Category Archives: congress

Lawmakers call for action following revelations that APT28 posed as ISIS online

Posted on by

The world got a fresh reminder Tuesday of the difficulties associated with assigning blame for hacking – and of the consequences when a case of mistaken identity takes hold. New evidence reinforces the notion that a group dubbed the CyberCaliphate, which sent death threats to the wives of U.S. military personnel in 2015 under the banner of the Islamic State, is actually an infamous Russian-government-linked hacking group accused of meddling in the 2016 U.S. presidential election, the Associated Press reported. Activity from the CyberCaliphate coincided with attempts by the Russian group, known as APT28 or Fancy Bear, to breach the womens’ email accounts, according to the Associated Press. The episode brings to life established links between the CyberCaliphate and APT28 in a way that no cybersecurity research did. The hacking victims were led to believe that jihadists, and not state-backed Russians, were breaching their accounts and leaving threatening messages. Amy […]

The post Lawmakers call for action following revelations that APT28 posed as ISIS online appeared first on Cyberscoop.

Continue reading Lawmakers call for action following revelations that APT28 posed as ISIS online

Ruppersberger calls for DHS to improve threat-sharing, warns of nation-state hacking tools

Posted on by

As the Department of Homeland Security prepares a new cybersecurity strategy, a report released Monday by Rep. Dutch Ruppersberger, D-Md., called on the department to improve its information-sharing program and warned of the threat posed by nation-state hacking tools to federal networks. Talk of making cyberthreat sharing real-time and robust has “gone on far too long,” and U.S. networks “can no longer rely solely on reactive, indicator-based sharing programs” to defend against hacking, stated the report to the House Appropriations Subcommittee on Homeland Security. DHS has worked to quicken the pace at which it shares threat information with the private sector via the Automated Indicator Sharing program. Homeland Security Secretary Kirstjen Nielsen last week touted the program in testimony to the House Homeland Security Committee. “We’re encouraging more and more companies and entities to [participate in the program] so, at machine speed, we can advise them of incoming threat vectors,” […]

The post Ruppersberger calls for DHS to improve threat-sharing, warns of nation-state hacking tools appeared first on Cyberscoop.

Continue reading Ruppersberger calls for DHS to improve threat-sharing, warns of nation-state hacking tools

Regulators tightening controls on devices connecting to utility company networks

Posted on by

U.S. regulators are cracking down on the cybersecurity risks to the electric grid posed by everyday electronics like laptops and flash drives. A ruling issued last week by the Federal Energy Regulatory Commission requires utilities to implement security controls on portable devices that interact with “low-impact” systems, or ones that utilities deem less critical. FERC also ordered the revision of power reliability standards “to mitigate the risk of malicious code” stemming from the devices. The move comes as the Department of Homeland Security has warned that Russian government hackers have their sights on U.S. energy firms, and as Congress readies legislation to secure the grid. Observers say FERC’s tightening of security controls further down the grid could shake up how large portions of the sector approach cybersecurity. Daniel Skees, a lawyer who represents utilities before FERC, said the new ruling amounts to a “sea change” for utilities because it will […]

The post Regulators tightening controls on devices connecting to utility company networks appeared first on Cyberscoop.

Continue reading Regulators tightening controls on devices connecting to utility company networks

The NSA now officially has a new chief

Posted on by

Gen. Paul Nakasone, an experienced military leader with a unique background in cyber-operations and intelligence gathering, has been approved to take over the National Security Agency and U.S. Cyber Command. The Senate confirmed Nakasone, who currently leads Army Cyber Command, by voice vote Tuesday morning. The promotion was expected for months and faced little opposition, but like most things in the Senate, it took some time to schedule. President Donald Trump nominated Nakasone for the job on Feb. 13. The previous NSA chief, Adm. Michael Rogers, is expected to officially retire soon after having served for four years at the top of the spy agency. During his tenure, the NSA attempted a massive reorganization effort known as “NSA21,” which combined certain components of the NSA’s defensive and offensive cyber teams for the first time. The current hierarchy, approved by Congress, prescribes that the leader of NSA is also simultaneously the head of U.S. Cyber Command, a still-nascent cyberwarfare […]

The post The NSA now officially has a new chief appeared first on Cyberscoop.

Continue reading The NSA now officially has a new chief

‘Orangeworm’ hacking campaign hits X-ray and MRI machines

Posted on by

Malware from a newly disclosed hacking campaign has infected the networks of multinational health care companies, including some X-ray and MRI machines, cybersecurity firm Symantec warned Monday. The hacking group, dubbed Orangeworm, has hit a relatively small number of companies in more than 20 countries, Symantec said in an advisory. Nearly 40 percent of Orangeworm’s victims are in the health care industry, the advisory said. Manufacturers and IT companies that do business in health care have also been infected. Orangeworm’s custom malware has shown up on machines that control “high-tech imaging devices such as X-ray and MRI machines,” Symantec said. The Orangeworm revelation adds to a slew of cybersecurity challenges, including ransomware, facing the health care sector. An Indiana hospital in January paid roughly $50,000 in bitcoin to hackers that held its computer system hostage. Congress has taken notice of the sector’s vulnerabilities. House lawmakers on Friday issued a request for information asking industry […]

The post ‘Orangeworm’ hacking campaign hits X-ray and MRI machines appeared first on Cyberscoop.

Continue reading ‘Orangeworm’ hacking campaign hits X-ray and MRI machines

Trump sends cyberwar strategy to Congress

Posted on by

President Donald Trump has sent a cyberwarfare policy to Congress that should outline how the administration will tackle some of the field’s most vexing issues – including launching hacking operations and deterring adversaries. Trump enclosed the document, which was not made public, in a letter Thursday to the House and Senate committees that oversee the departments of Defense, Homeland Security, Justice, and State. The fiscal 2018 National Defense Authorization Act tasked the White House with developing a “multi-prong” cybersecurity policy covering defensive and offensive operations. The policy should include measures to defend against “cyber activities that are carried out against infrastructure critical to the political integrity, economic security, and national security of the United States,” the NDAA states. The White House policy is one of several new cybersecurity measures mandated by the NDAA, including a requirement that the Pentagon more closely communicate with Congress on sensitive, military-led cyber-operations. The new […]

The post Trump sends cyberwar strategy to Congress appeared first on Cyberscoop.

Continue reading Trump sends cyberwar strategy to Congress

Myspace vs. Facebook: the good old days?

Posted on by

There’s a debate happening at the moment: Myspace vs. Facebook. Was it safer? Easier to use? More welcoming of sparkly gifs? We take a walk down memory lane and remind you that privacy and safety concerns plagued ye old social networks of yore.
Ca… Continue reading Myspace vs. Facebook: the good old days?