Cybersecurity and Cyberwarfare

The use of computers and the Internet in conducting warfare in cyberspace.

Massive cyberattack hits Europe with widespread ransom demands

A new wave of powerful cyberattacks hit Europe on June 27 in a possible reprise of a widespread ransomware assault in May that affected 150 countries. Ukraine reported ransom demands targeting the government and key infrastructure, and the Danish Maersk conglomerate said many of its systems were down. The Russian oil giant Rosneft was also hit, as was the British advertising and marketing multinational WPP. Norway’s National Security Authority said an “international company” there was affected.

Ukraine first reported the cyberattacks, saying they targeted government ministries, banks, utilities and other important infrastructure and companies nationwide, airport departure tables and demanding ransoms from government employees in the cryptocurrency bitcoin. By midafternoon, breaches had been reported at computers governing the municipal energy company and airport in Ukraine’s capital, Kiev, the state telecommunications company Ukrtelecom, the Ukrainian postal service and the State Savings Bank of Ukraine. Payment systems at grocery stores were knocked offline, as well as the turnstile system in the Kyiv metro.

Chairman Pai reveals new details about cyberattack following John Oliver segment

Federal Communications Commission Chairman Ajit Pai unveiled new details about a reported cyberattack that came after comedian John Oliver urged his viewers to flood the agency with pro-network neutrality comments. In response to a series of questions about the incident from Sens Ron Wyden (D-OR) and Brian Schatz (D-HI), Chairman Pai said he was taking the issue seriously. “I agree that this disruption to [the Electronic Comment Filing System] by outside parties was a very serious matter,” Pai wrote in a letter. “As a result, my office immediately directed our Chief Information Officer (CIO) to take appropriate measures to secure the integrity of ECFS and to keep us apprised of the situation. The Commission's CIO has informed me that the FCC's response to the events sufficiently addressed the disruption, and that ECFS is continuing to collect all filed comments."

The ECFS slowed to a crawl after Oliver’s HBO show addressed the net neutrality proceeding in May, leading many to assume that the system was bogged down by an influx of public filings. But the next day, FCC CIO David Bray said the disruption was caused by a malicious distributed denial of service (DDoS) attack, a move designed to take down a site by flooding it with fake traffic. “I appreciate the FCC’s response,” Sen Wyden said. “I’m waiting to draw any final conclusions until the FBI weighs in. However, it is clear that FCC wasn’t ready for this attack. In the future, the agency should consider other ways to submit comments if its web portal fails again.”

Obama’s secret struggle to punish Russia for Putin’s election assault

Early last August, an envelope with extraordinary handling restrictions arrived at the White House. Sent by courier from the CIA, it carried “eyes only” instructions that its contents be shown to just four people: President Barack Obama and three senior aides. Only in the administration’s final weeks in office did it tell the public, in a declassified report, what officials had learned from Brennan in August — that Russian President Vladimir Putin was working to elect Donald Trump.

Over that five-month interval, the Obama administration secretly debated dozens of options for deterring or punishing Russia, including cyberattacks on Russian infrastructure, the release of CIA-gathered material that might embarrass Putin and sanctions that officials said could “crater” the Russian economy. But in the end, in late December, President Obama approved a modest package combining measures that had been drawn up to punish Russia for other issues — expulsions of 35 diplomats and the closure of two Russian compounds — with economic sanctions so narrowly targeted that even those who helped design them describe their impact as largely symbolic. President Obama also approved a previously undisclosed covert measure that authorized planting cyber weapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which President Obama approved in a covert-action finding, was still in its planning stages when he left office. It would be up to President Trump to decide whether to use the capability.

House Communications Subcommittee Hearing on Cybersecurity Risks to Wireless Tech

The House Communications Subcommittee, chaired by Rep Marsha Blackburn (R-TN), held a hearing examining cybersecurity risks to wireless technologies with a particular focus on wireless networks and mobile devices. Cyber criminals often utilize a number of strategies to launch attacks on wireless technologies. Often times exploiting vulnerabilities within a network to gain unauthorized access to wireless networks or target mobile devices through malware and phishing attacks.

“Mobile connectivity has become essential to our daily lives as a result of advances in technology and consumer demand,” said Chairman Blackburn. “Increasing reliance on wireless devices and networks has provided more avenues for cyber criminals to compromise our security and harm consumers. Hackers are smart and they are adapting. The sophistication and frequency of cyberattacks against mobile devices continues to escalate and we must meet this challenge head on.”

