Articles

Biden’s cryptocurrency executive order addresses illicit financial risks

Early indications are that the cryptocurrency industry will work with the U.S. government to help minimize risk and make it harder for cybercriminals to profit from their activities.

The Biden administration issued its much-anticipated cryptocurrency executive order, laying out a wide-ranging investigation into digital assets to gain at least a preliminary grasp on how to address the rapidly growing $3 trillion financial market and its role in ransomware and other illicit activities. The order, entitled “Ensuring Responsible Development of Digital Assets,” outlines a series of far-reaching goals, including reducing the risks that digital assets could pose to consumers and investors, improving business protections, financial stability, and financial system integrity, combating and preventing crime and illicit finance, enhancing national security, fostering human rights and financial inclusion, and addressing climate change and pollution.

“Without oversight, the explosive growth in cryptocurrency use would pose risks to Americans and to the stability of our businesses, our financial system, and our national security,” an administration official said during a press briefing preceding the order’s release. “The absence of sufficient oversight can also provide opportunities for criminals and other malicious actors to leverage cryptocurrencies to launder the proceeds of their crimes or circumvent justly-applied sanctions,” the official said.

Reflective of the order’s even-handed tone, the official added, “At the same time, however, digital assets can also provide opportunities for American innovation and competitiveness, and promote financial inclusion.” To ensure that the U.S. government is not left out of these opportunities, the order also spells out a series of measures to create a federal central bank digital currency (CBDC) that at least 80 monetary authorities around the world are also exploring, and, in some cases, have introduced.

This article appeared in CSO Online. To read the rest of the article please visit here.

 

 

Articles

US cryptocurrency exchange sanctions over ransomware likely not the…

The sanctions against Suex, aimed to cut ransomware gangs off from their revenue, sends a signal to other exchanges that support criminal activity.

Days after the Russia-linked BlackMatter ransomware gang hit an Iowa grain cooperative with a ransomware attack, the Biden administration unveiled its latest effort to address the ongoing ransomware crisis. In a move designed to cut off ransomware gangs from their financial rewards, the Treasury Department announced that its Office of Foreign Asset Control (OFAC) placed Czech Republic-registered but Russian national-owned and -operated cryptocurrency exchange Suex on its sanctioned entity list, formally called the Specially Designated Nationals and Blocked Persons (SDN) List.

Suex facilitates “financial transactions for ransomware actors, involving illicit proceeds from at least eight ransomware variants,” according to the announcement. Treasury says that over 40% of Suex’s known transaction history is associated with illicit actors, representing $370 million in illicit trading.

OFAC included on the SDN list a total of 25 bitcoin, ethereum, and tether addresses known to be controlled by Suex. These addresses received more than $934 million in various crypto assets overall. In addition, blockchain transactions tracking company Chainanalysis said that the Suex addresses have received more than $160 million in bitcoin alone from “ransomware actors, scammers, and dark net market operators” since the exchange was founded in 2018.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Jon Tyson on Unsplash

Articles

Software cybersecurity labels face practical, cost challenges

The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.

As part of his extensive cybersecurity executive order issued in May, President Biden directed the National Institute of Standards and Technology (NIST) to develop two pilot labeling programs on the cybersecurity capabilities of internet-of-things (IoT) consumer devices and software development practices. Although these pilot programs won’t be mandatory for device or software sellers, they could likely raise market expectations. In addition, whatever labels come out of these programs would also carry with them some sense of government authority and might ultimately become part of the government contracting process.

Last week NIST held a two-day workshop on these topics. Of the two pilot programs, the consumer software labeling initiative is the trickier one given the ever-changing nature of software and the absence of any similar existing consumer software labeling initiative.

To help it grasp the more complex task of developing labels for software, NIST solicited one- to two-page labeling position papers from interested parties. In calling for these papers, NIST cited “the challenges and practical approaches to consumer software labeling,” asking` for feedback on the “technical criteria needed to support validation of consumer software security assertions that reflect a baseline level of secure practices.”

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Jon Tyson on Unsplash

Articles

Federal agencies face new zero-trust cybersecurity requirements

The OMB and CISA issue guidance to move all federal agencies to a shared zero-trust maturity model for FY22-24. The catch: No new funding.

As part of the Biden administration’s wide-ranging cybersecurity executive order (EO) issued in May, the Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) issued three documents on zero trust last week. Zero trust is a security concept that “eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses,” according to the EO.

From a cybersecurity practitioner’s perspective, zero trust is a security approach that, among other things, relies on stringent authentication and authorization processes to give users needed access to digital assets but in constrained ways that limit damage when a breach or compromise occurs. The EO repeatedly references zero trust and directs CISA and OMB to develop initiatives to incorporate zero-trust cybersecurity security models throughout the federal government.

The documents released last week offer draft versions of these models. CISA and OMB call them “strategic and technical guidance documents meant to move the US government towards a zero-trust architecture.”

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Laura Heimann on Unsplash

Articles

Federal agencies face new zero-trust cybersecurity requirements

The OMB and CISA issue guidance to move all federal agencies to a shared zero-trust maturity model for FY22-24. The catch: No new funding.

As part of the Biden administration’s wide-ranging cybersecurity executive order (EO) issued in May, the Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) issued three documents on zero trust last week. Zero trust is a security concept that “eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses,” according to the EO.

From a cybersecurity practitioner’s perspective, zero trust is a security approach that, among other things, relies on stringent authentication and authorization processes to give users needed access to digital assets but in constrained ways that limit damage when a breach or compromise occurs. The EO repeatedly references zero trust and directs CISA and OMB to develop initiatives to incorporate zero-trust cybersecurity security models throughout the federal government.

