In one look.
- New cybersecurity measures could help protect the US economy.
- Banking industry leaders warn of risks of sharing cybersecurity information.
- The investigation reveals that the Israeli police illegally used the Pegasus software.
New cybersecurity measures could help protect the US economy.
As noted earlier, the U.S. House of Representatives last week passed two new cybersecurity bills: the Energy Cybersecurity University Leadership Act, which will mandate the creation of a research program on the intersection of cybersecurity and energy infrastructure, and the RANSOMWARE Act. As Teiss explains, RANSOMWARE (short for “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies”) is authored by Republican Rep. Gus Bilirakis of Florida and is intended to make it easier for the United States to respond to ransomware attacks from foreign adversaries. An update to the SAFE WEB Act of 2006, RANSOMWARE will require the Federal Trade Commission to file reports of cross-border ransomware complaints, and the measure specifically points to China, Russia, Iran and the North Korea as potential perpetrators of cyberattacks. The Florida press notes that the measure could have a positive impact on the country’s economy, which is on the verge of a slowdown. Officials have warned of the negative economic impact of ransomware attacks, as they could (for example) negatively affect the US power grid or disrupt the delivery of essential goods and services.
We heard from David Mahdi, CSO and CISO Advisor at Sectigo, who defined the issue as a data access and security challenge:
“Ransomware isn’t just a malware problem, bad actors want access to your data, so it’s really a security and data access issue. However, many organizations are missing the point For example, with phishing being a common vector, many companies are investing in email security and antivirus to stop malware.Although this is a good best practice that will thwart many attacks; ransomware is still on its way. It’s like chasing shadows. What happens when new variants of malware exploit different vulnerabilities and penetration techniques? Can your antivirus keep up? Time and again, these Advanced ransomware attacks aim to render traditional defenses useless.
“When we look at what ransomware does, it exploits a user’s access within an organization to encrypt sensitive files (and often also steal). The authentication given to a user defines the level of damage that the hacker will do. Therefore, a zero-trust, identity-centric approach is essential. To prevent ransomware, you can’t just lock down data, you need a clear method of verifying all identities within an organization, whether human or machine.
“This is where the combination of identity-centric approaches combined with PKI certificates enables immutable proof that ‘that person (or entity) is who they say they are’. By combining the principles of Identity-first with least-privilege data access security, ransomware attacks can be stopped in their tracks and, in some cases, completely prevented, endlessly chasing shadows or putting out fires.
Banking industry leaders warn of risks of sharing cybersecurity information.
Last week, the American Bankers Association and the Bank Policy Institute submitted a letter to the Senate Armed Services Committee and the Senate Homeland Security and Governmental Affairs Committee expressing concern about a provision attached to the the National Defense Authorization (NDAA), recently passed by the United States House of Representatives. The provision requires banks to share details of their supply chain risk management protocols and report information on their critical assets which “should directly support the department’s ability to understand and prioritize risk mitigation.” risks for national critical functions”. However, explains NextGov, the authors of the letter say such information sharing could pose a risk to critical infrastructure. ” Provide [the Cybersecurity and Infrastructure Security Agency] with [such] details…could put businesses at risk if improperly disclosed or stolen in a breach,” the letter said. He also notes that the legislation does not “specify what [Cybersecurity and Infrastructure Security Agency] would do with such information, [or] how it would be shared or protected from disclosure. The NDAA is expected to arrive in the Senate in September, so there is still time to make changes.
The investigation reveals that the Israeli police illegally used the Pegasus software.
The Jerusalem Post reports that a recent investigation into Israeli police use of the Pegasus spyware found that authorities used the controversial surveillance software to collect data without court approval, but did not did not use the data thus obtained. The investigative team, led by Deputy Attorney General Amit Marari, worked with Shin Bet and Mossad technology experts to inspect Israel Police-owned Israel Police systems and interviewed current and former police officers on the police’s telephone tapping methods. The investigation, which was launched after Israeli newspaper Calcalist reported that police used NSO Group’s Pegasus to spy on public figures, found there were “no indications” that police used the device. spyware to tap personal phones without a court order, AP News reports. However, the report says that when the technology was used, police received information beyond what was covered by the warrants – for example, data created on the target notice before the date of a court order, or data that did not constitute “communication between devices.” According to police procedures, this data could not and was not used, but the police exceeded their authority by simply collecting the data. A summary of the report reads: “The team believes that the importance of introducing the use of a system with extensive technological capabilities, which is a watershed in the world of wiretapping, has not been fully understood by decision-makers in the Israeli police.
Meanwhile, as Avast notes, last week the US House Intelligence Committee held a hearing to discuss the abuse of spyware like Pegasus and its impact on future legislation as the House prepares to vote on the Intelligence Authorization Act. Witnesses testifying at the hearing included Shane Huntley, senior director of the threat analysis group at Alphabet; Carine Kanimba, the daughter of Rwandan activist Paul Rusesabagina; and John Scott-Railton, senior researcher at the Citizen Lab at the University of Toronto. Intelligence Committee Chairman Adam Schiff said, “Powerful spy tools are being sold on the open market, essentially offering sophisticated signal intelligence capabilities as an end-to-end service.