

Kaseya says up to 1,500 victims affected by ransomware, as Biden directs ‘full resources’ to investigate

Posted on July 6, 2021 by Tim Starks

One of the largest mass ransomware attacks ever has compromised up to 1,500 businesses, according to a Tuesday update from the Florida IT company Kaseya, which the hackers used to spread their malicious software. The self-proclaimed culprit of the Friday outbreak, the Russia-based ransomware gang REvil, is seeking $70 million in cryptocurrency collectively from what it says are actually more than 1 million victims to unlock affected systems, reportedly ranging from Swedish supermarket chains to New Zealand kindergartens that were closed or knocked offline. It’s the latest of three recent huge ransomware incidents to draw White House attention, with President Joe Biden over the weekend directing “the full resources of the government to investigate this incident,” according to a statement by Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger. Unlike the last two major incidents that affected single victims in fuel transporter Colonial Pipeline and meat supplier […]

The post Kaseya says up to 1,500 victims affected by ransomware, as Biden directs ‘full resources’ to investigate appeared first on CyberScoop.

Continue reading Kaseya says up to 1,500 victims affected by ransomware, as Biden directs ‘full resources’ to investigate→

DHS hails cybersecurity hiring blitz that puts dent in thousands of vacancies

Posted on July 2, 2021 by Tim Starks

The Department of Homeland Security is touting its “most successful cybersecurity hiring initiative” ever after bringing on nearly 300 pros, with job offers extended to 500 more. It’s a figure significantly higher than the goal of 200 hires established under a two-month “Cybersecurity Workforce Sprint.” But it’s also still just a dent, going 12% of the way toward filling the more than 2,000 vacancies, by DHS’s own accounting. “DHS is dedicating significant energy toward exceeding our cybersecurity hiring goal by recruiting talented experts, investing in diverse talent pipelines, and ensuring equitable access to professional development opportunities at every level,” DHS Secretary Alejandro Mayorkas said in a news release late Thursday. “While I am proud of the progress we have made to date, we still have more work to do.” It’s been a long, slow climb for DHS to bring on cyber personnel, but the “sprint” is the latest sign of […]

The post DHS hails cybersecurity hiring blitz that puts dent in thousands of vacancies appeared first on CyberScoop.

Continue reading DHS hails cybersecurity hiring blitz that puts dent in thousands of vacancies→

US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets

Posted on July 1, 2021 by Tim Starks

For two years, Russian military hackers have been bombarding hundreds of targets worldwide with passwords to gain access to their networks, making use of a popular open-source tool for managing application workloads, U.S. and U.K. agencies warned in an advisory Thursday. The Russian agency deploys a Kubernetes cluster — a set of worker machines — to conduct their brute force “password spray” attacks that guess commonly-used passwords to get into target networks, according to the advisory from the National Security Agency, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the U.K.’s National Cyber Security Centre. It’s the alleged handiwork of Russia’s General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, military unit 26165. The hackers, often described as Fancy Bear or APT28, have beeen blamed for a number of high profile intrustions, most prominently for interference in the 2016 U.S. presidential election. The […]

The post US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets appeared first on CyberScoop.

Continue reading US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets→

White House weighs cracking down on secret ransomware payments, pursuing hackers

Posted on June 29, 2021 by Tim Starks

Going on offense against attackers and penetrating the secrecy surrounding attacks are two ways the Biden administration is pondering to tackle ransomware, a top White House official said on Tuesday. Anne Neuberger, the deputy national security adviser, said that that a joint FBI, U.S. Cyber Command and private sector effort to cripple the Trickbot botnet, a hacking tool that U.S. officials had feared would disrupt 2020 election season, should be the kind of operation used to tackle ransomware gangs in the future. “Certainly that serves as a model to say where we identify actors and infrastructure that are used … to conduct ransomware attacks, we want to ensure that we make it a lot harder for those actors to operate,” Neuberger said at an event hosted by the Silverado Policy Accelerator, a nonprofit think tank. In advance of the 2020 election, Cyber Command and Microsoft led missions to weaken Trickbot, […]

The post White House weighs cracking down on secret ransomware payments, pursuing hackers appeared first on CyberScoop.