The documents released last week offer draft versions of these models. CISA and OMB call them “strategic and technical guidance documents meant to move the US government towards a zero-trust architecture.”

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Laura Heimann on Unsplash

Alejandro Mayorkas

Tech giants pledge at least $30 billion to improve…

Technology, financial, and education leaders commit to a wide range of initiatives to enhance the nation’s cybersecurity posture in collaboration with the Biden Administration.

Industry leaders from the technology, financial, and education sectors have pledged a wide range of private-sector initiatives to tackle the nation’s cybersecurity problems. Those efforts include increasing the cybersecurity talent pool, boosting security awareness, and better securing the software supply chain. Microsoft pledged $20 billion and Google pledge $10 billion to develop more advanced security solutions in areas such as security by design, zero-trust, software supply chain, and open-source software.
That announcement came at a meeting hosted by the Biden Administration yesterday where private sector leaders met with national security and cabinet team members to tackle the nation’s cybersecurity problems. Among the attendees from the government were:

Commerce Secretary Gina Raimondo
Energy Secretary Jennifer Granholm
Homeland Security Secretary Alejandro Mayorkas
SBA Administrator Isabel Guzman
National Security Advisor Jake Sullivan
Director of the National Economic Council Brian Deese
Senior Advisor and Director of the Office of Public Engagement Cedric Richmond
Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger
National Cyber Director Chris Inglis
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly

This article appeared in CSO Online. To read the rest of the article please visit here.

Articles

Biden memo, infrastructure deal deliver cybersecurity performance goals and…

The White House initiatives and expected passage of the US infrastructure plan will set new cybersecurity standards for critical infrastructure, provide money to state and local governments.

Both the Biden administration and the Congress continued their frenetic pace this week to beef up the country’s digital infrastructure protections through two highly consequential and unprecedented initiatives. Both efforts aim to prepare the nation for the next significant cybersecurity incidents, making up for lost time due to the previous administration’s relative inattention to the topic.

First, the White House issued a National Security Memorandum (NSM) on “Improving Cybersecurity for Critical Infrastructure Control Systems.” The memo requires the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST), working with other agencies, to develop cybersecurity performance goals for critical infrastructure. The hope is that companies responsible for providing essential services like power, water, and transportation would follow those voluntary goals to strengthen their cybersecurity.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Lucas Sankey on Unsplash

Articles

TSA issues second cybersecurity directive for pipeline companies

Experts applaud the agency’s new, detailed security requirements for US pipeline operators but question how they will be enforced or monitored.

The Department of Homeland Security’s (DHS) Transportation Safety Administration (TSA) yesterday announced a second security directive that requires owners and operators of TSA-designated critical pipelines to implement cybersecurity measures that help protect against malicious digital incidents. This directive is a more expansive follow-up to an initial pipeline security directive issued on May 27, roughly two weeks after the highly disruptive ransomware attack against Colonial Pipeline.

The initial directive required pipeline companies to report cybersecurity incidents to DHS’s Cybersecurity and Infrastructure Security Agency (CISA). It also required pipeline owners and operators to designate a cybersecurity coordinator available around the clock to coordinate cybersecurity practices and any cybersecurity incidents with TSA and CISA. Finally, that directive required companies to examine their cybersecurity practices and assess risks, identify gaps, develop remediation measures, and report the results to TSA and CISA.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Mike Benna on Unsplash

Articles

Biden administration, US allies condemn China’s malicious hacking, espionage…

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.

Following a  push by the White House to address the ransomware crisis emanating from Russia and the imposition of sanctions on Russia for its spree of malicious cyber actions, the Biden administration has launched a multi-part strategy to shame another digital security adversary, China, into halting its digital malfeasance.

First, the administration formally accused China of breaching Microsoft’s Exchange email servers to implant what most experts consider reckless and damaging surveillance malware. Although Microsoft has long attributed that incident to a Chinese hacking group it calls HAFNIUM, the White House has now finally and officially acknowledged China’s role in that supply chain attack.

In a statement, the White House said it is attributing “with a high degree of confidence that malicious cyber actors affiliated with PRC’s MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.”

Secretary of State Anthony Blinken said in a statement that “the United States government, alongside our allies and partners, has formally confirmed that cyber actors affiliated with the MSS exploited vulnerabilities in Microsoft Exchange Server in a massive cyber-espionage operation that indiscriminately compromised thousands of computers and networks, mostly belonging to private sector victims.”

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Nick Fewings on Unsplash

Articles

Biden Administration announces flurry of new anti-ransomware efforts

The defensive initiatives include a reward for information on nation-state actors and the formation of a new interagency ransomware task force.

Under pressure to halt ongoing and highly damaging ransomware attacks from Russian criminal groups, the Biden administration yesterday announced a flurry of defensive initiatives to deal with the crisis. These announcements come one week after President Biden issued a stark warning to Russian President Vladimir Putin to deal with the ransomware threat groups in his country or else the US will take action to dismantle the threat.

First, the State Department announced that its Rewards for Justice program, which the Diplomatic Security Service administers, will give a $10 million reward to anyone offering information that leads to identifying state-sponsored threat actors. Specifically, rewards will be given to those who supply information that leads to the “identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”

The Rewards for Justice (RFJ) program has set up a Tor-based dark web reporting site to protect the safety and security of potential sources. Additionally, the RFJ program works with interagency partners to enable the rapid processing of information and the possible relocation of and payment to sources.

Second, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) announced it would convene a FinCEN Exchange in August 2021 focused on ransomware concerns. The Exchange will be composed of financial institutions, other key industry stakeholders, and federal government agencies. The goal of the meeting is to inform FinCEN’s next steps in addressing ransomware payments.

This article appeared in CSO Online. To read the rest of the article please visit here.