Adam Janofsky
Editorial Director, The Record by Recorded Future
Articles By This Author
How Biden’s new executive order plans to prevent another SolarWinds attack
President Biden signed a sweeping executive order on Wednesday aimed at protecting federal networks, as the East Coast continues to deal with the fallout from a ransomware attack that shut down one of the nation’s largest fuel pipelines for several days. The Biden administration has been drafting the order over the last few months, and is designed less to address an incident like the one experienced by Colonial Pipeline, a privately-owned critical infrastructure operator that is believed to have been hit by a criminal gang, than it is aimed at preventing a future SolarWinds-like incident…
Ransomware tracker: Threat groups focus on vulnerable targets
As the recent attack against Colonial Pipeline shows, ransomware groups consider just about any organization to be fair game. Vulnerable organizations including healthcare companies and schools have been constantly bombarded with ransomware attacks over the last year, according to data collected by Recorded Future from government agencies, news reports, hacking forums, and other sources. For example, there were 7 hospitals, healthcare systems, and clinics that disclosed ransomware attacks last month, down from a record high of 17 in March and 9 in April 2020…
FBI: Colonial Pipeline was hit with Darkside ransomware
The U.S. Federal Bureau of Investigation confirmed on Monday that the attack that shut down one of the country’s largest pipelines over the weekend was caused by Darkside ransomware. The Darkside group was first spotted by cybersecurity researchers around August 2020, according to data collected by Recorded Future, and is believed to be run by former affiliates of other ransomware families who decided to develop their own code. In recent months, the group has gained attention both for its attacks and also its statements around the organizations it targets and avoids…
Pipeline cyberattack comes after years of government warnings
Government authorities and watchdogs have warned for years that U.S. pipelines are vulnerable to cyberattacks that could potentially disrupt operations—and an attack against a major U.S. gasoline and jet fuel pipeline on Friday threatens to show how bad these incidents can be. Colonial Pipeline Company said yesterday that it had shut down 5,500 miles of pipeline supplying the East Coast with fuel in an effort to contain a breach of its computer networks….
Former Thomson Reuters CEO Tom Glocer wants to democratize cybersecurity
When Tom Glocer was serving as a top executive at Reuters, the business news and information provider, cybersecurity was rarely the main story. But in the roughly ten years since he’s left the firm, the finance sector has been rocked by cyberattacks and internet-enabled bank fraud, including multimillion-dollar nation-state heists and data breaches that have cost CEOs their jobs…
DHS chief: Cyber workforce sprint will be department’s ‘most significant hiring initiative’ in history
The head of the Department of Homeland Security kicked off the agency’s cybersecurity workforce “sprint” today, framing it as an ambitious effort to increase diversity and prepare the government for emerging threats. “We’re extraordinarily energetic about this effort and we intend to execute the most significant hiring initiative the Department of Homeland Security has undertaken in its history,” said Secretary Alejandro Mayorkas at a virtual event hosted by the U.S. Chamber of Commerce…
Most K-12 apps send kids’ personal info to advertisers and other third parties, study finds
The COVID-19 pandemic has pushed schools around the country to adopt and rely heavily on new technology. But a study published today from the nonprofit Me2ba Alliance suggests that these tools might be syphoning childrens’ data and sending them to advertisers like Google and Facebook without informing users or parents. The group audited a random sample of 73 apps from 38 schools in 14 states across the country, and found that 60% of these apps were sending student data to a variety of third parties…
China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor
A threat actor believed to be operating on behalf of Chinese state-sponsored interests was recently observed targeting a Russian defense contractor involved in designing nuclear submarines for the Russian Navy, according to new research published today by Cybereason. The attack was narrowly-focused, the firm said, and originated with a spear-phishing attempt targeting a general director working at the Rubin Design Bureau, a Saint Petersburg-based shipbuilder that has designed most of Russia’s nuclear submarines…
New ransomware task force wants more support for victims who don’t pay
A new government and industry coalition on Thursday put its weight behind a number of aggressive measures aimed at curbing ransomware, including financially supporting victims who refuse to pay attackers and making it easier to track cryptocurrency payments. The Ransomware Task Force, which is being spearheaded by the nonprofit Institute for Security and Technology, contains dozens of members from leading cybersecurity firms and government agencies…
Lawmakers start a push for new breach notification rules after SolarWinds attack
For more than a decade, policymakers on Capitol Hill have repeatedly tried and failed to pass meaningful federal data breach notification laws that would require companies to share details about cybersecurity incidents that they experience. As a result, organizations have to comply with a patchwork of more than 50 notification laws for each state and territory in the U.S. However, a group of lawmakers are pushing colleagues and business associations to revisit these efforts, arguing that recent incidents have highlighted how the lack of mandatory reporting rules makes it harder to detect and respond to major incidents…