Accenture Federal Services Lands $112M CISA Task Order For FCEB Cybersecurity Support; Aaron Faulkner Quoted

Accenture Federal Services Lands $112M CISA Task Order For FCEB Cybersecurity Support; Aaron Faulkner Quoted

Aaron Faulkner Accenture Federal Services

Accenture Federal Services (AFS) announced on Friday that the company secured a potential, five-year $112 million prime task order by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to protect the Federal Civilian Executive Branch (FCEB) systems against cyberattacks.

The contract requires AFS to provide advanced cyber services for CISA to help FCEB agencies mitigate the effects of cyberattacks that include ransomware, botnets and malware campaigns while increasing real-time visibility into cyber threats.

“Now, more than ever, it is crucial for our nation to move from a ‘detect and respond’ to a ‘predict and prevent’ model for dealing with cyberattacks. Our solution delivers a whole-of-government view of the threats we face as a nation. Accenture Federal Services is excited to build upon our track record of delivering highly complex cyber solutions at scale,” commented Aaron Faulkner, AFS managing director and cybersecurity Practice Lead

Cloudflare, as a team member on the CISA Task Order, will partner with AFS to strengthen federal government systems by blocking phishing and malware attacks before they occur and containing breaches that occur on devices, such as laptops and cell phones.

“Cyberattacks are becoming much more sophisticated. As a result of several recent newsworthy breaches, we are all now much more aware of the impact cyber threats can have on our daily lives. We’re proud to partner with AFS in helping to build a more secure and resilient infrastructure for our nation,” stated Matthew Prince, Cloudflare co-founder & CEO. 


A Ransomware Task Force Has Released Extensive Recommendations – Prepare Your Company Now! | Newmeyer Dillion

In 2020, ransomware caused businesses an estimated $20 billion in losses worldwide. Those losses were a substantial increase from 2019 when ransomware caused $11.5 billion in business losses. Not only is the ransomware scourge growing, but cybercriminals are also increasingly attacking smaller and smaller companies, often because they have less security in place.

Last week, a multi-industry Ransomware Task Force issued a long anticipated, extensive report regarding how to deal with the ever-increasing threat that ransomware is posing to businesses, and in turn, the global economy. Due to the broad composition of the task force, the report recommends addressing ransomware holistically and from a number of different angles; below you will find several highlights from this report. All companies, regardless of size, are strongly encouraged to work with outside counsel and forensic consultants to prepare for the ransomware threat.

The Payment Problem

The biggest challenge with ransomware is that victims are making the problem worse. That is, the more payments that the criminals receive, the more resources they can afford to contribute to their operations. While the report does not recommend making ransom payments illegal, it recommends that they be discouraged, if possible. For example, it recommends requiring companies to assess all options before paying ransom and creating a fund to help those companies who choose not to pay. It also recommends that the payments be discouraged by enacting laws that impose stricter regulations on cryptocurrency.

In addition, it urges insurers who end up paying ransom to aggressively assert their subrogation rights and pursue the cybercriminals. One suggestion is for the insurance companies to collectively create a subrogation fund to evaluate and develop strategies to recoup their ransomware losses and to work with law enforcement. That could prove crucial as cybercriminals are increasingly attacking companies that they know have cyber insurance. Those efforts, as well as insurance companies more frequently requiring their insureds to stronger protections and protocols, should help curb the ransomware epidemic.

The Safe Havens

As ransomware has…


Ransomware Targeted by New Justice Department Task Force

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

WASHINGTON—The Justice Department has formed a task force to curtail the proliferation of ransomware cyberattacks, in a bid to make the popular extortion schemes less lucrative by targeting the entire digital ecosystem that supports them.

In an internal memorandum issued this week, Acting Deputy Attorney General

John Carlin

said ransomware poses not just an economic threat to businesses but “jeopardizes the safety and health of Americans.”

By identifying ransomware as a priority, the task force will increase training and dedicate more resources to the issue, seek to improve intelligence sharing across the department, and work to identify “links between criminal actors and nation-states,” according to the memorandum.

“By any measure, 2020 was the worst year ever when it comes to ransomware and related extortion events,” Mr. Carlin, who previously ran the Justice Department’s national-security division during the Obama administration, told The Wall Street Journal. “And if we don’t break the back of this cycle, a problem that’s already bad is going to get worse.”


Have you ever been a victim of ransomware? Share your experience below.

Ransomware attacks, in which hackers cripple a software system until they receive a bounty, surged last year during the pandemic, along with financial demands, according to security experts and U.S. officials. The attacks have been around for decades but have flourished as society has become more dependent on technology.

Mr. Carlin said criminal hackers continue to demand ever greater sums of money from victims and reinvest those profits in cyber tools that enable more and better attacks.

The memo calls for developing a strategy that targets the entire criminal ecosystem around ransomware, including prosecutions, disruptions of ongoing attacks and curbs on services that support the…


White House forms public-private task force to tackle Microsoft hack

A task force composed of representatives from federal agencies and the private sector convened last week to discuss a “whole of government” response to the Microsoft Exchange hack, White House Press Secretary Jen Psaki said in a statement today.

The Unified Coordination Group established by the National Security Council included officials from the FBI, the Cybersecurity and Infrastructure Security Agency at DHS, the Office of the Director of National Intelligence and the NSA, as well as unnamed private sector companies “based on their specific insights to this incident.”

That includes Microsoft, who the White House said developed its one-click mitigation tool for the vulnerabilities to help small businesses who may otherwise struggle to afford costly incident response services. Microsoft did not immediately respond to a request for comment.

The task force “discussed the remaining number of unpatched systems, malicious exploitation, and ways to partner together on incident response, including the methodology partners could use for tracking the incident, going forward,” Psaki said.

Still struggling to wrap its arms around the SolarWinds hack last year, which compromised at least nine federal agencies and a swath of state governments and private companies, the Biden administration appears to be creating a similar policy track to respond to the Microsoft Exchange vulnerabilities, which some information security experts have worried could be as bad or worse in terms of its impact on the IT security ecosystem.

Evidence of widespread scanning for servers vulnerable to the four zero-day flaws disclosed by Microsoft earlier this month prompted CISA and the FBI to issue a joint public advisory warning that “tens of thousands of systems in the United States” could be affected and that both nation-state hacking groups and cyber criminals “are likely among those exploiting these vulnerabilities.” Other cybersecurity researchers have worried about the potential for ransomware actors to also leverage the vulnerabilities.

“It is highly likely that malicious cyber actors will continue to use the aforementioned exploits to target and…