Bennie Thompson – WindowsTechs.com

Congress pummels Colonial Pipeline CEO over government coordination after disruptive ransomware incident

Posted on June 9, 2021 by Tim Starks

Lawmakers repeatedly challenged Colonial Pipeline CEO Joseph Blount on Wednesday about the steps it took to work with the government after a May ransomware attack, often suggesting the company fell short. A long string of House Homeland Security Committee members questioned Blount about his assertion that Colonial had not, as reported, refused voluntary Transportation Security Administration cybersecurity reviews. Instead, the company delayed them due to COVID-19 restrictions and a physical move to a new building, he said. “Delaying these assessments for so long amounts to declining them, sir,” said Rep. Bonnie Watson Coleman, D-N.J., citing communications that began in March of 2020. “It raises serious questions,” she said, while noting that her information says that Colonial turned down even a virtual assessment offers before the ransomware attack that led to fuel delivery slowdowns last month. Colonial has now scheduled a TSA review for late July, Blount said. Blount’s answers about government […]

The post Congress pummels Colonial Pipeline CEO over government coordination after disruptive ransomware incident appeared first on CyberScoop.

Continue reading Congress pummels Colonial Pipeline CEO over government coordination after disruptive ransomware incident→

Lawmakers say Colonial Pipeline’s refusal to discuss ransom undermines US efforts

Posted on May 18, 2021 by Sean Lyngaas

U.S. lawmakers are demanding to know whether Colonial Pipeline paid a ransom to hackers who forced the company to shut down operations for days. Following a Monday briefing with Colonial Pipeline, the heads of the House Homeland Security and Oversight and Reform committees said the company’s refusal to share information on any ransom payment hindered their ability to craft legislation to address the ransomware problem. Bloomberg News reported that Colonial Pipeline, which says it supplies 45% of the fuel consumed on the East Coast, paid cybercriminals nearly $5 million to recover their computer systems. “We’re disappointed that the company refused to share any specific information regarding the reported payment of ransom during today’s briefing,” Democratic Reps. Bennie Thompson of Mississippi and Carolyn Maloney of New York said in a statement. “In order for Congress to legislate effectively on ransomware, we need this information.” When contacted by CyberScoop on Tuesday, a […]

The post Lawmakers say Colonial Pipeline’s refusal to discuss ransom undermines US efforts appeared first on CyberScoop.

Continue reading Lawmakers say Colonial Pipeline’s refusal to discuss ransom undermines US efforts→

After Colonial Pipeline hack, lawmakers want more action on pipeline security

Posted on May 12, 2021 by Sean Lyngaas

As a major fuel delivery operator gradually returns to service five days after suffering a ransomware attack, U.S. lawmakers are pressing federal agencies on what more they can do to secure the nation’s pipelines from hackers. The disruption at Colonial Pipeline, which operates 5,500 miles of pipelines and provides 45% of the fuel consumed on the East Coast, has renewed longstanding concerns that the lead agency for pipeline cybersecurity, the Transportation Security Administration, is ill-equipped to deal with the scale of security challenges in the sector. A multi-agency initiative to bolster pipeline cybersecurity begun in 2018 is a good start, but more can be done, critics say. “I have raised significant concerns with TSA’s focus on surface transportation, including pipelines, for years,” Rep. Jim Langevin, D-R.I., told CyberScoop. He pointed to a 2018 audit from the Government Accountability Office that found that TSA’s pipeline cybersecurity work was inadequate and lacked […]

The post After Colonial Pipeline hack, lawmakers want more action on pipeline security appeared first on CyberScoop.

Continue reading After Colonial Pipeline hack, lawmakers want more action on pipeline security→

Ex-government officials urge US to take action to avoid another SolarWinds-style hack

Posted on February 10, 2021 by Jeff Stone

The U.S. government requires dramatic updates to its current approach toward cybersecurity if Americans want to avoid the kind of cyber-espionage campaigns that have recently rocked the national security establishment, a panel of security practitioners told Congress Wednesday. During testimony in front of the House Homeland Security Committee, Gordon likened the state of data protection in the U.S. to the stock market crash of 1929, which triggered the Great Depression. The government responded to reckless behavior on Wall Street by creating oversight in the form of the U.S. Securities and Exchange Commission and requiring regular financial filings from publicly-listed companies. Recent events in cyberspace — such as an alleged Russian espionage campaign involving the federal contractor SolarWinds and a Feb. 5 hack at a Florida water treatment facility — are proof that the U.S. faces a similar moment of reckoning in 2021, Gordon said. “We need to stop pretending like […]

The post Ex-government officials urge US to take action to avoid another SolarWinds-style hack appeared first on CyberScoop.

Continue reading Ex-government officials urge US to take action to avoid another SolarWinds-style hack→

Voting Village brings equipment to lawmakers to boost urgency on election security

Posted on October 29, 2019 by Sean Lyngaas

A year from the 2020 election and with a new round of election security funding stalled in Congress, the DEF CON Voting Village organizers have again taken to Capitol Hill to raise awareness about software vulnerabilities in voting equipment. This time, they brought the equipment with them to drive home their point. “If we’re going to meaningfully introduce funding or introduce new technologies for 2020, time is rapidly running out to be able to do that,” Matt Blaze, a professor at Georgetown University and co-organizer of the Voting Village, told CyberScoop. “We need to act pretty fast.” A handful of House Democrats and their staffers sauntered up to equipment on display, including a ballot-marking device and an electronic voting machine, to ask the researchers about the software bugs they found. “This is really helpful in understanding that these aren’t just abstract problems, that these are real things,” Blaze, an expert […]

The post Voting Village brings equipment to lawmakers to boost urgency on election security appeared first on CyberScoop.

