Tag Archive for: task

White House forms public-private task force to tackle Microsoft hack

/in


A task force composed of representatives from federal agencies and the private sector convened last week to discuss a “whole of government” response to the Microsoft Exchange hack, White House Press Secretary Jen Psaki said in a statement today.

The Unified Coordination Group established by the National Security Council included officials from the FBI, the Cybersecurity and Infrastructure Security Agency at DHS, the Office of the Director of National Intelligence and the NSA, as well as unnamed private sector companies “based on their specific insights to this incident.”

That includes Microsoft, who the White House said developed its one-click mitigation tool for the vulnerabilities to help small businesses who may otherwise struggle to afford costly incident response services. Microsoft did not immediately respond to a request for comment.

The task force “discussed the remaining number of unpatched systems, malicious exploitation, and ways to partner together on incident response, including the methodology partners could use for tracking the incident, going forward,” Psaki said.

Still struggling to wrap its arms around the SolarWinds hack last year, which compromised at least nine federal agencies and a swath of state governments and private companies, the Biden administration appears to be creating a similar policy track to respond to the Microsoft Exchange vulnerabilities, which some information security experts have worried could be as bad or worse in terms of its impact on the IT security ecosystem.

Evidence of widespread scanning for servers vulnerable to the four zero-day flaws disclosed by Microsoft earlier this month prompted CISA and the FBI to issue a joint public advisory warning that “tens of thousands of systems in the United States” could be affected and that both nation-state hacking groups and cyber criminals “are likely among those exploiting these vulnerabilities.” Other cybersecurity researchers have worried about the potential for ransomware actors to also leverage the vulnerabilities.

“It is highly likely that malicious cyber actors will continue to use the aforementioned exploits to target and…

Source…

National Guard task force that supports Cyber Command changes over

/in


WASHINGTON — The Army recently announced a new tranche of National Guard units to staff a critical and ongoing task force for U.S. Cyber Command.

Members of the 123rd Cyber Protection Battalion — made up of guardsmen from Illinois, Minnesota, Virginia and Wisconsin – relieved the 15-month deployment of the 124th Cyber Protection Battalion for Task Force Echo, an Army announcement said.

The task force was described at its outset in 2017 as the largest mobilization of reserve forces in cyberspace, and to date over 600 National Guardsmen have been assigned to it. Now in its fifth iteration, soldiers will begin a 12-month deployment based at Fort Meade in Maryland.

Few details are publicly known about the task force, other than it supports full spectrum cyber operations. While under the control of Army Cyber Command’s 780th Military Intelligence Brigade, which conducts offensive cyber operations for Cyber Command, the task force has supported Cyber Command’s Cyber National Mission Force, which conducts offensive cyber operations under the guise of defense to protect the nation from malicious cyber actors. Sources have indicated that it has also supported Joint Task Force-Ares, which seeks to limit the Islamic State group’s abilities in the digital world.

While not “trigger pullers,” sources have also indicated the task force provides infrastructure support.

The task force has been described as beneficial to all organizations involved.

“I was impressed by the soldiers of Tasks Force Echo IV. They brought their real-world experience managing networks to the Army and made our organization better,” Col. Matthew Lennox, commander of the 780th Military Intelligence Brigade, said at an awards ceremony for the outgoing battalion. “Their knowledge and experience enabled teams within the Cyber National Mission Force and the different service Joint Force Headquarters to accomplish their mission. The Task Force Echo soldiers were integral members of the brigade team.”

The Army in recent years has begun to incorporate the National Guard and Reserve forces into all aspects of its cyber mission.

Source…

CISO lends voice to MSPs & small businesses on ransomware task force

/in


Datto headquarters (image courtesy of Datto).

Ransomware attacks against billion-dollar corporations tend to garner the most provocative news headlines, but meanwhile plenty of small- and medium-sized businesses have silently suffered from this cyber scourge.

Ransomware gangs are infiltrating small businesses in two ways: one, by individually assaulting them via phishing and exploit attacks; and two, by first compromising a managed services provider (MSP) and then leveraging that breach to infect their various small-business clients all at once.

As infosec representatives across multiple industries collectively put their heads together and debate how to tackle the ransomware crisis, it’s important that both MSPs and SMBs have a seat at the table. After all, incident prevention and response recommendations for larger enterprises may not be suitable for mom and pop operations that use their modest tech budgets to outsource IT security.

Ryan Weeks, chief information security officer at Datto, does not work at a small enterprise or an MSP, but he does understand their pain. The company provides cloud-based software and technology solutions for managed service providers (MSPs), many of whom typically cater to SMBs, fulfilling their IT and infosec needs.

This week, Datto was accepted as founding member of the Institute for Security and Technology’s (IST) newly minted Ransomware Task Force, which soft-launched this past December. While first and foremost Weeks hopes to combat ransomware across all sectors, he also knows it will be his responsibility to represent MSPs and their small-business clients, communicating their needs and struggles in the ever-evolving battle against cybercriminals.

SC Media spoke to Weeks Tuesday to better understand the unique perspectives and experience that he lends to the new task force.

Ryan Weeks, CISO at Datto

Tell me what you and Datto as a whole bring to the table as one of the founding members of the task force.

What we do every day is help MSPs and small- and medium-sized businesses recover from ransomware and other types of business-impacting events.

It hasn’t felt to me like as a community, as a…

Source…

Tech companies, firms like Microsoft and McAfee institute the ‘Ransomware Task Force’, Technology News

/in


19 security firms, tech companies, and non-profit organisation have come together to create the “Ransomware Task Force” (RTF). Companies including Microsoft and McAfee have come together to fight ransomware. 

Also read: Privacy apps you needed to have downloaded in 2020

The RTF will assess technical solutions that are already in place, along with providing protections during an attack.

Besides monitoring the state of mechanisms in place, the RTF will commission research on the topic, engage with key players across industries, and find problems in the existing mechanism, while finding solutions to these problems.

Also read: GoDaddy apologises to employees after Christmas bonus email turned out to be security test

In addition, the RTF will also navigate across all potential solutions to carve out a roadmap to address serious issues. 

The goal is to come up with a standardised framework to deal with ransomware attacks across industries. To achieve this, the RTF intends to consult industry players, instead of individual advice usually given out by contractors.

And 19 founding members of the RTF include big shots like Microsoft, McAfee along with many groups include Team Cymru, Aspen Digital, Citrix, The Cyber Threat Alliance, Cybereason, The Cybersecurity Coalition among many.

Also read: Dozens sue Amazon’s Ring smart cameras over ‘horrific’ invasions of privacy

Ransomware is a type of malware which threatens to publish the data of its victim unless a ransom is paid. In addition, access to that data may be perpetually blocked until the ransom is paid.

Ransomware is not the most common form of malware, but still remains a major threat, with the threat of ransoms growing from quarter to quarter.

Even then, the Federal Bureau of Investigation has revealed that BEC scams continue to cause the largest financial losses to companies every year.

Source…