Continue reading White House weighs cracking down on secret ransomware payments, pursuing hackers→

Ransomware group ‘Hades’ claims more victims as investigators seek answers

Posted on June 29, 2021 by Tim Starks

A ransomware group that targets billion-dollar companies — but that has stubbornly defied attribution consensus among cybersecurity researchers — has claimed at least seven victims since its discovery late last year. What’s more, it has taken additional steps in an apparent bid to baffle investigators who have tried to pin down who, exactly, the operators are, according to Accenture Security research released Tuesday. The update on the operators of the self-proclaimed Hades ransomware variant adds to its mystery as much as it subtracts from it. Accenture said it “is not yet able to confidently make attribution claims,” though other researchers have variously described Hades as a new group, suggested it is connected to a wel known Russian ransomware gang, or linked the Hades activity to a Chinese nation-state hacking outfit thought to be behind this year’s Microsoft Exchange Server attack. What Accenture says it knows is this: First, the Hades […]

The post Ransomware group ‘Hades’ claims more victims as investigators seek answers appeared first on CyberScoop.

Continue reading Ransomware group ‘Hades’ claims more victims as investigators seek answers→

A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill

Posted on June 22, 2021 by Tim Starks

The notion of writing more cybersecurity regulations is gaining traction following the Colonial Pipeline and JBS ransomware incidents, after decades of a largely hands-off approach to private sector-owned critical infrastructure. Top Biden administration team picks have testified about how voluntary standards aren’t getting the job done, and some in Congress have indicated their patience is waning with letting industry go it alone. Enter a proposal that some lawmakers and the Cyberspace Solarium Commission that they say strikes a middle ground between the new zeal for hard rules and the tradition of non-regulation in cyberspace: “systemically important critical infrastructure.” Also known as SICI, it’s an idea that involves labeling hacking targets that are most likely to cause economic, public health or national security disruptions if attacked, then offering the owners of that infrastructure a mixture of government boons in exchange for meeting baseline cybersecurity standards. But even as something of a […]

The post A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill appeared first on CyberScoop.

Continue reading A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill→

Senate bill proposes requiring cyber incident notification to feds within 24 hours

Posted on June 17, 2021 by Tim Starks

Senate Intelligence Chairman Mark Warner is sharing draft bipartisan legislation that would require critical infrastructure owners, cybersecurity incident response firms and federal contractors to report cyber intrusions to the Homeland Security Department within 24 hours. It’s one of the earliest bills to respond a spate of attacks that began with the SolarWinds breach and continued on through the Microsoft Exchange hack and ransomware incidents at Colonial Pipeline and meat supplier JBS. It won’t be the last, either in the House or Senate. Warner has been pushing the idea for months. At a February hearing of Warner’s committee the Virginia Democrat, other senators and witnesses from SolarWinds, Microsoft and FireEye discussed the thought Warner had been floating. The fear was that if FireEye hadn’t voluntarily disclosed that it was a victim of the SolarWinds supply chain hack that compromised nine federal agencies and many technology companies, the damage would’ve been more severe. […]

The post Senate bill proposes requiring cyber incident notification to feds within 24 hours appeared first on CyberScoop.

Continue reading Senate bill proposes requiring cyber incident notification to feds within 24 hours→

SEC settles with First American over massive data leak for nearly $500,000

Posted on June 15, 2021 by Tim Starks

The Securities and Exchange Commission announced Tuesday that it has settled charges with First American Financial over its 2019 leak of sensitive customer information that exposed more than 800 million document images. Under the terms of the deal, the heavyweight real estate title insurance company will pay a $487,616 fine. The SEC had charged the company with inadequately disclosing the cybersecurity vulnerability that exposed the information. The digitized records included things like Social Security numbers and bank account statements. First American first made public statements about the vulnerability in May 2019 but the company’s information security personnel had first spotted it in January, and according to the SEC they didn’t fix it and failed to notify company brass. “As a result of First American’s deficient disclosure controls, senior management was completely unaware of this vulnerability and the company’s failure to remediate it,” said Kristina Littman, chief of the SEC Enforcement […]

The post SEC settles with First American over massive data leak for nearly $500,000 appeared first on CyberScoop.

Continue reading SEC settles with First American over massive data leak for nearly $500,000→

Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order

Posted on June 15, 2021 by Tim Starks

At 34 pages, President Joe Biden’s May executive order on cybersecurity is lengthier than many such White House directives. It’s going to keep federal agencies busy for a long time implementing a host of protective measures, but one might prove a heavier burden, according to Federal Chief Information Security Officer Chris DeRusha. The executive order establishes cybersecurity event log requirements for agencies, meant to improve the government’s ability to investigate and clean-up attacks. “To do monitoring and understand what activity is occurring or has occurred on your network, that’s a huge multi-year exercise that each agency’s going to have to undertake,” DeRusha said during an interview that aired Tuesday as part of CyberTalks, a summit presented by CyberScoop. But it’s a very important part of the order, he said. “When you think about it it’s really a key pillar of … cyber hygiene,” said DeRusha. Under the order, the Homeland […]

The post Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order appeared first on CyberScoop.

Continue reading Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order→