NTSC Technology Security Roundup

Weekly News Roundup: October 16, 2017

Active Cyber Defense Certainty Act Introduced in House

The Active Cyber Defense Certainty Act was introduced in the House on Friday by Rep. Tom Graves (R-Ga.) and Rep. Kyrsten Sinema (D-Ariz.). According to The Hill, “The Active Cyber Defense Certainty Act allows individuals and companies to hack hackers if the goal is to disrupt, monitor or attribute the attack, or destroy stolen files. […] The bill does not allow counterattackers to destroy anything other than their own stolen files and requires that someone "hacking back" under the bill's provisions notify the FBI National Cyber Investigative Joint Task Force.”

President Trump Nominates Kirstjen Nielsen as Homeland Security Secretary

On Wednesday, President Trump nominated Kirstjen Nielsen as Homeland Security Secretary. Previously, Nielsen served as Chief of Staff to the United States Secretary of Homeland Security and most recently as Principal Deputy White House Chief of Staff to President Trump. According to a bio on the Center for Cyber and Homeland Security website, her areas of expertise are “homeland and national security policy and strategy development; critical infrastructure security and resilience, including cyber security; enterprise risk assessment and management; and emergency preparedness and response.” Rep. Mike McCaul (R-Texas), Chairman of the House Homeland Security Committee, said, “Kirstjen thoroughly understands the inner workings of the Department having served there twice and has extensive background in national security policy decision-making with her time in the White House. Both will prove very beneficial as she prepares to lead a diverse organization with such critical missions.”

NIST Small Business Cybersecurity Act Passes House

On Wednesday, the House passed the NIST Small Business Cybersecurity Act by a voice vote. The bill will “require the Director of the National Institute of Standards and Technology to disseminate guidance to help reduce small business cybersecurity risks, and for other purposes.” Sponsored by Rep. Daniel Webster (R-Fla.), a press release from his office said NIST will offer “guidelines, tools, best practices, standards, methodologies, and other ways of providing information. Implementation of the NIST Framework into these small businesses will protect business owners, their employees, and their customer base, all while contributing positively to the economy.”

Neustar Report Says Brands Experienced 27 Percent Increase in Number of Breaches Per DDoS Attack

Since last year, brands experienced a 27 percent increase in the number of breaches per DDoS attack according to the latest Neustar Global DDoS Attacks and Cyber Security Insights Report. A press release states that “Data from the report shows attackers are achieving higher levels of success against brands they only hit once: 52 percent of brands reported a virus associated with a DDOS attack, 35 percent reported malware, 21 percent reported ransomware and 18 percent reported lost customer data. Over a twelve-month period, 75 percent of respondents recorded multiple DDoS attack attempts following an initial assault on their brand’s network.”

Akamai to Acquire DNS-Based Security Company Nominum

On Wednesday, Akamai announced plans to acquire Nominum, a DNS-based security software and solutions company focused on carrier-grade products. According to a press release, “The acquisition is intended to add complementary capabilities to Akamai's portfolio of security offerings while expanding Akamai’s distribution to carriers that serve enterprise customers. The all-cash transaction is expected to close later this quarter.”