Continue reading Voting Village brings equipment to lawmakers to boost urgency on election security→

Shutdown erodes feds’ ability to set cyber strategies, say lawmaker and ex-DHS officials

Posted on January 24, 2019 by Sean Lyngaas

A top House lawmaker, along with former Department of Homeland Security officials, say the partial government shutdown is hampering federal officials’ ability to anticipate and proactively address cyberthreats. “We can kind of address things as they come, but we can’t look forward and do additional mitigation and other kinds of things that we normally do,” Rep. Bennie Thompson, D-Miss., told reporters Thursday at an event on Capitol Hill on the security implications of the shutdown. “So if somebody tells us about something or we identify it, we can go after it,” added Thompson, who is chairman of the Homeland Security Committee. “But we can’t plan for the next month or the next three months because we don’t have the capacity to do it with the shutdown.” Former DHS officials agreed that the partial shutdown, which began Dec. 22 and has 800,000 workers across all agencies furloughed or working without pay, […]

The post Shutdown erodes feds’ ability to set cyber strategies, say lawmaker and ex-DHS officials appeared first on CyberScoop.

Continue reading Shutdown erodes feds’ ability to set cyber strategies, say lawmaker and ex-DHS officials→

Democrats’ massive House bill to include election security measures

Posted on January 3, 2019 by Jeff Stone

House Democrats will include proposed cybersecurity measures in a massive bill due to be unveiled Friday as Congress begins a new session. The bill, H.R. 1, includes an array of legislation, such as a plan to force all presidential nominees to disclose their tax returns, new campaign finance rules and changes to sexual harassment law. Cybersecurity also is a major component, as reports indicate H.R. 1 will repurpose much of the language from the Elections Security Act, proposed last year by Rep. Bennie Thompson, D-Miss. H.R. 1, known as the “For the People Act,” also would require states to replace paperless voting systems, create grants to help states audit their election results, and force election system vendors to report data breaches, according to the Brennan Center. Last year’s version of the bill designated $1.7 billion for states to secure their voting technology and would have required the White House to […]

The post Democrats’ massive House bill to include election security measures appeared first on CyberScoop.

Continue reading Democrats’ massive House bill to include election security measures→

House panel rejects call for cyberthreat report on ZTE amid Trump deal

Posted on June 6, 2018 by Sean Lyngaas

On the heels of a reported U.S. deal with embattled Chinese telecom company ZTE, American lawmakers rejected a Democratic measure that would have directed the Department of Homeland Security to provide more information on any cybersecurity risks posed by the international tech company. The top Republican and Democrat on the House Homeland Security Committee sparred over the utility of the resolution, which would have tasked DHS with providing any documentation it has on cyber risks introduced by the use of ZTE products on federal, state and local government networks. The Republican-led panel voted 16-11 against the measure. Instead, lawmakers will get a classified briefing from officials at DHS, the FBI and the Defense Department on June 13 about the national security risks posed by ZTE and Huawei, another Chinese technology giant. Texas Republican Michael McCaul, the committee’s chairman, announced the briefing at a committee markup Wednesday on Capitol Hill. U.S. […]

The post House panel rejects call for cyberthreat report on ZTE amid Trump deal appeared first on Cyberscoop.

Continue reading House panel rejects call for cyberthreat report on ZTE amid Trump deal→

DHS unveils long-stalled cyber strategy

Posted on May 15, 2018 by Sean Lyngaas

The Department of Homeland Security on Tuesday released a long-awaited cybersecurity strategy that looks to more proactively tackle the agency’s mandate to protect critical infrastructure from cyberattacks. The department’s cybersecurity support for critical infrastructure operators must “focus on systemic risk or address risk at individual entities that have the greatest potential impact on national security, public health and safety, and economic security,” the strategy states. The document will chart DHS’s course in cyberspace over the next five years and is an effort to keep pace with a changing threat landscape, the department said. “Nation-states continue to present a considerable cyber threat,” the document states, “but non-state actors are emerging with capabilities that match those of sophisticated nation-states.” The five broad aims of the strategy are to better identify digital risks, reduce threats and vulnerabilities, mitigate the consequences of cyberattacks, and “enable cybersecurity outcomes” by making infrastructure more resilient and improving DHS […]

The post DHS unveils long-stalled cyber strategy appeared first on Cyberscoop.

Continue reading DHS unveils long-stalled cyber strategy→

Spooked by election hacking, states are moving to paper ballots

Posted on March 12, 2018 by Zaid Shoorbajee

Paper ballots may at first seem like an antiquated voting practice, but hacking fears are now pushing an increasing number of states toward a return to the basics. State legislatures and election directors are heeding warnings from Washington that hackers may tamper with electronic voting systems in the 2018 midterm elections. The U.S. intelligence community has said that Russian President Vladimir Putin launched a campaign to interfere with the 2016 presidential election and that the Kremlin will try to do so again. On the national level, lawmakers have made several attempts to push legislation aiming to strengthen election cybersecurity through grants to upgrade equipment and to increase cooperation between the federal government and lower jurisdictions. So far, no such legislation has passed either house in Congress. Amid all this national attention, a number of states have started to act on their own bolster the integrity of elections they run. With these […]

The post Spooked by election hacking, states are moving to paper ballots appeared first on Cyberscoop.

Continue reading Spooked by election hacking, states are moving to paper ballots→