Connect with us

Cyber Security

Federal watchdog investigating State Department cybersecurity practices

An independent government watchdog is conducting a wide-ranging probe into the State Department’s cybersecurity practices, including how it manages and responds to cyber threats, the investigating office confirmed to CNN Thursday.

Published

on

Washington (CNN)An independent government watchdog is conducting a wide-ranging probe into the State Department’s cybersecurity practices, including how it manages and responds to cyber threats, the investigating office confirmed to CNN Thursday.

The Government Accountability Office “does have an ongoing audit of the State Department’s cybersecurity practices,” director for Information Technology and Cybersecurity Vijay A. D’Souza said, adding that he has been in contact with the department and is “optimistic” the investigation will be completed in a timely manner.

The investigation was launched in October 2020 at the request of lawmakers on the Senate Foreign Relations Committee.

    In a March 30 letter to Keith Jones, the State Department’s chief information officer, D’Souza described the investigation as being focused on the department’s capacity for managing hacking risks and responding to and recovering from cybersecurity incidents. The letter, a copy of which was obtained by CNN, outlines how the GAO has struggled to obtain what it said were the necessary documents for conducting the assessment.

      Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach

      “While we have received some of the requested documents, in many cases, that production has taken over two months,” D’Souza wrote. “The delays by [the department] in providing the requested information are preventing our carrying out our work for the Congress in a timely manner.”

      “The Department is aware of the recent GAO request and is working to respond,” a State Department spokesperson told CNN. Politico was first to report the GAO investigation.

      The Biden administration has faced mounting pressure to respond quickly to the hacking risks posed by foreign adversaries, in the wake of high-profile incidents that widely affected the public and private sectors. In December, revelations of a sophisticated hacking campaign set off alarm bells across Washington. That campaign, which US officials later said was likely Russian in origin, compromised nine federal agencies and dozens of private companies through an unwitting software vendor, SolarWinds.

      Weeks later, Microsoft said it found evidence of a far-reaching security vulnerability in its on-premises Exchange server software, which affected tens of thousands of systems around the world.

      The twin incidents, though unrelated, have prompted a scramble within the US government to assess cybersecurity risks and to develop new policies designed to shore up the country’s cyber defenses. Within weeks, the Biden administration is expected to unveil an executive order that imposes new security requirements on US agencies, such as encryption mandates and the use of multi-factor authentication.

      DHS to propose 'cyber response and recovery fund' for state and local governments

      The administration is also expected to establish cybersecurity standards for federal software vendors and use the government’s immense procurement power to reshape the software market to prioritize network security, according to Anne Neuberger, deputy national security adviser and the White House’s top cyber official.

      Speaking Wednesday at an event hosted by the Council on Foreign Relations, Neuberger said another idea the White House is considering is a kind of National Transportation Safety Board for cybersecurity. Such an organization could help review major information security incidents and to “make that commitment to say we will learn from each thing that occurs.”

      Neuberger added the administration is preparing an initiative to harden the cybersecurity of industrial control systems that govern power, water and other critical infrastructure.

        The coming push follows a high-profile attempted cyberattack in February against a water treatment plant in Florida. Though the attack was unsuccessful, it highlighted some of the weaknesses in America’s utilities infrastructure.

        “We’re seeking to have visibility on those networks to detect anomalous cyber behavior and to block anomalous cyber behavior,” Neuberger said. “Today, we cannot trust those systems because we don’t have the visibility into those systems. And we need the visibility of those systems because of the significant consequences if they fail or if they degrade.”

        Source: https://www.cnn.com/2021/04/08/politics/watchdog-state-department-cybersecurity/index.html

        Cyber Security

        Biden administration unveils effort to strengthen cybersecurity of power grid

        The Biden administration kicked off a 100-day effort on Tuesday to beef up cybersecurity in the nation’s power grid, calling for industry leaders to install technologies that could thwart attacks on the electricity supply. The move follows a high-profile, if unsuccessful, cyberattack in Florida that sought to compromise a water treatment plant, which highlighted some

        Published

        on

        The Biden administration kicked off a 100-day effort on Tuesday to beef up cybersecurity in the nation’s power grid, calling for industry leaders to install technologies that could thwart attacks on the electricity supply.

