The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
As the COVID-19 pandemic persists, cybersecurity threats and related risks continue to grow, including ransomware, external threats and especially those involving healthcare insiders, says Denise Anderson, president of the Health Information Sharing and Analysis Center.
CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify "systemically important critical infrastructure" to reduce risks of pervasive supply chain cyberattacks.
Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?
India is in the last stage of rolling out a national cybersecurity strategy that aims to address challenges and appoint an apex body to regulate various government agencies, including CERT-In, the Cyber Crime Coordination Center and the National Critical Information Infrastructure Protection Center.
How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide's hit on Colonial Pipeline - "what we're seeing … is that there is going to be a power balance shift," says McAfee's John Fokker, with more affiliates, not gang leaders, calling the shots.
The cyber actors suspected of being behind the deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary agencies from eight countries. The actors are believed to have affected more than 1,800 victims.
National Cyber Director Chris Inglis on Thursday announced that Federal CISO Chris DeRusha will concurrently serve as his deputy at the newly created office. Inglis, a Senate-confirmed top adviser to the president, also released a "statement of strategic intent" outlining his own official duties.
The latest ISMG Security Report features the fallibility of ransomware gangs and why victims should always seek help from a reputable response firm, law enforcement or other qualified expert. Also featured: Data protection advice and why the remote work model might make securing data easier.
CISA announced that Washington Secretary of State Kim Wyman will be the agency's senior election security lead. She will become a top security official within the Biden administration, inheriting a role that has garnered public attention following interference in 2016 and fraud claims in 2020.
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape.
An attack on systems that govern fuel subsidies in Iran reportedly hit all fuel stations and left many of the country’s citizens without gas for hours. Islamic Republic of Iran Broadcasting says that a cyberattack caused widespread disruption to the country's fuel distribution network.
Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.
Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.
The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.