Democratic Sens Seek Answers About Trump Officials and Encrypted Apps

Top Democratic Sens on the Homeland Security Committee are asking inspectors general at 24 federal agencies to investigate whether Trump Administration officials are skirting federal records laws by using encrypted and vanishing messaging apps. The committee’s current and former ranking members, Sens Claire McCaskill (D-MO) and Tom Carper (D-DE) also want the IGs to investigate whether top agency officials are barring staffers from responding to information requests from congressional Democrats.

That request follows a report that Trump Administration lawyers advised agencies to ignore Democratic requests. The senators collected the requests into a single, alphabetically arranged document that runs to 120 pages, beginning with the Agriculture Department IG and ending with Veterans Affairs.

Russian Cyber Hacks on US Electoral System Far Wider Than Previously Known

Russia’s cyberattack on the US electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.

The scope and sophistication so concerned Obama administration officials that they took an unprecedented step -- complaining directly to Moscow over a modern-day “red phone.” In October, the White House contacted the Kremlin on the back channel to offer detailed documents of what it said was Russia’s role in election meddling and to warn that the attacks risked setting off a broader conflict. The new details, buttressed by a classified National Security Agency document recently disclosed by the Intercept, show the scope of alleged hacking that federal investigators are scrutinizing as they look into whether Trump campaign officials may have colluded in the efforts. But they also paint a worrisome picture for future elections: The newest portrayal of potentially deep vulnerabilities in the US’s patchwork of voting technologies comes less than a week after former FBI Director James Comey warned Congress that Moscow isn’t done meddling.

Comey: Russian hacking ‘massive effort’ against US elections

Russian hackers were meddling with the 2016 US election right from the start of the campaign season. Former FBI director James Comey testified before a Senate Intelligence hearing on June 8, a month after President Donald Trump fired him on May 9. The hearing, centered on Comey's conversations with President Trump, comes amid the FBI's investigations into potential campaign ties with Russia that continue to haunt the commander-in-chief. Allegations of Russian influence on the US presidential election stretch all the way back before the midyear Democratic National Convention, when hackers spear-phished officials and released documents through WikiLeaks.

Request for Comments on Promoting Stakeholder Action Against Botnets and Other Automated Threats

NTIA, on behalf of the Department of Commerce, is requesting comment on actions that can be taken to address automated and distributed threats to the digital ecosystem as part of the activity directed by the President in Executive Order 13800, "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." Through this Request for Comments, NTIA seeks broad input from all interested stakeholders - including private industry, academia, civil society, and other security experts - on ways to improve industry's ability to reduce threats perpetuated by automated distributed attacks, such as botnets, and what role, if any, the U.S. Government should play in this area.

House Oversight Subcommittee Examines Federal Health Care Cybersecurity Efforts in Wake of ‘WannaCry'

The Subcommittee on Oversight and Investigations, chaired by Rep Tim Murphy (R-PA), held a hearing examining the Department of Health and Human Services’ (HHS) role in cybersecurity efforts within the health care sector. Discussed during the hearing were two reports that HHS was required to submit to Congress, following the implementation of the Cybersecurity Information Sharing Act (CISA), which became law in 2015. The reports outline the department’s internal cybersecurity processes and industry recommendations for what the federal government and industry can do to improve cybersecurity efforts in the health care sector.

FTC Announces Third PrivacyCon, Calls for Presentations

Building on the success of its two previous PrivacyCon events, the Federal Trade Commission is announcing a call for presentations for its third PrivacyCon, which will take place on February 28, 2018.

The call for presentations seeks research and input on a wide range of issues and questions to build on previously presented research and promote discussion, including:
What are the greatest threats to consumer privacy today? What are the costs of mitigating these threats? How are the threats evolving? How does the evolving nature of the threats impact consumer welfare and the costs of mitigation?
How can companies weigh the costs and benefits of security-by-design techniques and privacy-protective technologies and behaviors? How can companies weigh the costs and benefits of individual tools or practices?
How can companies assess consumers’ privacy preferences?
Are there market failures (e.g. information asymmetries, externalities) in the area of privacy and data security? If so, what tools and strategies can businesses or consumers use to overcome or mitigate those failures? How can policymakers address those failures?

Submissions for PrivacyCon must be made by November 17, 2017.