Mark Warner calls for improved cyber defenses to protect schools

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

After high-profile ransomware attacks this year, Senator Mark Warner and Senator Susan Collins have called for school districts to improve cyber defenses.

WASHINGTON — WSSC Water, which serves almost 2 million residents in Prince George’s and Montgomery counties, announced on Friday that it was a victim of a ransomware attack in late May that targeted “non-essential business systems.”

The cyberattack occurred on May 24 but the company said drinking water and wastewater systems were not impacted or ever at risk.

In a statement, WSSC Water Police and Homeland Security Director David McDonough said the virus was successfully removed and the company did not pay any ransom to the hackers.

“These attacks have become more common, especially in recent weeks, and WSSC Water has prepared for this type of event,” he wrote.

The company added that files were restored from back-ups and there was no significant impact on business operations, however, some customers may be notified about potential breaches.

“While the virus was not successful, it appears the ransomware criminals did gain access to internal files,” the statement read. “As the investigation continues, WSSC Water will notify in writing any individuals whose personal identifying information was exposed. Those individuals will be offered five years of credit monitoring with $1,000,000 in identity theft insurance at no cost to them.”

The announcement of the WSSC Water cyberattack came after highly publicized breaches against Colonial Pipeline and JBS Holdings earlier this year.

Both companies were forced to pay millions of dollars to the hackers to get control of their systems back.


Hackers are playing by new rules, and dealerships’ defenses aren’t ready

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

Auto dealers are getting better at protecting their computer networks from cyberattacks, an information technology consultant who works with dealerships told me last week.

They’re investing in phishing training, a process that tests whether employees click on suspicious emails and trains those who do on proper security practices. More are carrying cyber insurance. They’re talking to colleagues in industry peer groups about best practices.

And yet, said Erik Nachbahr, president of Helion Technologies, just as dealerships have improved their defenses against hackers, the hackers have started using a different playbook.

It used to be that cybercriminals would deploy automated programs that would lock up files once someone clicked a malicious link or attachment in an email, he said. Then antivirus software and firewalls got better at blocking them. So the hackers evolved. Now, Nachbahr says, when they gain access to the networks, they’re embedding themselves in the systems, figuring out how they’re designed and laying the foundation for an attack before they launch it.

Those attacks — often ransomware, in which hackers lock down a computer system in exchange for a ransom demand — can be devastating, he said. Last month, for instance, Colonial Pipeline, which provides crucial energy supplies to the East Coast, went down for days after an attack; the CEO has said the organization paid a $4.4 million ransom. Municipal governments and public schools also have been targets.

So have dealerships. Nachbahr told me that among Helion’s 750 U.S. franchised dealership clients, “we see credible, critical-level threats a few times a week.”

“The attackers have identified industries where they’re not doing enough defense,” he said. “And dealers are one of those.”

New threat intelligence software can better detect hackers rooting around inside computer networks, he said. But it’s newer technology, and many dealerships aren’t yet using it.

Nachbahr says bringing awareness to the severity of cyberattacks and what’s at stake for dealers — including the possibility of having their operations shut down entirely — is his top priority.

“Dealers have always struggled with readiness when it comes to…


Joe Biden signs executive order to beef up federal cyber defenses following pipeline hack

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

RICHMOND, Va. — President Joe Biden signed an executive order Wednesday meant to strengthen U.S. cybersecurity defenses in response to a series of headline-grabbing hacking incidents that highlight how vulnerable the country’s public and private sectors are to high-tech spies and criminals operating from half a world away.

The order will require all federal agencies to use basic cybersecurity measures, like multi-factor authentication, and require new security standards for software makers that contract with the federal government.

Officials are hoping to leverage the federal government’s massive spending power to make widely used software safer for the private sector as well.

“The federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life,” Biden said in his executive order.

His actions come as the administration has been grappling with its response to a massive breach by Russia of federal agencies and ransomware attacks on private corporations.

Biden’s executive order was announced shortly after the nation’s largest fuel pipeline restarted operations Wednesday, days after it was forced to shut down by a gang of hackers. The disruption of Colonial Pipeline caused long lines at gas stations in the Southeast.

And the U.S. sanctioned the Kremlin last month for a hack of several federal government agencies, known as the SolarWinds breach, that officials have linked to a Russian intelligence unit and characterized as an intelligence-gathering operation. The AP previously reported that Russian hackers gained access to an email account belonging to the Trump administration’s acting homeland security secretary, Chad Wolf.

“The United States is simply not prepared to fend off state-sponsored or even criminal hackers intent on compromising our systems for profit or espionage,” Sen. Mark Warner, the Virginia Democrat who leads the Senate Intelligence Committee, said in a statement.

Warner praised the executive order but said Congress needs to do more to address the country’s vulnerabilities in cyberspace.

The order also creates a pilot program to develop a rating system, similar to how New York City…


Space Force Looks to Boost Cyber Defenses of Satellites with Acquisition Reorganization

The ongoing restructuring of Space Force acquisition authorities is designed in part to ensure proper cybersecurity testing and monitoring of new programs as they are developed and deployed, a senior Space Force procurement official said May 10.

The stand-up of Space Systems Command, and it’s absorption of the Space and Missile Systems Center (SMC), details of which were unveiled last month, was advertised as an effort to increase the speed and agility of Space Force acquisitions.

But in a lunchtime keynote at the CyberSatDigital event on May 10, Cardell DeLaPena, program executive officer for Space Production at SMC, stressed that it was also intended to improve the resilience of Space Force overhead architecture against new kinetic and cyber threats.

“The reason why we’ve stood up … a separate Space Systems Command for acquisition, and launch, and architecting is to make that shift from today’s peacetime architecture, … an architecture which was never envisioned to conduct offensive or defensive operations,” he said. In its place, Space Force plans a new architecture that could survive kinetic and cyberattacks by near-peer adversaries. “To make that pivot,” DeLaPena added, “We integrate all of those responses to those threats to our satellites into an integrated architecture, which will achieve space superiority.”

The new architecture, DeLaPena said, would rely on digital twinning technology, more properly called model-based systems engineering, in which a detailed virtual model of a satellite or other complex system is built so that it can be attacked and its cyber defenses tested.

DeLaPena said that cyber threats to U.S. satellite systems would be addressed in detail in a classified session later in the week, but outlined a series of “potential threats” in the cyber domain, which he said the newly reorganized acquisition elements in the Space Force would be “testing against” before turning new products over to operational commanders.

“The types of threats we are looking for [are] things like insertion of rogue components—that’s more on the supply side—malicious software, electronic warfare…