The Department of Justice (DoJ) announced it has indicted three North Korean military hackers as part of a series of cyberattacks intended to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies. […]
The leader of the Federal government’s investigation of the Russia-backed hack of government and private sector networks via SolarWinds Orion products said Feb. 17 that the attack “compromised” nine Federal government networks – matching with earlier estimates from Federal law enforcement and intelligence agencies that “follow-on” activity by the hackers after initial breaches via software downloads were seen in “fewer than 10” Federal agencies. […]
Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, is asking the FBI and the Environmental Protection Agency (EPA) to provide more information on the recent attempt by cyber criminals to poison the water supply at an Oldsmar, Fla. water treatment facility. […]
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and the Treasury Department have issued a joint cybersecurity advisory about North Korean malicious activity known as “AppleJeus.” […]
What’s the biggest lesson to be learned from the recent thwarting of an attempt by cyber criminals to poison the water supply in Oldsmar, Fla.?
According to the Cybersecurity and Infrastructure Security Agency (CISA), the hackers likely took advantage of an outdated operating system to gain access, and the agency said “continuing to use any operating system within an enterprise beyond the end of life status may provide cyber criminals access into computer systems.” […]
The National Institute of Standards and Technology (NIST) created a Positioning, Navigation and Timing (PNT) Profile using its Cybersecurity Framework that can be used as part of a risk management framework to assist organizations in managing risk to systems, networks, and assets that use PNT services. […]
In an audit of the Defense Department’s (DoD) cybersecurity requirements for weapon systems in the operations and support (O&S) phase of the DoD acquisition lifecycle, the DoD Inspector General (IG) highlighted five weapon systems that have been successfully updating cybersecurity requirements and meeting Risk Management Framework requirements. […]
After Sens. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, and Marco Rubio, R-Fla., the committee’s ranking member, called for the designation of a single official to lead the U.S. response to the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, the White House confirmed to the senators that Deputy National Security Advisor Anne Neuberger is leading the effort. […]
Anne Neuberger, deputy national security advisor for cyber and emerging technology on President Biden’s National Security Council (NSC), said this week that the administration is working on a new national cybersecurity strategy and that it will likely feature some of the recommendations that have already been made by the President’s National Security Telecommunications Advisory Committee (NSTAC) but not yet implemented. […]
As agencies are scrambling to recover and build up their cybersecurity from the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, Federal agency leaders say it will not be easy. […]
The road to better cybersecurity for government and the private sector looks like a long, uphill climb, with no concept of a finish line. […]
The U.S. Army Materials Command is forgoing a competitive bidding process for cyber training services while it waits for a bid protest between two contractors to be resolved. […]
Sens. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, and Marco Rubio, R-Fla., the committee’s ranking member, are urging the Biden administration to “assign a clear leader” to lead the United States’ response to the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products. […]
The Federal Energy Regulatory Commission (FERC) is proposing a rule change that would provide rate incentives for electric companies that go “above and beyond” current regulations in their cybersecurity investments. […]
The Department of Defense’s (DoD) Cyber Crime Center (DC3) is launching a pilot program for Defense Industrial Base (DIB) companies to participate in their Vulnerability Disclosure Program (VDP), which shares vulnerability data and aims to improve cyber hygiene. […]
By Fiscal Year 2026, every contractor seeking to do business with the Department of Defense (DoD) will be required to have at least a Level 1 Cybersecurity Maturity Model Certification (CMMC), Katie Arrington, the Pentagon’s CISO for acquisition and sustainment, said Feb. 3. […]
The House Committee on Homeland Security today designated cybersecurity as a key priority for the committee in the 117th Congress, and specifically noted the Russian-backed hack of thousands of government and private sector networks via a compromise of SolarWinds Orion products. […]
The National Institute of Standards and Technology (NIST) has issued a Special Publication (SP) to help organizations protect sensitive information on different electronic systems from state-sponsored hacking. […]
The Defense Advanced Research Projects Agency (DARPA) announced that its first bug bounty program has “proved the value of the secure hardware architectures developed under [DARPA’s] System Security Integration Through Hardware and Firmware (SSITH) program while pinpointing critical areas to further harden defenses.” […]
Ian Wallace has joined the State Department to serve as a senior advisor for the Office of the Coordinator for Cyber Issues (S/CCI). Wallace tweeted that his new role will focus on cyber capacity building. […]
The Department of Defense’s (DoD) Defense Innovation Unit (DIU) has invested in a cybersecurity platform to upgrade their “cyber threat detection and intelligence-gathering capabilities,” according to a Jan. 25 press release. […]
The Department of State had notified Congress in 2019 of its plans to create a bureau within the department to focus on cybersecurity, but a lack of data and evidence to justify the proposal may halt its progress. […]
Sens. Maggie Hassan, D-N.H., and John Cornyn, R-Texas, reintroduced a bill that would support the National Guard in helping state and local governments improve their cybersecurity, citing “the SolarWinds attack and continued cyberattacks connected to the COVID-19 pandemic.” […]
Denis McDonough, President Biden’s nominee for secretary of the Department of Veterans Affairs (VA), plans to make cybersecurity “a key priority” if confirmed, along with IT modernization efforts and expansion of broadband services. […]
The Department of Justice (DoJ) has launched a coordinated international law enforcement action to disrupt the NetWalker ransomware-as-a-service crimeware product. […]
While the Department of Defense (DoD) is still adjudicating comments on its latest Cyber Maturity Model Certification (CMMC) guidelines, Katie Arrington, CISO for the department of Acquisition at DoD, said the department would be ready to release its first Request for Proposal (RFP) by mid-March. […]
Nine Democratic senators are pressing the Department of Justice (DoJ) and the U.S. Courts for a briefing and information about exactly what data was compromised by the SolarWinds hack in a letter to the departments. […]
The U.S Air Force (USAF) has officially designated the Department of Defense (DoD) Cyber Crime Center (DC3) as a Field Operating Agency (FOA) effective Jan. 15. […]
President Biden is asking intelligence agencies for a “full assessment” of Russian involvement in breaches of thousands of government and private-sector networks via SolarWinds Orion products, White House Press Secretary Jen Psaki said Jan. 21. […]
Department of Defense information networks (DoDIN) are working to apply a Comply-to-Connect (C2C) initiative that will boost cybersecurity across DoD with future directives by the DoD CIO addressing components of the initiative. […]