Articles

Cybersecurity under fire: CISA’s former deputy director decries post-election…

Matt Travis talks about CISA’s role in the recent US elections and how President Trump and his surrogates have politicized the security function.

Matt Travis, the former deputy director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), kicked off this year’s Aspen Cyber Summit yesterday with a keynote interview by journalist Kara Swisher. Travis provided an insider’s view of the events leading up to the firing of CISA director Christopher Krebs and discussed the fallout from President Donald Trump’s attempts to undermine the agency.

The just-concluded president election represented “the most secure election in American history,” according to Krebs. Despite this achievement, or perhaps because of it, Krebs was summarily fired by Donald Trump via a tweet on November 17. Before Krebs was dismissed, the White House asked for the resignation of Brian Ware, the highly regarded assistant director for cybersecurity for CISA. After Krebs’ forced departure, Matt Travis, CISA deputy director and Krebs’ right-hand man at CISA, resigned from the agency.

On Sunday, Krebs, a lifelong Republican, told 60 Minutes’ Scott Pelley that he has complete confidence in the election outcome. He dismissed as conspiracy theories some of Trump’s increasingly convoluted stories of how President-Elect Joe Biden “stole” the election. Krebs said that Trump’s attorney Rudy Giuliani’s promotion of unproven election fraud was an “attempt to undermine confidence in the election, to confuse people, to scare people.”

Following the 60 Minutes interview, another Trump attorney, Joseph DiGenova, said that Krebs should be “taken out and shot” for contradicting Trump’s unsubstantiated claims of voter fraud. Yesterday, Krebs told CBS’s Savannah Guthrie that he is looking into potential legal action following DiGenova’s bald threat. Alex Stamos, former Facebook CISO and founder of the Stanford Internet Observatory, filed a complaint against DiGenova with the DC Bar’s Office of Disciplinary Counsel and encouraged his fellow infosec peers to do the same.

This article appeared in CSO Online. To read the rest of the article please visit here.

 

Articles

New FBI strategy seeks to disrupt threat actors, help…

lead centered=”no”
The FBI sharpens its focus on collaboration among US and foreign government agencies and the private sector. It will acting as a central hub to deal with cybersecurity threats.
/lead

Last week, the US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint announcement about the potential threat that foreign-backed online journals pose in spreading misinformation ahead of the crucial 2020 US presidential election. This alert, intended to raise public awareness based on government intelligence, reflects a new strategic direction by the FBI to work with partners across the federal landscape to better protect the American public and its allies from cyber threats.

“It’s a complex threat environment where our greatest concerns involve foreign actors using global infrastructure to compromise US networks,” Tonya Ugoretz, deputy assistant director of the FBI’s Cyber Division said during a conference at Auburn University’s McCrary Institute organized to debut the Bureau’s new strategy.

Ugoretz said that among the many factors the FBI must now juggle in dealing with cyber threats are:

  • The increased attack surfaces stemming from widespread work-at-home arrangements due to the COVID-19 crisis
    Attackers’ growing willingness to exploit the increased vulnerabilities the wider attack surface make possible
    The increase in availability of tools that threat actors use to launch attacks
    Growth in the number of both criminal and nation-state threat actors.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Jack Young on Unsplash

 

Articles

CIOs say security must adapt to permanent work-from-home

lead centered=”no”
Both private- and public-sector CIOs see many more employees permanently working remotely, and say security needs to adapt to new threats and how they communicate.
/lead

The entire US economy and government were forced to shut down in-person facilities and operations almost overnight in March as COVID quarantines began. The new conditions forced organizations to quickly find ways to secure tens of millions of new, vulnerable endpoints created by at-home workers. Now, six months later, technology leaders are taking stock of what happened and considering how a post-COVID landscape might look.

COVID has resulted in a lot of forward-looking changes, Jim Weaver, CIO of Washington State, said at the second day of the annual Cybersecurity Summit hosted by the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA). “COVID has been our chief innovation officer. Now as a state we’re pivoting to change our service methodologies while in the middle of a pandemic and economic downturn.” Washington was the first state with a positive COVID case on January 14.

“Governor Inslee has been a big proponent for remote work for a lot of reasons and so we did have a culture and mindset in place already enabled to support it,” Weaver said. Washington had to jump from an average of 3,000 to 4,000 remote concurrent connections to 65,000 to 70,000 almost overnight. “That went pretty flawlessly, I’m pleased to say.”

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Charles Deluvio on Unsplash

 

Articles

Ransomware attacks growing in number, severity: Why experts believe…

lead centered=”no”
Law enforcement and federal experts discuss recent ransomware trends and challenges of fighting the attacks.
/lead

Ransomware has become the most chronic and common threat to digital networks. At a time when 41% of all cybersecurity insurance claims flow from ransomware attacks, it’s no surprise that ransomware is top of mind for leading security experts, government officials and law enforcement leaders.

“I think ransomware is going to get worse and I hate to say it, but it’s almost the perfect crime,” Mark Weatherford, chief strategy officer and board member of the non-profit National Cyber Security Center, told attendees at the third annual Hack the Capitol event. “It’s easy to pull off and it’s almost impossible to get caught.”

While major ransomware events grab all the headlines, Weatherford worries about the smaller victims of ransomware attackers. “Small- and medium-sized businesses simply don’t have the resources or the technical acumen to understand the threat environment that they live in,” he said.

Sometimes it can seem like a ransomware attack is inevitable. “A lot of my friends in companies that I talk to on a regular basis literally are waiting for that shoe to drop when they are the victim of a big ransomware event,” Weatherford said.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Michael Geiger on Unsplash

Articles

Election security status: Some progress on ballot integrity, but…

lead centered=”no”
With the election less than two months away, government and election officials say voting itself is more secure, but Russian disinformation remains largely unaddressed.
/lead

The presidential election in 2016 was a wake-up call that the security of the country’s election infrastructure can never again be considered a sure thing. During the last presidential campaign, Russia hacked into the Democratic National Committee’s network and stole emails from Clinton campaign officials while also breaking into at least two county voting systems in Florida. Those digital security attacks took place alongside destructive disinformation campaigns that ran on vulnerable and unprepared social media networks.

At this year’s Billington Cybersecurity Summit, 55 days before the next presidential election, experts weighed in on the progress, or lack thereof, that the US has made in securing America’s elections since 2016.

Chris Krebs, head of the Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA), told attendees that three-and-a-half years after he joined the agency it has “turned the corner in a really meaningful way” on cybersecurity. “We’re working in all 50 states on a regular basis to share information, to secure their systems, to ensure that they have all the resources they need to be prepared, whether it’s a COVID environment or non-COVID environment.”

Matthew Masterson, senior cybersecurity advisor at CISA, says his group is hard at work on supporting the more than 8,800 officials who run the country’s elections. Many of the voting jurisdictions are small but many election offices represent the largest IT operations in their counties in terms of total number of assets.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Kari Sullivan on Unsplash