A draft of federal cyber incident reporting rules for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) has been posted in the Federal Register. It’s not exactly light reading, weighing in at a whopping 447-page Notice of Proposed Rulemaking. The rules will require critical infrastructure entities to notify the federal government of […]
On February 15, the U.S. Department of State offered a $10 million reward for “information leading to the identification or location of any individual(s) who hold a key leadership position in the Transnational Organized Crime group behind the ALPHV/Blackcat ransomware variant. In addition, a reward offer of up to $5,000,000 is offered for information leading to the […]
Bleeping Computer reports: U.S. National Security Advisor Jake Sullivan and Environmental Protection Agency (EPA) Administrator Michael Regan warned governors today that hackers are “striking” critical infrastructure across the country’s water sector. In a joint letter sent on Tuesday, they asked for the governors’ support to ensure that water systems in their states are adequately defended against […]
CNN reports: FBI Director Christopher Wray on Wednesday is expected to warn that Chinese hackers are preparing to “wreak havoc and cause real-world harm” to the US. “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come […]
Fortune reports: The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the new $18.5 million one it is building. Then it — along with […]
The Guardian reports: Cyber-hackers have targeted the company behind a £50bn project to build a vast underground nuclear waste store in Britain, its developer has said. Radioactive Waste Management, the company behind the Geological Disposal Facility (GDF) project, has said that hackers unsuccessfully attempted to breach the business using LinkedIn. RWM is the government-owned entity behind […]
FastCompany reports: Providers of critical infrastructure in the United States are doing a sloppy job of defending against cyber intrusions, the National Security Council tells Fast Company, pointing to recent Iran-linked attacks on U.S. water utilities that exploited basic security lapses. The security council tells Fast Company it’s also aware of recent intrusions by hackers linked to China’s military at […]
Reuters reports: Britain has no records or evidence to suggest that networks at the Sellafield nuclear site were the victim of a successful cyber attack by state actors, the government said on Monday following a report by the Guardian newspaper. The Guardian reported that Sellafield, which carries out nuclear fuel reprocessing, nuclear waste storage and […]
Constangy, Brooks, Smith & Prophete, LLP writes: As we near the end of another year, it is time to look ahead to developments in the information security and privacy landscape. One area of particular importance is the development of regulations implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022. CIRCIA, which was signed into […]
Chinese hackers are increasingly deploying ransomware – researchers
Researchers at Sentinel Labs and Recorded Future report that Chinese-linked cyberespionage campaigns are increasingly deploying ransomware. CyberScoop reports that their research suggests that ransomware is reportedly used in the final stage of cyberespionage operations to either make money, distract adversaries, or make it more difficult to attribute their work: The report that Chinese hackers are […]