By
Debra KaufmanAugust 11, 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, debuted the Joint Cyber Defense Collaborative (JCDC), which will leverage the expertise of Big Tech companies including Amazon, Google and Microsoft. According to CISA director Jen Easterly, the initiative’s aim is first to combat ransomware and cyberattacks on cloud-computing providers and ultimately to improve defense planning and information sharing between the government and private sectors. Continue reading U.S. Cybersecurity Agency Enlists Amazon, Google, Microsoft
By
Debra KaufmanJuly 19, 2021
The House Judiciary Subcommittee on Crime, Terrorism and Homeland Security has determined that the use of facial recognition software by law enforcement should be regulated. Subcommittee chair Sheila Jackson Lee (D-Texas) and top Republican Andy Biggs (R-Arizona) agreed that there should be “some kind of meaningful regulation and oversight of facial recognition.” Last month, the Government Accountability Office (GAO) reported that federal law enforcement agencies should do more to prevent facial recognition bias and misuse. Continue reading House Calls for Regulating Use of Facial Recognition Software
By
Debra KaufmanJuly 7, 2021
Software company Kaseya was targeted by a cyberattack starting Friday that has since spread to hundreds of mainly small and medium-size businesses. On Monday, Kaseya chief executive Fred Voccola reported to Anne Neuberger, the deputy national security advisor for cyber and emerging technology, that the attackers demanded a $70 million ransomware payment and that his company wasn’t aware of any breach of critical infrastructure impacting national security. According to experts, the attackers may be members of REvil, a Russian cybercriminal group. Continue reading Massive Ransomware Attack Affects Hundreds of Businesses
By
Debra KaufmanApril 19, 2021
Forescout Research Labs and JSOF researchers have discovered nine security flaws in four commonly used TCP/IP stacks that make 100+ million devices vulnerable to attack. The set of flaws, dubbed Name:Wreck, mainly impact Internet of Things (IoT) products and IT management servers. The TCP/IP stacks that integrate network communication protocols to connect devices and the Internet are found in operating systems such as the open-source FreeBSD and Siemens’ Nucleus NET. An attacker could crash a device, take it offline or gain control of it. Continue reading Millions of IoT Devices Open to Attack Due to Security Flaws
By
Debra KaufmanApril 6, 2021
Senate Finance Committee chair Ron Wyden (D-Oregon) heads a bipartisan group of U.S. senators attempting to understand more about digital advertising auctions and their relationship to personalized ads. The group sent a letter to the largest companies that run these auctions, including AT&T, Index Exchange, Google, Magnite, OpenX Software, PubMatic, Twitter and Verizon Communications. The senators want the names of all foreign clients gaining access to user data through the auctions, citing concerns of national security. Continue reading Senators Press Ad-Auctioneers for Personal Data Sales Info
By
Debra KaufmanApril 2, 2021
President Joe Biden is working on a draft executive order to require companies doing business with the federal government to report hacks within a few days. Homeland Security secretary Alejandro Mayorkas stated the order would also require the companies to use data encryption and two-factor authentication and would combat ransomware and improve protection for industrial control systems, transportation and election security. The SolarWinds hack has prompted the government to pay closer attention to cybersecurity. Continue reading Biden to Issue Executive Order Upgrading U.S. Cybersecurity
By
Debra KaufmanMarch 16, 2021
Russia and China recently ran sophisticated hacks from servers inside the United States, going undetected by the National Security Agency, which is prohibited from conducting surveillance in the U.S., as well as the FBI and Department of Homeland Security. Private computer security firms were the first to raise the alarm on these foreign attacks, and Microsoft reported that its patches are being reverse-engineered by criminal groups to launch ransomware attacks on corporations. The White House is paying attention. Continue reading Cybersecurity: White House Pursues Public-Private Alliances
By
Debra KaufmanFebruary 25, 2021
The U.S. military, the Internal Revenue Service (IRS), Federal Bureau of Investigation (FBI), the Drug Enforcement Administration (DEA) and Department of Homeland Security (DHS) are reportedly among the agencies that have been buying citizens’ location data from commercial services. Now, a Treasury Department inspector general report has indicated that this practice is illegal without first obtaining a warrant. The agencies in question say they are buying commercially available data from those who have consented to having their data collected. Continue reading Treasury Department May Put an End to Location Data Sales
By
Debra KaufmanFebruary 12, 2021
In December, suspected Russian hackers compromised SolarWinds Corp., a small software vendor, leveraging it to infiltrate the U.S. departments of Commerce, State and Treasury, as well as numerous private companies. An in-depth investigation revealed that the hack’s scope was larger than first known, with about one-third of those hacked having no direct connection with SolarWinds. Now, the Biden administration has selected White House National Security Council senior official Anne Neuberger to lead the response. Continue reading White House Names Official to Lead Probe of Expansive Hack
By
Debra KaufmanJuly 16, 2020
According to Google Cloud chief executive Thomas Kurian, the coronavirus pandemic has had an impact on the development of new cloud features. “Every week, there’s a new set of dimensions, and we have to adapt, keep people positive, and focus through it,” he said. A new security product that encrypts data while it’s being processed, for example, is aimed at luring businesses in highly regulated industries to adopt cloud services. Another cloud-computing product is Assured Workloads for Government, a new way to secure public sector deals. Continue reading Google Developing New Cloud Services During the Pandemic
By
Debra KaufmanApril 13, 2020
The Trump administration wants to revoke licenses used by China Telecom’s U.S. subsidiary to act as a common carrier, connecting domestic and international networks. The U.S. Department of Justice, leading the departments of Defense and Homeland Security, requested that the FCC permanently rescind these licenses. The administration stated that China’s technology interests are a threat to U.S. security. Citing the same concerns, U.S. gave Google permission to open a high-speed Internet link to Taiwan but not Hong Kong. Continue reading U.S. Moves to Hinder China Telecom and Links to Hong Kong
By
Debra KaufmanMarch 9, 2020
In a rare bipartisan move, Democratic and Republican legislators joined forces to propose the Shop Safe Act, which would make e-commerce companies responsible for counterfeit products from China and other countries sold on their websites. The bill would focus on trademark liability for those fake products that impact consumer health and safety, such as pharmaceuticals and medical products, and would force e-tailers to more closely vet sellers and remove those who repeatedly sell counterfeits. Continue reading Bipartisan Bill Would Make Platforms Liable for Fake Products
By
Debra KaufmanJanuary 27, 2020
The Trump administration is cracking down on counterfeit products sold over the Internet, warning warehouse operators and e-commerce platforms such as Amazon that they will pay fines if they don’t help identify such products. The Department of Homeland Security released a report on the problem, and the White House in concert with U.S. Customs and Border Protection is leading the initiative. The recent trade agreement with China requires that country to curb counterfeiters or risk potential new tariffs. Continue reading White House Cracks Down on Counterfeit Goods Sold Online
By
Debra KaufmanJanuary 21, 2020
A small startup named Clearview AI, led by Hoan Ton-That, created a facial recognition app that may exceed the scope of anything built by the U.S. government or Big Tech companies. Now in the hands of the FBI, the Department of Homeland Security and hundreds of other law enforcement agencies, the app allows the user to take a photo of a person, upload it and search a database of more than three billion images to find public photos of that person with links to where they appeared. Images have been scraped from Facebook, YouTube, Venmo and “millions of other websites.” Continue reading FBI and Law Enforcement Use New Facial Recognition Tool
By
Debra KaufmanJanuary 3, 2020
Cloud Hopper, a massive cybertheft effort allegedly run by China’s intelligence services and operating through cloud services since at least 2016, is much bigger than it was originally believed to be. U.S. prosecutors identified and charged two Chinese nationals, but both remain at large. The original indictment listed 14 unnamed companies and about a dozen cloud providers. The Trump administration escalated the military’s use of cyber weapons, but hasn’t revealed its rules, leading to a bipartisan push for transparency. Continue reading China’s Cloud Hopper Cyberhack Bigger Than First Revealed