Articles By This Author

tech generic
Featured Government Nation-state People

SolarWinds security chief: ‘We ran a pretty good shop’

SolarWinds’ chief information security officer defended the company’s practices and technology on Wednesday, saying the attack it experienced at the hands of Russia’s foreign intelligence agency last year wasn’t one that most companies would be prepared for. “We ran a pretty good shop, we had pretty good technology,” Tim Brown, the company’s CISO and vice president of security, said during a webcast hosted by the insurance firm Marsh. “We’ve had four months of inspections and we found things to fix, but it wasn’t like we were super dirty—there wasn’t sloppiness, there wasn’t malware all over our environment.”

electric grid
Featured Government Nation-state Technology

Biden administration to roll out a series of cyber initiatives for critical infrastructure sectors

The Biden administration announced today a 100-day plan aimed at enhancing the security of electric utilities’ industrial control systems and improving the sector’s ability to detect, mitigate, and investigate cybersecurity incidents. According to government officials, the effort is the first of several initiatives planned for multiple critical infrastructure sectors. Recent attacks involving SolarWinds and Microsoft Exchange software have pressured government agencies to modernize cyberdefenses—the U.S. intelligence community warned last week that adversaries including Russia, China, and Iran have the capability to disrupt or damage U.S. critical infrastructure, including the electric grid….

graduation
Cybercrime Featured Technology

Not just ransomware: Schools and universities are increasingly targeted by impersonation scams

Schools and universities, which were once seen as poor targets for financially-motivated cybercrime, are now awash in impersonation scams and other attacks. On March 30, the IRS warned students and staff at educational institutions of an “ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ‘.edu’ email addresses.” The agency has received a number of reports recently of tax refund scams and phishing attempts targeting people at these institutions, it said.

singapore
Featured Government Leadership Nation-state People

Singapore’s deputy cyber chief on how the city-state became a laboratory for security initiatives

Last spring, professional services firm Deloitte published a study that ranked Singapore as the most exposed country to cyberattacks in the Asia-Pacific region. The city-state was also deemed the most prepared at defending against them. Over the last decade, Singapore has aggressively rolled out a slew of cybersecurity initiatives aimed at protecting its nearly 6 million highly-connected citizens from cyber threats. As a global financial and shipping hub, it took early steps at bolstering critical infrastructure security and reducing barriers to information sharing. More recently, the country has rolled out cybersecurity labels for consumer smart devices, and awards marks of distinctions to companies that have invested heavily in cybersecurity….

china
Featured Government Nation-state

Intelligence assessment warns of increasing cyber threats from China, Russia

The U.S. and its allies will face “a diverse array of threats” over the next year, most notably from China, Russia, Iran, and North Korea, an annual threat assessment from the U.S. intelligence community concluded on Tuesday. The report was issued by the Office of the Director of National Intelligence ahead of congressional hearings on Wednesday and Thursday…

DHS
Featured Government Leadership Nation-state People

‘They knew I was running late to meetings’: Former DHS chief on reports that SolarWinds hackers targeted his emails

Former Acting Secretary for the Department of Homeland Security Chad Wolf on Monday recounted the intense first days of the SolarWinds crisis, and remarked on recent reports that the suspected Russian hackers behind the attack had gained access to his email account. “My first question was: were these unclassified email accounts? The answer was yes,” Wolf said at a virtual talk hosted by the Heritage Foundation. “It’s still concerning, but it would have been even more of a concern if they had access to the lines that DHS does its most sensitive work on.”

White House
Featured Government Leadership People

White House announces leadership picks for CISA and National Cyber Director role

The Biden administration on Monday said it has picked two National Security Agency veterans to serve in top cybersecurity leadership roles. Chris Inglis will be nominated to serve as the country’s first National Cyber Director, and Jen Easterly will be tapped to run the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA. Both positions require Senate confirmation, which could take several months…

water utility
Cybercrime Featured Government

Credit rating agency warns that cyberattacks could impact water utilities’ ability to pay back debt

Fitch Ratings, one of the “Big Three” credit rating agencies that assesses the creditworthiness of bonds, companies, and governments, published an alert Thursday warning that cyberattacks could pose a “material risk” to water and sewer utilities and potentially impact their ability to repay debt. The alert follows multiple reports of cybersecurity incidents affecting water utilities. In February, city officials in Oldsmar, Florida, said a hacker attempted to poison the local water supply by changing the concentration of sodium hydroxide at a water treatment plant to toxic levels…

school ransomware
Cybercrime Featured

Ransomware tracker: Schools, hospitals face a surge in attacks

After experiencing a brief dip at the beginning of the year, ransomware attacks are showing signs of a resurgence with

Tehran
Cybercrime Featured Government Nation-state

Facebook takes down troll farm linked to Iranian opposition group

Facebook on Tuesday announced it had removed 14 networks in 11 countries for using fake accounts to amplify deceptive campaigns, including one linked to an exiled militant Iranian group operating a troll farm out of Albania. The social media giant took down 1,167 Facebook accounts, 290 Instagram accounts, 255 Pages, and 34 Groups in the month of March for their connections to these “coordinated inauthentic behavior” campaigns, which targeted a range of countries including Israel, Mexico, Benin, and Georgia…