Tag Archive for: house

The White House isn’t kidding when it tells companies to button up against ransomware

/in


Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Alarmed by ransomware, the White House has been telling the private sector to get serious about cybersecurity. Just this month, a letter to corporate executives and business leaders, urged companies to do what amounts to basic cybersecurity. It told companies they have a key and distinct responsibility. For what it all could mean, Federal Drive with Tom Temin talked to partner and information security group practice leader at the law firm Davis Wright Tremaine, Michael Borgia.

Tom Temin: Mr. Borgia, good to have you one.

Michael Borgia: Thank you for having me. I appreciate the opportunity.

Tom Temin: First of all, this letter from the White House, specifically from Anne Neuberger, the deputy assistant to the president, and the deputy national security advisor for cyber, who did go to exactly?

Michael Borgia: Well, it is addressed to the private sector. So, it’s got a broad audience. And I think it looks like the intention was to really get the word out broadly to companies all over the private sector, and let them know what the White House thinks they should be doing and perhaps set some kind of baseline around cyber hygiene. As you said, I would think of this as pretty basic hygiene, people who have been in the industry for a while I think nothing in here is going to be shocking or surprising to them.

Tom Temin: Right. It said you should have two-factor authentication, you should have backups that are stored offline, and all these other good things in place, again, basic stuff, but coming from the White House, that’s kind of open-letter, telling people you have a distinct and key responsibility almost implies like there could be some sort of regulatory push here, not just for federal contractors, but for industry in general, coming. It has that ‘Dear Colleague,’ tone.

Michael Borgia: Exactly. It’s funny. On the one hand, you think, well, what does this mean that this doesn’t really do anything? On the other hand, here we are talking about it. And there has been quite a bit of discussion around this. It’s generated a lot…

Source…

Latest Russian hack attempt largely fended off by US agencies, White House says

/in


Ransomware attacks, explained

Ransomware is an ever-evolving form of malware that scrambles a victim organization’s data with encryption, then criminals demand a ransom in exchange for software decryption keys.

WASHINGTONThe White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month’s planned presidential summit.

Officials downplayed the cyber assault as “basic phishing” in which hackers used malware-laden emails to target the computer systems of U.S. and foreign government agencies, think tanks and humanitarian groups. Microsoft, which disclosed the effort late Thursday, said it believed most of the emails were blocked by automated systems that marked them as spam.

As of Friday afternoon, the company said it was “not seeing evidence of any significant number of compromised organizations at this time.”

Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter.

Computer hacker

FILE – Computer hacker point-of-view.

RELATED: US pipeline operators ordered to increase cyber defenses after ransomware attack

“I don’t think it’ll create a new point of tension because the point of tension is already so big,” said James Lewis, a senior vice president at the Center for Strategic and International Studies. “This clearly has to be on the summit agenda. The president has to lay down some markers” to make clear “that the days when you people could do whatever you want are over.”

The summit comes amid simmering tensions driven in part by election interference by Moscow and by a massive breach of U.S. government agencies and private corporations by Russian elite cyber spies who infected the software supply chain with malicious code. The U.S. responded with sanctions last month, prompting the Kremlin to warn of retribution.

Source…

DHS, White House turn spotlight on ransomware — Defense Systems

/in


threat detection

Cyber

DHS, White House turn spotlight on ransomware

  • By Justin Katz
  • May 05, 2021

The Department of Homeland Security and the White House are putting the spotlight on combatting ransomware, actively developing plans to confront the issue.

DHS has assembled a task force with representatives from the Cybersecurity and Infrastructure Security Agency, Secret Service, Coast Guard and Immigration and Customs Enforcement’s Homeland Security Investigations unit, according to Security Secretary Alejandro Mayorkas. The new task force is part of the secretary’s planned “60-day sprint” on ransomware that was announced in March as the first in a series of new efforts.

“Beyond CISA…the entire federal government is stepping up to face this challenge,” Mayorkas said at an April 29 event hosted by the Institute for Security and Technology. “The White House is developing a plan dedicated to tackling this problem,” and the Justice Department recently established its own task force focused on ransomware, he confirmed.

Ransomware “has disproportionately impacted the healthcare industry during the COVID pandemic, and has shut down schools, hospitals, police stations, city governments, and U.S. military facilities,” according to a new report by IST featuring recommendations for the Biden administration on combatting ransomware.

Some of the report’s recommendations include establishing a U.S. government “Joint Ransomware Task Force,” forming an international coalition focused on ransomware, sanctioning countries that fail to take action against threat actors and designating ransomware a national security threat.

Mayorkas earlier this month issued a joint statement with Attorney General Merrick Garland and counterparts in the United Kingdom, Australia, New Zealand and Canada on the threat ransomware poses.

“Ransomware is a growing cyber threat which compromises the safety of our citizens, the security of the online environment, and the prosperity of our economies. It can be used with criminal intent, but is also a threat to…

Source…

The Hack Roundup: White House Sanctions Russia over SolarWinds

/in


The Biden administration assigned responsibility for a hacking campaign that used software from the firm SolarWinds to infiltrate nine federal agencies and 100 private-sector companies to Russia in conjunction with extensive sanctions on public- and private-sector Russian entities. 

“Today the United States is formally naming the Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures,” reads a fact sheet the White House released Thursday on the sanctions and other actions to impose costs for the cyber intrusion and other activities the White House deemed harmful. “The U.S. Intelligence Community has high confidence in its assessment of attribution to the SVR.”

The Treasury Department acted on an executive order the president issued designating the SVR as well as six companies—ERA Technopolis; Pasit, AO (Pasit); Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA); Neobit, OOO (Neobit); Advanced System Technology, AO (AST); and Pozitiv Teknolodzhiz, AO (Positive Technologies)—as blocked from interacting with any U.S. entity. The sanctions were part of a large package brought on by the SolarWinds hack as well as ransomware activity, interference with the 2020 election and other aggressive Russian activities, according to an agency press release. 

“The private and state-owned companies designated today enable the Russian Intelligence Services’ cyber activities,” the release said. “These companies provide a range of services to [Russia’s Federal Security Service], [Russia’s Main Intelligence Directorate], and SVR, ranging from providing expertise, to developing tools and infrastructure, to facilitating malicious cyber activities.”

The administration is also considering further action under Executive Order 13873 to protect the Information and Communications Technology supply chain by banning related imports, according to the fact sheet. 

The U.S. also expelled 10 Russian diplomats…

Source…