Task force unveils cyber recommendations for the next president

The 40-member panel has suggestions for whoever wins, from how to handle regulations to deterring malicious hackers.

The post Task force unveils cyber recommendations for the next president appeared first on CyberScoop.

Continue reading Task force unveils cyber recommendations for the next president

Election officials say U.S. Postal Service woes place election mail at risk

A letter from election officials in all 50 states and D.C. said the agency needed to take immediate action.

The post Election officials say U.S. Postal Service woes place election mail at risk appeared first on CyberScoop.

Continue reading Election officials say U.S. Postal Service woes place election mail at risk

Microsoft: Iran makes late play to meddle in U.S. elections

The effort from four separate groups includes both hacking attempts and fake news campaigns, according to the company.

The post Microsoft: Iran makes late play to meddle in U.S. elections appeared first on CyberScoop.

Continue reading Microsoft: Iran makes late play to meddle in U.S. elections

Many public safety agencies remain unequipped to defend against cyberattacks

Less than half of respondents in a survey of first responders said their agencies are “at least somewhat prepared in case of a cyberattack.”

The post Many public safety agencies remain unequipped to defend against cyberattacks appeared first on CyberScoop.

Continue reading Many public safety agencies remain unequipped to defend against cyberattacks

FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group

U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe. The joint alert points a finger at MuddyWater, which the U.S. government for the first time last month attributed directly to Tehran. In the latest warning, the government agencies said that they have observed MuddyWater on the move in Africa, Asia, Europe and North America since 2018. “MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” reads the alert. The bulletin is the joint work of the the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the U.S. Cyber Command Cyber National Mission Force and the U.K.’s National Cyber Security Centre. MuddyWater has a long history of allegedly spying on primarily […]

The post FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group appeared first on CyberScoop.

Continue reading FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group

CISA’s advisory panel is announced, set to make recommendations on major cyber topics

The Cybersecurity and Infrastructure Security Agency on Wednesday named members to a new cyber advisory panel that will make recommendations on subjects ranging from battling misinformation to gaining aid from the hacker community on national cyber defense. Among the 23 members selected are leaders from social media, cybersecurity companies, major technology firms and critical infrastructure sectors such as finance and energy. It includes officials from Johnson & Johnson and Walmart, as well as a longtime cybersecurity journalist and the mayor of Austin, Texas. “We’re at a pivotal moment in our history — one that demands we think anew about ensuring the security and resilience of our digital infrastructure in the face of increasingly sophisticated cyber threats,” said CISA Director Jen Easterly, whose agency is a part of the Department of Homeland Security. “I look forward to partnering with these distinguished leaders from across industry, academia, and government to tackle some […]

The post CISA’s advisory panel is announced, set to make recommendations on major cyber topics appeared first on CyberScoop.

Continue reading CISA’s advisory panel is announced, set to make recommendations on major cyber topics

Cities Key in War on Ransomware, Neuberger Tells Mayors

When the cybersecurity industry talks about how critical public-private collaboration is to fending off and responding to threats, most of the “public” part of the conversation centers around the federal government, with individual states more recentl… Continue reading Cities Key in War on Ransomware, Neuberger Tells Mayors

Insurer Chubb paid $65,000 to help a city unlock ransomware in 2018. A second hack was more expensive.

A city in California didn’t disclose a ransomware payment for more than two years after its insurer covered the cost, the city manager acknowledged amid yet another ransomware attack on the municipality. In 2018, officials in Azusa, Calif. paid $65,000 through its insurer Chubb to free up its most vital system and used a free decryption key to unlock the others, City Manager Sergio Gonzalez said. The hackers took control of the city’s police dispatch system for more than a week in the fall that year, he said. State-by-state data breach notification laws have different triggers for when hacking victims must report publicly on what happened. “We did not make a public statement and did not have to file anything legally because we could confirm that no data was migrated out” of police servers, Gonzalez said, according to local new accounts. In an interview with CyberScoop, Gonzalez said the city […]

The post Insurer Chubb paid $65,000 to help a city unlock ransomware in 2018. A second hack was more expensive. appeared first on CyberScoop.

Continue reading Insurer Chubb paid $65,000 to help a city unlock ransomware in 2018. A second hack was more expensive.

Is Congress finally ready to pass meaningful ransomware legislation?

During the entire last two-year session of Congress, lawmakers only signed one bill law that mentioned the word “ransomware.” With the epidemic of digital extortion showing no signs of abating, though, and as ransomware attacks claim ever more victims across all parts of the U.S., evidence is mounting that the next two years could bring a more concerted push for legitlation. “I think it will be a focus because essentially every congressional district has had some kind of ransomware incident, whether public or not,” said Michael Garcia, a senior policy adviser in the national security program at Third Way, a center-left think tank. “Just look at the number of hospitals getting hit, of schools being hit.” In one recent incident, a Mississippi public school system revealed it had paid $300,000 to ransomware attacks, while a U.S. medical company, Universal Health Services, said it lost $67 million as a result of […]

The post Is Congress finally ready to pass meaningful ransomware legislation? appeared first on CyberScoop.

Continue reading Is Congress finally ready to pass meaningful ransomware legislation?

Feds Sound Alarm Over Emotet Attacks on State, Local Govs

CISA warned already-strained public-sector entities about disturbing spikes in Emotet phishing attacks aimed at municipalities. Continue reading Feds Sound Alarm Over Emotet Attacks on State, Local Govs