        The move follows a high-profile, if unsuccessful, cyberattack in Florida that sought to compromise a water treatment plant, which highlighted some of the cybersecurity vulnerabilities in America’s critical infrastructure.

        The Energy Department announced the push on Tuesday, saying the initiative would outline actionable steps for utility owners and operators that could help them detect and defend against cyberattacks. Experts have said that so-called industrial control systems should rarely if ever be connected to the public internet and that any remote access to those systems should prevent commands from being executed.

        Cybersecurity has been a major focus of the administration’s first 100 days, following two alarming cybersecurity incidents: The SolarWinds intrusion campaign by alleged Russian hackers that compromised nine US agencies and dozens of private organizations, and the Microsoft Exchange server vulnerabilities that exposed tens of thousands of systems worldwide.

        Tuesday’s announcement also calls for input from the private sector on future recommendations to further secure the country’s infrastructure from cyberattack.

        “The United States faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity Americans rely on to power our homes and businesses,” said Energy Secretary Jennifer Granholm in a release. “It’s up to both government and industry to prevent possible harms — that’s why we’re working together to take these decisive measures so Americans can rely on a resilient, secure, and clean energy system.”

        While the initiative begins with the US electric grid, officials said other sectors will soon receive the same attention.

        “These efforts really underscore, again, the Biden-Harris administration’s focus on building back better and considering advancements in our country’s infrastructure and our country’s fundamental resilience to be a foundational step that we all must take together as we confront cyber threats that could compromise our most critical systems that are essential to US national and economic security,” said Eric Goldstein, a top cybersecurity official at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

        The Biden administration’s plan is “very encouraging,” said Robert M. Lee, CEO of Dragos, Inc., a cybersecurity firm focusing on industrial cybersecurity.

        “This is a plan that seems to be done in unison with electric sector leadership and cross-government agency,” Lee said. “That bodes well for its success and impact since there was communication and buy in ahead of time. Further, the focus on threat detection is fantastic.”

        Tuesday’s announcement also calls for input from the private sector on future recommendations to further secure the country’s infrastructure from cyberattack.

        Source: https://localnews8.com/politics/2021/04/20/biden-administration-unveils-effort-to-strengthen-cybersecurity-of-power-grid/

        Continue Reading

        Cyber Security

        POLICE GEAR UP FOR CYBER SECURITY LAW AS KATANGA WARNS ZAMBIANS AGAINST LIES

        The latest news, politics, business, and opinion from Zambia

        Published

        on


        Chipata ~ Sat, 03 April 2021

        By Brightwell Chabusha

        Deputy Inspector General of police Charity Katanga has vowed that police will enforce the cyber security law to the letter.

        In an interview with journalists in Chipata, Katanga said people should ensure that whatever they are reporting on social media is credible.

        “With the introduction of the cyber security law, the police are going to enforce it to the letter. We want to ensure that whatever people are reporting on social media is credible and verifiable without causing any malice or any crime against another person. So, it’s expected that people should be able to defend their positions,” Mrs Katanga said.

        She also said police have intensified both foot and motorised patrols during this Easter holiday.

        “It’s known that people celebrate during this time and others can be found wanting in various offences, so as per tradition officers have been deployed in various places including roads to avoid road carnage,” Mrs Katanga said.

        She was in Eastern Province to orient police officers on the newly launched electoral security plan for policing of 2021 general elections.

        In an interview with journalists in Chipata, Katanga said people should ensure that whatever they are reporting on social media is credible.

        Source: https://zambiareports.com/2021/04/03/police-gear-cyber-security-law-katanga-warns-zambians-lies/

        Continue Reading

        Cyber Security

        University of California victim of nationwide hack attack

        The University of California is warning its students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide.

        Published

        on

        Robert Jablon/ AP

        Posted: Apr 3, 2021 / 03:04 AM CDT | Updated: Apr 3, 2021 / 03:04 AM CDT

        A US flag flies above a building as students earning degrees at Pasadena City College participate in the graduation ceremony, June 14, 2019, in Pasadena, California. – With 45 million borrowers owing $1.5 trillion, the student debt crisis in the United States has exploded in recent years and has become a key electoral issue in the run-up to the 2020 presidential elections.
        “Somebody who graduates from a public university this year is expected to have over $35,000 in student loan debt on average,” said Cody Hounanian, program director of Student Debt Crisis, a California NGO that assists students and is fighting for reforms. (Photo by Robyn Beck / AFP) (Photo credit should read ROBYN BECK/AFP via Getty Images)

        LOS ANGELES (AP) — The University of California is warning its students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide.

        A cybersecurity attack targeted a vulnerability in Accellion, a third-party vendor that is used to securely transfer files, the university said in a statement Wednesday.

        “We understand those behind this attack have published online screenshots of personal information, and we will notify members of the UC community if we believe their data was leaked in this manner,” the university said.

        The hacker or hackers also have been sending threatening mass emails threatening to publish data “in an attempt to scare people into giving them money,” the statement said.

        In an update Friday, the university system said the cyberattack affected about 300 organizations, “including universities, government institutions and private companies.”

        Other schools, including Stanford University’s School of Medicine and Yeshiva University in New York City, have reported that student and employee Social Security numbers and financial information were stolen and that some were posted online.

        The information was obtained in December and January when hackers exploited a vulnerability in a 20-year-old Accellion file transfer service, various reports have said. However, some organizations said they only recently became aware of the breach.

        The Baltimore Sun on Thursday reported that private information of staff members and students at the University of Maryland, Baltimore was posted online this week. The school said a hacking group known as Clop gained access to Accellion in December, the Sun said.

        The University of Colorado and the University of Miami reported that files were accessed in January and included personal data and some health, study and research data.

        The Washington State Auditor’s Office reported last month that information on nearly 1.5 million unemployment applicants had been stolen.

        Accellion released a statement in March that said it had closed “all known” vulnerabilities and no new ones had been found.

        Ransomware attacks on a massive scale and seeking massive payouts have hit several organizations in recent months.

        In an unrelated attack, the computer system of one of the nation’s largest school districts was hacked by a criminal gang that encrypted district data and demanded $40 million in ransom or it would erase the files and post students’ and employees’ personal information online. Broward County Public Schools, based in Fort Lauderdale, said in a statement Thursday that there is no indication that any personal information has been stolen and that it made no extortion payment to the ransomware gang.

        An epidemic of ransomware attacks has been plaguing government agencies, businesses and individuals for the past three years. Most are Russian-speaking gangs based in Eastern Europe and enjoy safe harbor from tolerant governments. The more sophisticated groups identify their targets in advance, infect networks through phishing or other means and often steal data as they plant malware that encrypts a victim’s network.

        After the ransomware is activated, the criminals demand money to unlock the malware and refrain from posting — or selling — stolen data. In the case of corporations, that data could be trade secrets. In the case of retailers or government agencies it could be Social Security, bank account numbers and birth dates.

        Public school districts have been frequent targets of ransomware attacks. Overall, ransomware attacks disrupted learning at 1,681 schools, colleges, and universities in 2020 and at least 544 so far this year, said analyst Brett Callow at Emsisoft, a cybersecurity firm. Seven districts had personal data published.

        The average ransom paid for to hacking gangs nearly tripled from $115,000 in 2019 to $312,000 in 2020, according to the cybersecurity firm Palo Alto Networks. It said the highest ransom paid by an organization doubled last year from to $10 million, up from $5 million in 2019.

        Trademark and Copyright 2021 The Associated Press. All rights reserved.

        The hacker or hackers also have been sending threatening mass emails threatening to publish data “in an attempt to scare people into giving them money,” the statement said.

        Source: https://www.newsnationnow.com/cybersecurity/university-of-california-victim-of-nationwide-hack-attack/

        Continue Reading

        Trending