DOJ sues Georgia Tech over allegedly failing to meet cyber requirements for DOD contracts

The suit relies on a Civil War-era law that DOJ has increasingly turned to for cyber cases.

The post DOJ sues Georgia Tech over allegedly failing to meet cyber requirements for DOD contracts appeared first on CyberScoop.

Continue reading DOJ sues Georgia Tech over allegedly failing to meet cyber requirements for DOD contracts

CISA advisory panel wants agency to act on election disinformation, multifactor authentication

CISA’s director has 90 days to respond to the suggestions.

The post CISA advisory panel wants agency to act on election disinformation, multifactor authentication appeared first on CyberScoop.

Continue reading CISA advisory panel wants agency to act on election disinformation, multifactor authentication

US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking

U.S. officials unveiled a suite of cybersecurity initiatives Wednesday, from cracking down on illicit cryptocurrency usages to increasing transparency about data breaches, as part of an ongoing White House effort to slow rampant cybercrime. The Justice Department signaled it will increase its focus on illicit use of virtual money, which is frequently used in ransomware attacks, and move to punish federal contractors that hide security incidents. In a separate plan, the Transportation Security Administration this year will require top air and rail transportation companies to report cyberattacks to the government, name an internal cyber chief capable of corresponding about cyber incidents and develop a plan for recovering from attacks. Deputy Attorney General Lisa Monaco unveiled two initiatives: a national cryptocurrency enforcement team and a civil cyber fraud initiative. Ransomware and cryptocurrency are “inexorably linked” because of the anonymity that cryptocurrency payments help afford, Monaco said at the Aspen Cyber Summit. […]

The post US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking appeared first on CyberScoop.

Continue reading US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking

Oyster snaps up $20M for its HR platform aimed at distributed workforces

The growth of remote working and managing workforces that are distributed well beyond the confines of a centralized physical office — or even a single country — have put a spotlight on the human resources technology that organizations use to help manage those people. Today, one of the HR startups that’s been seeing a surge […] Continue reading Oyster snaps up $20M for its HR platform aimed at distributed workforces

Cyber Awareness Training a Must for Third-Party Contractors

Many, if not most, organizations rely on outside contractors. But most may not know the threat they can pose to your network and data. According to new research from ISN, only 23% of contractors reported they require cybersecurity awareness training a… Continue reading Cyber Awareness Training a Must for Third-Party Contractors

A Department of Defense bulletin on a ‘leaking’ sinkhole has baffled cybersecurity experts

In mid-April, an obscure agency housed under the Department of Defense issued a bulletin that a little-known, Chinese-linked hacking group is likely responsible for some suspicious activity aimed at defense contractors in the U.S. But how the Defense Counterintelligence and Security Agency (DCSA) came to that conclusion is complicated. The alert, sent to 38 contractors, says DCSA detected the group was making “inbound and outbound connections” with contractors’ facilities as of Feb. 1. The targeting, which appeared to have stopped by March 25, was directed at several critical infrastructure sectors, including aerospace, health care and maritime, according to a copy of the bulletin obtained by CyberScoop. A DCSA official tells CyberScoop the document was meant to raise awareness among the contractors, but numerous sources tell CyberScoop that it is more confusing than clarifying. The bulletin, which was first reported by Politico, has raised questions about the attributed hacking group and if the actions described […]

The post A Department of Defense bulletin on a ‘leaking’ sinkhole has baffled cybersecurity experts appeared first on CyberScoop.

Continue reading A Department of Defense bulletin on a ‘leaking’ sinkhole has baffled cybersecurity experts

‘It’s going to be painful’: Pentagon official urges contractors to improve cybersecurity

A politician-turned-defense official who is trying to shake up the acquisition bureaucracy in the U.S. Department of Defense told contractors they need to better prioritize security in order to do business with the Pentagon, and stifle foreign theft of defense secrets. “This is a change of culture,” Katie Arrington, chief information security officer of the Pentagon’s acquisition policy office, said Wednesday. “It’s going to take time, it’s going to be painful, and it’s going to cost money.” Arrington, who joined the Office of the Undersecretary of Defense for Acquisition and Sustainment in January, is spearheading the development of new cybersecurity standards for contractors. Last month, defense officials unveiled a draft of the guidelines, known as the Cybersecurity Maturity Model Certification. The standards will require contractors of all sizes to have a baseline level of cybersecurity practices in order to, for example, prevent adversaries from exfiltrating their intellectual property. Companies holding more sensitive defense data will need to […]

The post ‘It’s going to be painful’: Pentagon official urges contractors to improve cybersecurity appeared first on CyberScoop.

Continue reading ‘It’s going to be painful’: Pentagon official urges contractors to improve cybersecurity

Hacked government contractor shares breach details as investigation continues

The president of a hacked U.S. government contractor says a recent breach has cost his company $500,000 to $1 million in what he deemed a “learning experience” that should be shared with other organizations to raise their network defenses. “It could happen to anyone,” Sandesh Sharda, president of Arlington, Virginia-based Miracle Systems, told CyberScoop. “We keep hearing about all these hacks all the time, whether it’s Baltimore, whether it’s Texas, whether it’s Capital One, commercial or government. This is not going to go away…How we prepare our industry for these kinds of hacks is [what’s] most important.” It’s been a month since Miracle Systems, which provides IT, engineering and other services to more than 20 federal agencies, learned that its internal server had been breached. On at least one cybercriminal forum, a hacker or hackers has advertised access to internal company data, as journalist Brian Krebs reported. Sharda downplayed the breach, […]

The post Hacked government contractor shares breach details as investigation continues appeared first on CyberScoop.

Continue reading Hacked government contractor shares breach details as investigation continues