Cybersecurity
China accuses NSA of multi-year hack targeting its national time systems
“NSA does not confirm nor deny allegations in the media regarding its operations,” an NSA official told Nextgov/FCW.
Cybersecurity
FCC initiates process to ban Hong Kong Telecom in US
The agency has previously barred China-linked communications providers from operating on American soil.
Cybersecurity
CISA orders government to patch F5 products after ‘nation-state’ cyber intrusion
“This cyber threat actor presents an imminent threat to federal networks using F5 devices and software,” CISA’s directive says. China-linked hackers previously exploited F5 vulnerabilities.
Cybersecurity
Top cyber lawmaker wants answers on CISA workforce reductions
Rep. Eric Swalwell, D-Calif., penned a strongly-worded letter to CISA’s acting director asking for an update on the status of the cyberdefense agency’s staffing posture.
Cybersecurity
Inside America’s next information war
Washington is paring back its defenses against influence operations, even as adversaries supercharge them with AI. Much of the fight is shifting to the private sector.
Cybersecurity
Multiple CISA divisions targeted in shutdown layoffs, people familiar say
CISA units including its Stakeholder Engagement division are believed to have been hit. A DHS spokesperson said that the RIFs are meant to help get CISA “back on mission.”
Cybersecurity
Senator makes new attempt to extend cyber info-sharing law by 10 years
Sen. Gary Peters, D-Mich., said he’s spoken directly with Senate Majority Leader John Thune, R-S.D., about renewing the 2015 Cybersecurity Information Sharing Act, which lapsed when the government shut down.
Cybersecurity
Former CISA lead Matt Hartman joins Merlin Group as chief strategy officer
Hartman most recently served as acting head of cyber at the Cyber and Infrastructure Security Agency. He now joins Merlin to grow its partnerships with technology companies and government agencies.
Cybersecurity
Attorneys scramble to advise clients after lapse of key cyber info-sharing law
Organizations may lean on contract arrangements to facilitate data-sharing channels previously enabled by the now-expired regulation, a former U.S. official said.
Cybersecurity
Shutdown could erode cyber defenses by sidelining critical staff, experts warn
A government shutdown would also occur in parallel with the lapse of a critical cyber information-sharing law that could create legal liabilities for companies who send threat data to feds.
Exclusive
Cybersecurity
‘Widespread’ breach let hackers steal employee data from FEMA and CBP
A Citrix vulnerability — suspected to have led to firings of multiple FEMA technology staff — enabled the breach, which let hackers pilfer data from FEMA servers connected to states at the southern border.
Cybersecurity
Vital cyber data-sharing law appears likely to expire amid looming government shutdown
Law firms are advising clients to prepare for this possibility, although the extent of information sharing that will cease if the law lapses remains unclear.
Cybersecurity
CISA issues emergency patching directive for Cisco devices on federal networks
An emerging cyber threat group is exploiting vulnerabilities in Cisco devices, both the company and CISA said. The hackers have potential links to China, according to an analysis put out last year.
Cybersecurity
CISA wants more international involvement in cyber vulnerability catalog, official says
Nick Andersen, the agency’s assistant executive director for cybersecurity, says the CVE project would benefit from a "more holistic look" with international partners.
Cybersecurity
House funding extension tacks on two-month reprieve for key cybersecurity laws
The short-term measure gives lawmakers extra time to iron out differences between House and Senate versions of the renewal.
Cybersecurity
Senators call for election security briefing as major races draw closer
“We are concerned that you may have directed the Intelligence Community (IC) to cease its intelligence reporting on this vital topic,” the senators wrote to the director of national intelligence in a Monday letter.
Cybersecurity
CISA ready to accept any extension for key cyber info-sharing law, official says
“Give us two years. Give us ten years. Give us 50. Whatever you take, we’ll take it,” CISA’s Nick Andersen said of the soon-to-expire 2015 Cybersecurity Information Sharing Act.
Cybersecurity
CISA weighs ‘alternative funding sources’ to preserve cyber vulnerability-tracking project
The Common Vulnerabilities and Exposures Program almost lapsed in April, according to MITRE, a key funder.
Cybersecurity
US can focus on both offensive and defensive cyber, top NSC official says
Offensive measures are “an important tool of the toolbox that we’ll be unafraid to use,” Alexei Bulazel said. “But that’s not to say we don’t need to do normal blocking-and-tackling cyber defense.”
Cybersecurity