Hacks raised questions about Pentagon’s role in securing cyber and networks: 2021 In Review

Hacks raised questions about Pentagon’s role in securing cyber and networks: 2021 In Review
Hacks raised questions about Pentagon’s role in securing cyber and networks: 2021 In Review

The military focused its efforts on networked warfare and the US government responded to cyberattacks.

Former CISA head warns of rivals’ ‘destructive’ cyber capabilities

Former CISA head warns of rivals’ ‘destructive’ cyber capabilities
Former CISA head warns of rivals’ ‘destructive’ cyber capabilities

“There’s one line [in the notice] that should scare the hell out of everyone everywhere,” Chris Krebs said.

Nakasone Now Sees Ransomware, Influence Ops As ‘National Security’ Threats

Nakasone Now Sees Ransomware, Influence Ops As ‘National Security’ Threats
Nakasone Now Sees Ransomware, Influence Ops As ‘National Security’ Threats

“We aim to convey that, ‘Hello, we are from the government, and we’re here to help’ is not a scary idea,” the general joked, alluding to a famous quote by former President Reagan.

Biden Issues National Security Memorandum On Critical Infrastructure

Biden Issues National Security Memorandum On Critical Infrastructure
Biden Issues National Security Memorandum On Critical Infrastructure

“I think it’s more than likely we’re going to end up, if we end up in a war – a real shooting war with a major power – it’s going to be as a consequence of a cyber breach of great consequence, and it’s increasing exponentially,” President Biden said.

China Likely Outed Soon For Exchange Hacks

China Likely Outed Soon For Exchange Hacks
China Likely Outed Soon For Exchange Hacks

The Exchange campaign attribution will also provide hints about the role of the first national cyber director in such incidents. NSA veteran Chris Inglis was confirmed for the position just weeks ago.

Mandatory Cyber Reporting Within 24 Hours: Sen. Warner Bill

Mandatory Cyber Reporting Within 24 Hours: Sen. Warner Bill
Mandatory Cyber Reporting Within 24 Hours: Sen. Warner Bill

Sen. Warner’s draft legislation, long expected, marks one of the first attempts to create a federal law mandating cyber incident reporting by some entities. Notably, the bill provides reporting entities with a degree of privacy and legal protection.

Pipeline CEO Defends Company’s Cyber Info Sharing

Pipeline CEO Defends Company’s Cyber Info Sharing
Pipeline CEO Defends Company’s Cyber Info Sharing

“[Paying the ransom] was the hardest decision I’ve made in my 39 years in the energy industry… and I put the interest of the country first,” Colonial’s CEO told Congress. “I believe with all my heart [paying the ransom] was the right choice to make, but I want to respect those who see this issue differently.”

DHS Cyber Order Signals Shift To ‘Mandatory Measures’

DHS Cyber Order Signals Shift To ‘Mandatory Measures’
DHS Cyber Order Signals Shift To ‘Mandatory Measures’

Today’s pipeline directive is likely just the next in a series of actions to shore up national cybersecurity across the private sector, especially those deemed critical infrastructure. “I know there are a number of discussions on the Hill… of a broader data breach notification,” Deputy National Security Advisor Anne Neuberger said today.

Hill Presses For Better Cyber Responses, More Info Sharing

Hill Presses For Better Cyber Responses, More Info Sharing
Hill Presses For Better Cyber Responses, More Info Sharing

Colonial Pipeline “refused” to share details of ransomware payment with Congress. “Our constituents are on the front lines of these [cyber]attacks, and yet they don’t know what their country is doing to respond,” Rep. Slotkin said.

Hacks Drive Growing Calls For Mandatory Cyber Data Sharing

Hacks Drive Growing Calls For Mandatory Cyber Data Sharing
Hacks Drive Growing Calls For Mandatory Cyber Data Sharing

The cyber executive order “properly emphasizes” information sharing. Sens. Peters and Portman float updating FISMA. FERC calls for mandatory pipeline cyber standards. Report says vulnerable Exchange Server “most likely culprit” at Colonial. FireEye details DarkSide’s business ops.

Biden Orders Fed Cybersecurity Boost; Targets Prevention, Reporting

Biden Orders Fed Cybersecurity Boost; Targets Prevention, Reporting
Biden Orders Fed Cybersecurity Boost; Targets Prevention, Reporting

“It reflects a fundamental shift in our mindset — from incident response to prevention, from talking about security to doing security,” a senior administration official says.

CISA Lacks Key Data On Colonial Pipeline Hack

CISA Lacks Key Data On Colonial Pipeline Hack
CISA Lacks Key Data On Colonial Pipeline Hack

CISA and FBI issue a joint advisory on DarkSide ransomware. “There is no immediate mission impact” from fuel shortage on DoD, a Pentagon spokesman said. Colonial temporarily restored operations between North Carolina and Maryland last night. Russia denies involvement. DarkSide’s business model complicates attribution.

Colonial Pipeline Cyberattack Follows Years of Warnings

Colonial Pipeline Cyberattack Follows Years of Warnings
Colonial Pipeline Cyberattack Follows Years of Warnings

“We are disappointed, though unsurprised, to learn of the cyberattack,” Sen. King and Rep. Gallagher said. “We can and must be better… in navigating the threats of the Age of Cyber Aggression.”