Ransomware

Transportation Proposes Near $1M Fine for Colonial Pipeline One Year After Hack

The firm has 30 days to respond with evidence contesting the agency’s allegation of safety violations.

Financial Regulator Says Use of Crypto Helps—not Hurts—Ransomware Investigations

Senators left and right are using the Colonial Pipeline hack and Russia’s invasion of Ukraine as reasons to both regulate and avoid regulating cryptocurrencies.

Cyber-Incident Reporting Legislation Clears House in Bipartisan Spending Bill

The bill, attached to government funding legislation, now moves to the Senate, which recently passed the same incident reporting provisions separately by unanimous consent.

Russia-Ukraine Conflict Could Push Major Cybersecurity Legislation Past Finish Line

The threat of Russian retaliation against the west is front-of-mind with Senate passage of key bills to require reports of ransomware payments and other cybersecurity incidents to the government, overhaul FISMA and codify FedRAMP. 

Ransomware Attacks Exploded in Number and Scale in 2021, Per Cyber Firm

A new Crowdstrike report describes a dramatic increase in activity from both criminal and smaller nation-state groups.

FBI: Ransomware Attackers Have Code to Halt Critical Infrastructure

Monitoring remote access technology will be especially important for limiting the reach of malicious actors, allied cybersecurity agencies said in a report on trends they’ve observed over the last year in a booming ransomware industry.

New Cyber Safety Board Pivots to Tackle log4j Vulnerabilities

The DHS body’s primary focus will be on addressing vulnerabilities in the commonly used log4j software library, but will also incorporate findings on the ‘SolarWinds’ hack.

The U.S. is Working to Improve Ukraine’s Cyber Defenses in the Face of Russian Threat

The prospect of a cyberattack amid heightened regional tensions creates a stark contrast against delicate diplomatic efforts the U.S. is pursuing to thwart ransomware criminals officials say are operating out of Russia.

Taking Control of Ransomware and Other Malware with a Zero-Trust Strategy

Antivirus, sandboxing and similar detection techniques can’t keep up. It’s time for agencies to transform their approach to thwarting malware.

House Passes NDAA Without Cyber Incident Reporting Legislation

The bill still includes what the House Armed Services Committee referred to as the widest empowerment of CISA since SolarWinds.

Data Exfiltration: Public Enemy No. 1 for the Public Sector

Taking a proactive approach is a critical step in improving the way the government combats threats.

Russian National Sentenced to Five Years For Aiding Malware Hacking

Aleksandr Grichishkin, 34, pleaded guilty to providing a server allowing cybercriminals temporary use of IP addresses to bypass security measures and exploit financial data.

Report Shows Global Financial Giants Are at Risk of Cyberattacks

A new report by Constella Intelligence raises questions as to whether the sector is doing enough to protect itself.

White House Holiday Warning Identifies Options for Reporting Ransomware

The FBI has a prominent portal for entities to report cybersecurity incidents, but Congress is considering legislation that officials fear could change the current dynamic.

Government Watchdog Welcomes Treasury’s Data Collection on Cyber Insurance Claims

A Government Accountability Office report on the Treasury Department’s role in shaping the market for cybersecurity insurance is expected next spring.

Pentagon Officials Rethinking Cyber's Role in National Defense Strategy

Cyber policy lead Mieke Eoyang discussed the Defense Department’s role in the nation’s cybersecurity posture, including in defending elections and countering ransomware attacks. 

NSA Director: Evolving Cyber Threats Require Deeper Public-Private Partnerships

“This is not Cold War 2.0 and China is not the Soviet Union,” Gen. Paul Nakasone said.