NTSC Blog

Weekly News Roundup: August 26, 2019

Federal Cybersecurity News Roundup

In federal cybersecurity news last week…

• U.S. Cyber Agency Says Reducing Risks From China Top Priority: According to Bloomberg, the Cybersecurity and Infrastructure Security Agency (CISA) “said Thursday that China represents the greatest strategic risk to the U.S., and as a result, the agency’s top operational priority is reducing the risks from Chinese compromises to the global supply chain, including emerging 5G technology. The statement was part of a report outlining the Cybersecurity and Infrastructure Security Agency’s strategic intent for the next five years.”
• Agencies Faced 31,000 Cyber Incidents Last Year, But Gave Up No Major Breaches: According to NextGov, “Federal agencies didn’t experience a single ‘major’ cybersecurity incident in 2018, marking the first time in three years the government avoided such a severe digital incursion, according to a recent White House report. Not one of the more than 31,000 cybersecurity incidents that agencies faced last year reached the ‘major incident’ threshold, which is defined as an event that affects more than 100,000 individuals or otherwise causes ‘demonstrable harm’ to the U.S, according to the Office of Management and Budget.”
• DOE seeks comment on revised cybersecurity 'maturity' model: According to Inside Cybersecurity, “The Department of Energy has issued for comment revisions to a ‘maturity model’ on the cybersecurity capabilities of the nation's electricity grid operators and power generators, a move that reflects updates to cyber ‘best practices’ and the landmark cybersecurity framework by the National Institute of Standards and Technology.”
• How an NSA researcher plans to allow everyone to guard against firmware attacks: According to CyberScoop, “A years-long project from researchers at the National Security Agency that could better protect machines from firmware attacks will soon be available to the public, the lead NSA researcher on the project tells CyberScoop. The project will increase security in machines essentially by placing a machine’s firmware in a container to isolate it from would-be attackers.”

Congressional Cybersecurity News Update

Here, we’ve provided a roundup of Congressional cybersecurity news stories from last week.

• Bipartisan panel to issue recommendations for defending US against cyberattacks early next year: According to The Hill, “A congressionally mandated commission plans to issue its recommendations for protecting the U.S. against cyberattacks early next year, a former top official at the Department of Homeland Security said [last] Tuesday. The Cyberspace Solarium Commission — made up of bipartisan members of Congress, former government officials and industry representatives — is working toward formulating a comprehensive, strategic approach, commission member Suzanne Spaulding said at the Digital Government Institute’s 930gov conference.”
• Playing Defense Against Chinese Tech Threats ‘Will Only Get Us So Far,’ Lawmaker Says: According to NextGov, “One lawmaker [last] Wednesday urged federal leaders to take a more active approach to combating the national security threats posed by Huawei and other Chinese tech giants. Those efforts could include government funding for 5G infrastructure construction projects around the world, which would help prevent Chinese firms from gaining ‘a stranglehold’ on the global market, according to Rep. Mike Gallagher, R-Wis., who recently co-founded a federal commission to address foreign cyber threats.”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

• Federal cybersecurity incidents dropped down by 12% in 2018, says FISMA report: Reported in Cyware, “According to the Office of Management and Budget’s annual report on the Federal Information Security Modernization Act (FISMA), the number of cyber incidents has reduced by 12% in 2018 (31,107) when compared to 2017 (35,277 incidents).”
• State-Sponsored Cyberattacks Target Medical Research: Reported in Dark Reading, “In the last quarter of 2018 and the first quarter of 2019, [FireEye] found multiple databases from healthcare organizations on sale on online black market forums. For example, a 4.31-gigabyte file of healthcare records from a US organization, including patient data, driver's licenses, and insurance information, was being sold for $2,000.”
• Malware still top security threat, say infosec pros: Reported in Computer Weekly, “Malware is the most destructive security threat affecting organizations of all sizes in the public and private sector, a survey of information security professionals reveals. The majority of respondents (86%) perceive malware as an extreme threat, according to the 2019 malware report by the Cybersecurity Insiders security community and IT management software firm HelpSystems.”
• Ransomware attacks hit 1 in 5 Americans: Reported in Help Net Security, “Roughly 1 in 5 Americans (21%) have experienced a ransomware attack on a personal and/or work device; among those who experienced an attack on a work device, 46% say their company paid the ransom.”
• New Forbes Insights Report Shows CISOs Believe Capabilities of Attackers are Outpacing their Ability to Defend their Organizations: According to a press release, “The survey found that 84 percent of CISOs believe the risks of cyber attacks will increase and almost a quarter believe the capabilities of attackers are outpacing their ability to defend their organization. This issue is compounded with limited resources, including lack of sufficient budget and skilled professionals as well as a threat attack surface that is quickly expanding and becoming more sophisticated.”

VMware Acquires Multiple Companies Last Week

VMware continued an aggressive 2019 cybersecurity acquisition streak when it acquired Carbon Black, Pivotal, Veriflow, and Intrinsic. According to various press releases (except where noted):

• VMware and Carbon Black announced last Thursday that the companies have entered into a definitive agreement by which VMware will acquire Carbon Black in an all cash transaction for $26 per share, representing an enterprise value of $2.1 billion.
• VMware and Pivotal Software last Thursday announced that the companies have entered into a definitive agreement under which VMware will acquire Pivotal for a blended price per share of $11.71. In total, the merger consideration represents an enterprise value for Pivotal of $2.7 billion.
• According to VMware, the company announced its intent “to acquire Veriflow to strengthen our capabilities in the pervasive network monitoring, troubleshooting, and verification space. […] Once the acquisition is closed, VMware plans to invest in and integrate Veriflow into vRealize Network Insight to increase our overall network monitoring and troubleshooting capabilities and adding new dimensions of network verification and What-If analysis directly to the platform.”
• According to CNBC, “Enterprise software company VMware on Tuesday confirmed that it has acquired Intrinsic, a small San Francisco security start-up. Terms of the deal weren’t disclosed. The acquisition represents another step in VMware’s embrace of cloud technologies, despite VMware’s legacy of providing products that companies can use to deploy software in their own data centers.”