Tag: house | Page 5

White House to discuss software development with tech executives, calling it ‘key national security concern’

December 23, 2021/in Computer Security

The January discussion between tech executives and White House officials is needed because open-source software is widely used but is maintained by volunteers, making it “a key national security concern,” Sullivan said in a letter to tech firms, excerpts of which the White House shared with reporters.

Invitees include software development firms and cloud service providers, according to the White House. A National Security Council spokesperson declined to say which companies had been invited.

The letter follows the discovery this month of a vulnerability in software known as Log4j that organizations around the world use to log data in their applications.

Ransomware gangs and hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit the flaw as tech firms and government agencies have raced to apply software patches.

The US Cybersecurity and Infrastructure Security Agency, which has said that hundreds of millions of devices could be exposed to the vulnerability, issued an “emergency directive” on December 17 ordering federal civilian agencies to update their systems.

An agency spokesperson told CNN on Thursday that there is no indication that any agency has been hacked using the vulnerability in Log4j.

While no US agencies have confirmed a breach via the vulnerability, the Belgian Defense Ministry told local media outlets this week that it had shut down parts of its computer network in response to a hack using the flaw.

Cybersecurity executives have called the vulnerability one of the most critical software bugs in years and warned that it could take weeks or months to fully assess the impact.

While the world’s richest companies rely on it, the Log4j software is maintained by a group of volunteers at the nonprofit Apache Software Foundation, who have worked long hours to address the flaw.

The vulnerability in Log4j “will define computing as we know it, separating those that put in the effort to protect themselves and those comfortable being negligent,” said Amit Yoran, the CEO of the Maryland-based security firm Tenable.

It’s precisely that dearth of investment in critical software that the White House wants to address.

President Joe Biden in May…

Source…

House Passes Cyber Literacy, Mobile Security, 6G Study Bills – MeriTalk

December 2, 2021/in Mobile Security

The House of Representatives on Dec. 1 approved a pair of cybersecurity bills, along with a bill that would create a task force to study the future of 6G wireless technologies.

All three bills passed by large bipartisan margins on motions to suspend the rules for their passage.

The cybersecurity bills would look to boost the nation’s cybersecurity literacy, and get more information on the current cybersecurity of mobile networks.

The trio of bills all made their way to full House passage, after being approved by the House Energy and Commerce Committee in July.

Cyber Literacy and Mobile Network Visibility

The House passed the American Cybersecurity Literacy Act and the Understanding Cybersecurity of Mobile Networks Act by margins of 408-17 and 404-19, respectively, signaling broad support for the pair of bills.

The American Cybersecurity Literacy Act would establish a national cybersecurity literacy campaign to help citizens understand how to mitigate cyber risks by teaching them how to identify phishing attempts, the benefits of changing passwords, using multi-factor authentication, and more.

Meanwhile, the Understanding Cybersecurity of Mobile Networks Act directs the Assistant Secretary of Commerce for Communications and Information to submit a report to Congress on the current cybersecurity of mobile networks and any vulnerabilities.

“Offensive cyber operations conducted by America’s adversaries and cyber criminals are growing more prevalent and more sophisticated by the day,” Rep. Adam Kinzinger, D-Ill., sponsor of the American Cybersecurity Literacy Act and original co-sponsor for the Understanding Cybersecurity of Mobile Networks Act, said in a release.

“More must be done to push back, and I’m pleased to see two of my bipartisan cybersecurity bills pass the House with overwhelming support today,” Rep. Kinzinger added. “Taken together, these bills will strengthen our cyber posture by educating the public about best practices to keep them more secure, and by identifying vulnerabilities in our mobile telecommunications networks and infrastructure.”

FUTURE Networks Act

The Future Uses of Technology Upholding Reliable and Enhanced (FUTURE) Networks Act would…

Source…

US House panel examines Arizona election review effects

October 7, 2021/in Computer Security

They called former Arizona Secretary of State Ken Bennett, who served as a go-between Senate Republicans and the contractors they hired to review the ballot count, election machines and computer software, to testify. Bennett said that while the recount showed that Biden actually picked up some votes, there remain unresolved issues involving voter registration, mail-in ballots and computer security.

Source…

White House plans 30-country meeting on cyber crime and ransomware -official

October 1, 2021/in Internet Security

By Trevor Hunnicutt and Nandita Bose

WASHINGTON (Reuters) – Top U.S. national security advisers will gather officials from 30 countries this month with plans to combat the growing threat of ransomware and other cyber crime, President Joe Biden said on Friday.

An online session hosted by the White House National Security Council will also be aimed at “improving law enforcement collaboration” on issues like “the illicit use of cryptocurrency,” Biden said in a statement.

The Biden administration has elevated the response to cybersercurity to the senior-most levels of the administration following a set of attacks this year that threatened to destabilize U.S. energy and food supplies.

The meat producer JBS SA paid https://www.reuters.com/technology/jbs-paid-11-mln-response-ransomware-attack-2021-06-09 $11 million to end an attack on its systems that halted production and was believed to have originated from a criminal group with Russian links.

Colonial Pipeline paid a hacker gang believed to be based in Eastern Europe nearly $5 million https://www.reuters.com/business/colonial-pipeline-ceo-tells-senate-cyber-defenses-were-compromised-ahead-hack-2021-06-08/#:~:text=NEW%20YORK%2C%20June%208%20(Reuters,by%20stealing%20a%20single%20password to regain access, some of which was later clawed back by U.S. law enforcement.

Both companies paid the ransoms in bitcoin.

Ransom software works by encrypting victims’ data. Typically hackers will offer the victim a key in return for cryptocurrency payments that can run into hundreds of thousands or even millions of dollars.

The Biden administration hopes that their new informal group, which they’re calling the Counter-Ransomware Initiative, will bolster their diplomatic push that has included direct talks with Russia as well as the NATO alliance and Group of Seven (G7) wealthy nations.

The administration has increasingly focused on blocking https://www.reuters.com/technology/us-allies-accuse-china-global-cyber-hacking-campaign-2021-07-19 what it calls China’s “malicious cyber activity,” charges which Beijing has denied.

It was not immediately clear which countries would participate or when exactly the meeting would take place.

One White…

Source…

Tag Archive for: house