NTSC Technology Security Roundup

Weekly News Roundup: June 18, 2018

US Senate Approves Christopher Krebs as Undersecretary for the DHS’s NPPD

Last Tuesday, the Senate approved Christopher Krebs to serve as the undersecretary for the Department of Homeland Security’s National Protection and Programs Directorate (NPPD). Krebs had already served as acting undersecretary since August 2017 and was nominated by President Trump to serve as undersecretary in February 2018. According to FCW, “Krebs has said his top legislative priority is getting NPPD rebranded as the Cybersecurity and Infrastructure Security Agency. The renaming is still up to Congress, and a plan to redefine the scope and authority of the DHS cybersecurity shop is part of a still pending authorization bill.” Last week, the NTSC released a statement supporting this confirmation.

House Reintroduces Bipartisan Bill to Standardize National Encryption Policy

On Thursday, June 7, Congressman Ted W. Lieu (D-California), Congressman Mike Bishop (R-Michigan), Congresswoman Suzan DelBene (D-Washington), and Congressman Jim Jordan (R-Ohio) reintroduced the Ensuring National Constitutional Rights for Your Private Telecommunications (ENCRYPT) Act. The legislation would preempt state and local government encryption laws to ensure a uniform, national policy for the interstate issue of encryption technology. According to eWeek, “If the ENCRYPT Act passes and becomes law, it would prohibit the states from requiring anyone that develops products that support encryption to enable the surveillance of their products or allow the physical search of the product by any state or federal agency. It would also prohibit any requirements that products include built-in back doors or other means of decryption. Furthermore the bill would prevent states from prohibiting the sale or use of products that use encryption or similar security technology.”

Senate Amendments Press White House on Cyber Deterrence and Filling Vacant Cybersecurity Role

On May 24, the NTSC published an op-ed in The Hill titled “This administration must lead on cyber” that argued for the White House to fill the recently unfilled role of cybersecurity coordinator after the departures of Tom Bossert and Rob Joyce. Several Senators seem to agree with that assessment according to several recent amendments filed as attachments to the National Defense Authorization Act. According to NextGov, “One such amendment, authored by Sen. Martin Heinrich, D-N.M., would require President Donald Trump to appoint a White House cybersecurity coordinator, reversing a move by National Security Adviser John Bolton who removed the role in May.” NextGov also noted an amendment that exerts some pressure on the White House to show a stronger cyber deterrence policy: “Another Senate amendment from Sen. David Perdue, R-Ga., would require the Trump administration to publish an extensive cyber strategy, including outlining possible repercussions for adversary cyber strikes targeting the United States.”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

  • Banking trojans replaced ransomware as top email-based payload in Q1: Reported in SC Media UK, “Banking trojans accounted for 59 percent of all malicious email payloads in the first quarter of 2018 which also saw email-based malware attacks rise significantly. A new report from Proofpoint has shown that the number of firms receiving more than 50 email-based malware attacks grew by 20 percent compared to in the last quarter of 2017.”
  • Email-based cyberattacks gathering momentum: Reported in Computer Weekly, “Four out of five organizations (80%) have faced an email-based cyberattack in the past year and 73% of IT security professionals say the frequency of such attacks is increasing, a survey has found.”
  • DDoS Amped Up: Reported in Dark Reading, “China was the No. 1 source of DDoS attacks, with 15.2%, followed by the US, with 14.2%.”
  • Exploiting People Instead of Software: Report Shows Attacker Love for Human Interaction: Reported in Security Week, “95% of observed web-based attacks used social engineering to trick users into installing malware, 55% of social media attacks impersonating customer-support accounts targeted customers of financial services companies, and 35% of social media scams using links took users to video streaming and movie download sites.”
  • NCC Group: Majority of Our Reported Flaws Have Not Been Fixed: Reported in Infosecurity Magazine, “NCC Group analyzed nine years of vulnerabilities discovered by its team and found that only 26%, or 289, were classed as ‘closed,’ meaning they were fixed or dismissed once the risk was accepted by the vendor.”

Splunk Agrees to Acquire DevOps Incident Management Company VictorOps

According to a press release, Splunk will acquire VictorOps, a DevOps incident management company, for a total purchase price of approximately $120 million. The press release says, “The combination of Splunk Enterprise and VictorOps will deliver a ‘Platform of Engagement’– combining monitoring, event management, on-call management and ChatOps. Ultimately, this enables modern engineering and operations teams to quickly solve problems in high-velocity deployment environments to maximize customer success.” Security Week noted “the acquisition of VictorOps builds on the earlier $350 million acquisition of Phantom. While Phantom also helps automate IT teams' responses to alerts, it lacks VictorOps' team collaboration capabilities.”