Chris Inglis testifying at his confirmation hearing earlier this month

Senate Approves Chris Inglis as National Cyber Director

Scott Ferguson • June 18, 2021

The U.S. Senate has unanimously approved Chris Inglis as national cyber director. He assumes the role as the country is still reeling from a series of ransomware attacks and the SolarWinds supply chain attack. Meanwhile, confirmation of a new CISA director is on hold.

Cybercrime

Will Ransomware Attacks Push Congress to Enact Regs?

Latest

Breach Notification

Senators Draft a Federal Breach Notification Bill

Scott Ferguson • June 18, 2021

A bipartisan group of senators is circulating a draft of a federal breach notification bill that would require federal agencies, federal contractors and businesses that have oversight over critical infrastructure to report significant cyberthreats to CISA within 24 hours of discovery.

Fraud Management & Cybercrime

ISMG Editors’ Panel: NATO's Cybersecurity Policy and More

Anna Delaney • June 18, 2021

In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including NATO's new cyber defense policy, the outlook for congressional regulatory action to address the ransomware threat, and cybersecurity comments by U.S. Rep. Jim Langevin.

NSA Offers Tips on Securing Unified Communication Channels

Akshaya Asokan • June 18, 2021

The U.S. National Security Agency has released new guidance to help federal agencies as well as business enterprises protect their unified communications channels and voice/video over IP calls from cyberthreats.

Cybercrime

Russian Convicted of Aiding Kelihos Botnet Operator

Akshaya Asokan • June 18, 2021

A Russian national has been convicted of aiding a botnet scheme that infected victims' devices with malicious Kelihos malware and ransomware, according to the U.S. Justice Department.

DDoS Protection

Peak DDoS Traffic Up 100%, Researchers Report

Rashmi Ramesh • June 18, 2021

The daily peak of DDoS attack traffic increased 100% from January 2020 to May 2021, reaching 3 Tbps, with most of the high-bandwidth, high-intensity attacks originating from fewer than 50 hosting companies, Nokia Deepfield reports.

Critical Infrastructure Security

Ransomware Roundup: Avaddon Exits; Clop Suspects Arrested

Anna Delaney • June 18, 2021

The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S. cybersecurity defenses.

Cybercrime

Law Enforcement's Cybercrime Honeypot Maneuvers Paying Off

Mathew J. Schwartz • June 18, 2021

The global law enforcement "Anom" honeypot operation racked up impressive statistics for the number of criminals tricked into using the encrypted communications service. Psychology was at play: Officials say users flocked to the service after they disrupted rivals EncroChat and Sky Global.

Electronic Healthcare Records

Standardizing Patient Addresses: Privacy, Security Issues

Marianne Kolbasuk McGee • June 17, 2021

With a goal of better matching the right patients to all the right medical records, federal regulators have issued new draft technical specifications for standardizing how patients' physical addresses are formatted and represented in health IT systems. But could the effort present new security and privacy risks?

Cyberwarfare / Nation-State Attacks

India Moves Toward Limiting What Telecom Tech Can Be Used

Prajeet Nair • June 17, 2021

In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers.

Business Continuity Management / Disaster Recovery

DHS Preparing More Cybersecurity Requirements for Pipelines

Scott Ferguson • June 16, 2021

The Department of Homeland Security unit that's responsible for the safety of the nation's interstate pipelines is preparing new cybersecurity requirements for oil and gas companies in the wake of the Colonial Pipeline Co. ransomware attack.

Business Email Compromise (BEC)

Behind the Scenes of a Business Email Compromise Attack

Rashmi Ramesh • June 16, 2021

The Microsoft 365 Defender research team says it has “disrupted a large-scale business email compromise infrastructure hosted in multiple web services.” It describes in a blog post how the BEC fraud scheme worked.

Cybercrime

How 'SEO Poisoning' Is Used to Deploy Malware

Prajeet Nair • June 16, 2021

SolarMarker malware operators are using "SEO poisoning" techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports.