FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response

In 2022, the FBI is looking to approach cybercrime differently. During separate public appearances on Thursday, two FBI officials said the bureau was going to change up how it deals with computer intrusions. “The FBI specifically is moving away from an indictment- and arrest-first model into the totality of imposing costs on our adversaries, and we’re making tremendous progress there,” said Bryan Vorndran, assistant director of the FBI’s cyber division. “There is a right time for indictments and arrests and certainly one of our goals to take players off the field. But at the end of the day, we’re a team member first before we’re prioritizing our own authorities.” Vorndran, speaking at an event hosted by the Silverado Policy Accelerator, touted the FBI’s workforce around the country and the skills they can bring to bear. “That decentralized workforce is a huge strength for our government, especially given the FBI statutory […]

The post FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response appeared first on CyberScoop.

Continue reading FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response

FCC wants to revamp data breach laws for telecom carriers

The FCC is exploring updating data breach laws for telecom carriers, the agency announced Wednesday. “Current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information,” said FCC Chairwoman Jessica Rosenworcel. “But these rules need updating to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers.” One key change suggested in the proposal is eliminating the seven-business-day waiting period required of businesses before notifying customers of a breach. The proposed rule would also require carriers to report breaches to the FCC in addition to the FBI and U.S. Secret Service. Current FCC rules require that carriers over 5,000 or more customers notify the FCC of a data breach within seven days of discovery, while breaches affecting fewer than 5,000 customers must be reported no later than 30 days. The FCC proposal aims to “align the Commission’s rules […]

The post FCC wants to revamp data breach laws for telecom carriers appeared first on CyberScoop.

Continue reading FCC wants to revamp data breach laws for telecom carriers

A former top US election official urges sweeping security improvements, warning ‘democracy is in trouble’

The Cybersecurity and Infrastructure Security Agency’s former lead election security official is recommending comprehensive changes to protect the ballot in future elections, from physical safety upgrades for election workers and federal agency revamps to mandated disclosure of cyber incidents. A report published Thursday from former CISA election adviser Matt Masterson, who now works for Stanford’s Internet Observatory Cyber Policy Center, is a response to the complications that surrounded the 2020 elections. Namely, 2020 was marred by misinformation that undermined public faith in elections, inconsistent funding to mitigate IT vulnerabilities and threats against election officials, the report concludes. The battle over the 2020 presidential race rages on, with the GOP pushing partisan election reviews in several states despite numerous recounts that concluded with Joe Biden as the victor. “Our democracy is in trouble,” Masterson told CyberScoop. “We are in a downward spiral of distrust of the process. If we don’t make […]

The post A former top US election official urges sweeping security improvements, warning ‘democracy is in trouble’ appeared first on CyberScoop.

Continue reading A former top US election official urges sweeping security improvements, warning ‘democracy is in trouble’

US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking

U.S. officials unveiled a suite of cybersecurity initiatives Wednesday, from cracking down on illicit cryptocurrency usages to increasing transparency about data breaches, as part of an ongoing White House effort to slow rampant cybercrime. The Justice Department signaled it will increase its focus on illicit use of virtual money, which is frequently used in ransomware attacks, and move to punish federal contractors that hide security incidents. In a separate plan, the Transportation Security Administration this year will require top air and rail transportation companies to report cyberattacks to the government, name an internal cyber chief capable of corresponding about cyber incidents and develop a plan for recovering from attacks. Deputy Attorney General Lisa Monaco unveiled two initiatives: a national cryptocurrency enforcement team and a civil cyber fraud initiative. Ransomware and cryptocurrency are “inexorably linked” because of the anonymity that cryptocurrency payments help afford, Monaco said at the Aspen Cyber Summit. […]

The post US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking appeared first on CyberScoop.

Continue reading US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking