NTSC Blog

Weekly News Roundup: January 20, 2020

Congressional Cybersecurity News Update

Here, we’ve provided a roundup of Congressional cybersecurity news stories from last week.

• Senate Passes Legislation to Help Boost and Secure the Internet of Things: According to NextGov, “The Senate late last week passed the Developing and Growing the Internet of Things, or DIGIT Act. Originally introduced in 2016 and again in 2017, the bill was re-upped last year by Sens. Deb Fischer, R-Neb., Brian Schatz, D-Hawaii, Cory Gardner, R-Colo., and Cory Booker, D-N.J. […] Through the DIGIT Act, lawmakers mandate the establishment of an interagency working group with representation from the Commerce, Transportation, Homeland Security and Energy departments, the National Institute of Standards and Technology, National Science Foundation and many others, to ultimately identify federal barriers that could inhibit IoT deployment—and examine the challenges and opportunities agencies assume when accessing the internet of things. The group will also work with private- and academic-sector experts to help accelerate the government’s and nation’s adoption of IoT technologies.”
• Bipartisan group of senators introduces legislation to boost state cybersecurity leadership: According to The Hill, “A bipartisan group of senators [last] Friday introduced legislation that would establish a federally funded program to put in place state cybersecurity leaders nationwide, increasing the ability of states to respond to cyberattacks. The Cybersecurity State Coordinator Act would create a federal program named after the bill that would ensure every state has a cybersecurity coordinator, with this person responsible for working with all levels of government to prepare for, prevent and respond to cyberattacks.”
• Congress Hears Warnings of Iranian Cyberthreats: According to GovInfoSecurity, “Iranian-led disinformation campaigns and other cyberthreats against the U.S. are likely to surge in the aftermath of Iranian Major General Qasem Soleimani's death, security and political experts told the House Homeland Security Committee [last] Wednesday. That's why the experts warned that federal agencies should not only shore up their defenses, but also create efficient ways to inform the public about looming threats.”
• Senators offer bill to create alternatives to Huawei in 5G tech: According to The Hill, “A group of bipartisan senators [last] Tuesday introduced legislation to help create alternatives to Chinese firm Huawei in the rollout of 5G wireless technology, amid administration pressure on the telecommunications company. The Utilizing Strategic Allied (USA) Telecommunications Act, sponsored by lawmakers including Senate Intelligence Committee Chairman Richard Burr (R-N.C.) and ranking member Mark Warner (D-Va.), would promote research into new U.S. 5G alternatives by requiring the Federal Communications Commission (FCC) to set aside $750 million for a research and development fund.”

Federal Cybersecurity News Roundup

In federal cybersecurity news last week…

• Apple rebukes DOJ over Pensacola iPhone encryption battle: According to Politico, “Apple [last] Tuesday rejected the Justice Department’s claim that it has refused to help investigators unlock two iPhones that belonged to the shooter in the Pensacola, Fla., naval base attack. The iPhone maker said that Attorney General William Barr was wrong to claim [last] Monday that the company ‘has not given us any substantive assistance’ in accessing phones associated with the December shooting.” This situation has reignited the encryption debate between the private sector and law enforcement.
• How one official wants to increase DHS cyber efficiency: According to Fifth Domain, “The new assistant director for cybersecurity within the Department of Homeland Security has outlined his top priorities for making the agency more ‘effective and efficient.’ Bryan Ware, who replaced Jeanette Manfra as assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, said Jan. 14 at FedScoop’s Data Cloud Summit that CISA Director Chris Krebs tasked him with modernizing CISA’s legacy infrastructure and tackling some of the challenges the agency has with the data it collects.” CyberScoop also notes that Ware is tasked to “streamline the reams of data collected by analysts at DHS’s Cybersecurity and Infrastructure Security Agency so it’s all more useful for tracking hackers.”
• CISA renews comment request on revised cyber incident reporting: According to Inside Cybersecurity, “The DHS Cybersecurity and Infrastructure Security Agency has reopened the comment period on revisions to how companies and other private organizations should report a cyber incident to the federal government, after the agency made ‘clarifications’ to draft updates to the reporting forms. CISA has now set a Feb. 5 deadline for industry comments on revised cyber-incident reporting forms which were updated to include more information about the type of attacks and attribution, among other revisions.”
• CISA supply-chain task force seeks members for vendor 'attestation' working group: According to Inside Cybersecurity, “A Cybersecurity and Infrastructure Security Agency task force on securing the supply chain for information and communications technology is seeking members for a new working group to examine how vendors can ‘self attest’ to the security of their products, according to participants at a MITRE-hosted meeting on software and supply-chain security.”
• NIST Releases Version 1.0 of Privacy Framework: According to NIST, “The agency has just released Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management. Developed from a draft version in collaboration with a range of stakeholders, the framework provides a useful set of privacy protection strategies for organizations that wish to improve their approach to using and protecting personal data. The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NIST’s Cybersecurity Framework.”

National Cyber Security News Update

Here, we’ve provided a roundup of cybersecurity news stories related to national security from last week.

• Hackers linked to Iran have been trying to crack the US grid for ages, a report says: According to MIT Technology Review, “A hacking group called Magnallium, which is sponsored by Iran’s government, has been trying to get access to American electric utilities for at least a year, according to a newly released analysis by the security firm Dragos. The hackers have been trying to guess passwords for hundreds of accounts linked to US electric utilities, plus oil and gas firms, a technique known as ‘password-spraying.’ This chimes with findings from Microsoft, which revealed it had seen a similar campaign in November.”
• Cyberattack on a Major Bank Would Have Ripple Effect: Study: According to GovInfoSecurity, “A cyberattack targeting one of the largest banks in the U.S. that stops the processing of payments likely would have a major ripple effect throughout the financial system, according to a new report from the Federal Reserve Bank of New York. The study, Cyber Risk and the U.S. Financial System: A Pre-Mortem Analysis, looks at how a cyberattack could disrupt the entire U.S. financial system if banks lost the ability to process payments among themselves. Under this scenario, nearly a third of all the country's assets would be affected, according to the researchers.”
• New CrowdStrike Report Finds an Increase in Cyber Adversaries Turning to Business Disruption as Main Attack Objective: According to a press release, “[Over] the course of 2019, 36% of the incidents that [CrowdStrike] Services investigated were most often caused by ransomware, destructive malware or denial of service attacks, revealing that business disruption was often the main attack objective of cyber criminals. Another notable finding in the report shows a large increase in dwell time to an average of 95 days in 2019 — up from 85 days in 2018 — meaning that adversaries were able to hide their activities from defenders for longer, and that organizations still lack the technology necessary to harden network defenses, prevent exploitation and mitigate cyber risk.”
• Companies increasingly reporting attacks attributed to foreign governments: According to Help Net Security, “More than one in four security managers attribute attacks against their organization to cyberwarfare or nation-state activity, according to Radware. In 2018, 19% of organizations believed they were attacked by a nation-state. That figure increased to 27% in 2019. Companies in North America were more likely to report nation-state attribution, at 36%.”