Cyber Threats

Justice 'Hacked the Hackers' of Hive Ransomware, Stopping $130M in Demands

It took national and international cooperation to thwart the group, who targeted more than 1,500 victims.

  • By Kirsten Errick

What’s in a Word? FCC’s Proposed Data Breach Rule Redefines Key Terms

The public now has the opportunity to provide insight on the value and impact such redefinitions would have on incident reporting.

  • By Alexandra Kelley

CMS Subcontractor Breach Potentially Exposes Sensitive Data of 254,000 Customers

The Centers for Medicare and Medicaid said the breach involved a subcontractor that appears to have violated its obligations to the agency.

  • By Mariam Baksh

More States Move to Ban TikTok from Government Devices

Maryland joined South Dakota in announcing a ban on state employees or agencies from using the app on government-issued devices, while South Carolina asked for it to be blocked.

  • By Chris Teale

Preparations for Quantum Cyber Threat Get a Senate Boost

The bill would require an annual report to Congress from the Office of Management and Budget with the goal of identifying funding needed for agencies’ transition to post-quantum cryptography.

  • By Mariam Baksh

Darknet Markets Generate Millions in Revenue Selling Stolen Personal Data, Supply Chain Study Finds

Darknet hackers aren't slowing down.

  • By David Maimon and C. Jordan Howell, The Conversation

Critical Update: A Technical Farewell and the ‘Emergiest’ News of 2022

Nextgov reporters say goodbye to 2022 … and to Critical Update.

  • By Aaron Boyd

TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations

The agency is exercising its authority to regulate pipelines and railways after issuing a series of short-term emergency security directives.

  • By Mariam Baksh

Critical Update: Safeguarding Data From Outside Intrusion

The VA is in the process of implementing a zero-trust cybersecurity model to better secure veterans’ sensitive personal data.

  • By Edward Graham

CISA Seeks Information for Potential Cyber Threat Intelligence Platform

The request will help the agency develop the platform to address current challenges related to cyber threat intelligence.

  • By Kirsten Errick

Offshore Drilling Operations Vulnerable to Cyberattacks, Watchdog Warns

The Government Accountability Office made a new case for improving the cybersecurity safeguards within offshore drilling and natural gas facilities. 

  • By Alexandra Kelley

Agencies Push Deadline to Comment on Would-Be Federal Cyber Insurance Program

Insurance companies are pushing for taxpayer assistance to provide coverage in the event of catastrophic incidents.

  • By Mariam Baksh

Big Tech Tells CISA to Exempt Third-Party Providers from Incident Reporting Rule

Major industry groups clashed on how CISA should define key terms in its rulemaking process to implement the federal incident reporting law.

  • By Mariam Baksh

Iranian Hackers Compromised a Federal Agency’s Network, CISA and FBI Say

Actors linked with the Iranian government were able to exploit an unpatched Log4Shell vulnerability—which the Cybersecurity and Infrastructure Security Agency asked agencies to address by the end of 2021—in an unnamed agency’s network.

  • By Edward Graham
Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now

DOD Must Enhance Cyber Incident Reporting and Sharing, Watchdog Says

The Government Accountability Office found that the Pentagon “lacks an accountable organization and consistent guidance” for documenting and sharing details about reported cyber incidents.

  • By Edward Graham

China’s Cyber Capabilities ‘Pose a Serious Threat’ to US, Advisory Panel Warns

The panel’s report also called for the Biden administration to consider revoking China’s status as a favored trading partner if a congressional review finds that Beijing is not complying with its commitments.

  • By Edward Graham

NIST Official Warns Against Device-only Approach to Securing IoT

Federal agencies’ implementation of NIST’s guidelines on the issue—under direction from Congress—is coinciding with industry resistance to the comprehensive approach stakeholders agree is necessary.

  • By Mariam Baksh

No ‘Specific or Credible’ Cyber Threats Affected Integrity of Midterms, CISA Says

Despite “a handful” of DDoS attacks targeting state and local election websites and some technical glitches affecting voting equipment, CISA says it saw “no activity” that should undermine faith in the results of the midterm elections.

  • By Edward Graham

CISA Leaning Toward Lower Threshold for Mandatory Cyber Incident Reporting

The agency has started to receive feedback from some key stakeholders for its rulemaking process on the issue.

  • By Mariam Baksh

Experts Weigh in on Strengths and Vulnerabilities of Election Cybersecurity

Both voting systems and the voters themselves could be targets of malign influence.

  • By John Breeden II

Russia Linked to Nearly 75% of Late 2021 Ransomware Attacks, Per Analysis

The analyzed ransomware variants—from July to December 2021—amounted to millions of dollars in damages.

  • By Alexandra Kelley