ransomware

The incidence of ransomware attacks in the U.S. has leveled off since 2017 for a variety of reasons, including improved defenses by targeted organizations that have made such attacks less profitable for perpetrators, experts said Tuesday at the 2018 Symantec  Government Symposium. […]

elections, election security, voting

The Defense Department is lending assistance to the Department of Homeland Security as DHS works to protect election infrastructure in the run-up to next week’s mid-term congressional elections, said Ed Wilson, Deputy Assistant Secretary of Defense for Cyber Policy, on Tuesday at the Symantec 2018 Government Symposium.






[…]

elections, election security, voting
Washington DC capitol federal government-min

Paras Jha, one of three people responsible for the Mirai Botnet, was ordered on Friday to pay $8.6 million in damages and serve six months of house arrest after pleading guilty to violating the Computer Fraud & Abuse Act (CFAA) in Federal district court in New Jersey.






[…]

Google HQ
Symantec
DOE Department of Energy Building

The Department of Energy Office of Inspector General released a report on Oct. 19 that found several weaknesses in the cybersecurity program at DoE in fiscal year 2018, including recurring issues in vulnerability management, patching, and formal cybersecurity training policies.






[…]

Cyber workforce people

The answer to that question is “yes,” according to a white paper released today by New America, a non-partisan think tank. The white paper argues that while the United States has been engaged in cybersecurity for more than a generation, there are still “organizational and human gaps” that leave the country insecure.






[…]

.gov website cybersecurity government

After some fits and starts, Federal agencies are gaining ground in efforts to better secure their websites and email systems by employing HTTPS encryption, and installing the Domain-based Message Authentication, Reporting and Conformance (DMARC) anti-phishing protocol, among other measures






[…]

DHS Homeland Security

The Department of Homeland Security (DHS) shared details on its Cyber Risk Economics Capability Gaps Research Strategy, which is part of its Cyber Risk Economics (CYRIE) program, in a blog post on Tuesday.






[…]

Cybersecurity cyber

Former Department of Defense officials today offered mostly positive reviews of the current administration’s approach to cybersecurity–including the National Cybersecurity Strategy and the DoD Cyber Strategy–while taking note of the risks posed by more offensive-minded leanings featured in those policies.






[…]

Russia hacking hack cyber-min

In an effort to halt the spread of election disinformation online, United States Cyber Command (USCYBERCOM) is telling Russian operatives that American operatives have identified who they are and are tracking their efforts. The campaign is the first known overseas cyber operation to protect American elections, according to the New York Times which first reported the story.






[…]

Yahoo, which is now owned by Verizon, has agreed to pay $50 million in damages, plus about $35 million in legal fees, under a proposed civil settlement covering data breaches in 2013 and 2014 that impacted three billion Yahoo accounts, according to numerous press reports. 






[…]

Christopher Krebs under secretary undersecretary DHS Department of Homeland Security National Protection and Programs Directorate NPPD leader CISA cybersecurity and infrastructure security agency
global international cyber

Federal cyber pros at Palo Alto Networks’ Federal Ignite conference weighed in today on the cost of cybersecurity and its return on investment, suggesting that government spend may not be properly configured to the risks, threats, and real assets that need to be protected.






[…]

Cybersecurity flag
chip hack cybersecurity cyber

Super Micro Computer told customers in an Oct. 18 letter that the gist of a recent Bloomberg Businessweek article–reporting the alleged secret implantation of malicious computer chips in motherboards made by the company and used by numerous U.S. companies and government agencies–is “wrong,” and that “from everything we know and have seen, no malicious hardware chip has been implanted during the manufacturing of our motherboards.”






[…]

GSA General Services Administration

The General Services Administration’s Office of Inspector General said in a report issued Oct. 19 that it wants GSA’s IT Office (GSA IT) to provide a revised corrective action plan to improve the agency’s policies for responding to breaches of personally identifiable information (PII).






[…]

elections, election security, voting

The Office of the Director of National Intelligence, alongside the Justice Department, Federal Bureau of Investigation, and Department of Homeland Security, released a joint statement today that expresses their concern over election interference and calls identification and prevention of interference a “top priority for the Federal government.”






[…]