Cyber Briefing ~ 07/03/2024
McCrary Institute for Cyber & Critical Infrastructure Security
Working to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.
The Supreme Court's reversal of the Chevron doctrine will significantly impact cybersecurity regulations, making existing rules vulnerable to court challenges, complicating compliance, and requiring clearer Congressional intent for future policymaking. This ruling may lead to less consistent application of security rules across jurisdictions and a greater emphasis on voluntary industry initiatives.
Lt. Gen. Robert Skinner, head of the Defense Information Systems Agency, warns that China is looking for ways to disrupt everyday life in the U.S. during a potential conflict. This includes targeting critical infrastructure and civilian entities through cyber and space operations. Skinner says China's "risk tolerance continues to change" as it bolsters its space-sensing capabilities. The Pentagon is working to strengthen its IT infrastructure and improve visibility into cloud service providers to better defend against these threats.
US military bases across Europe have been placed on high alert due to a possible terror threat. Officials have elevated the force protection threat level to "Condition Charlie," indicating an attack is likely. McCrary Institute Senior Fellow, Retired Rear Admiral Mark Montgomery with the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies, explains the heightened security measures, potential cyber threats, and factors that may have triggered this proactive response across the region.
Prudential Financial has revised the number of individuals impacted by its data breach from 36,000 to over 2.5 million, including names, addresses, and identification details. The company faces a class-action lawsuit and is providing 24 months of identity theft and credit monitoring services to affected individuals.
Papua New Guinea's new data protection and governance policy reflects a forward-thinking cybersecurity strategy, positioning the small island nation as a leader in securing sensitive data and promoting responsible data sharing.
The Home Office was warned about the risk of a "catastrophic" ransomware attack on the NHS months before the recent attack by Kremlin-supported cyber hackers. MPs and peers from the Joint Committee on National Security Strategy highlighted the vulnerability of the NHS and the lack of preparedness for a major cyber attack. The NHS was operating with outdated IT systems and a lack of investment, making it particularly susceptible to cyber attacks. The UK's critical national infrastructure was also deemed vulnerable to an attack with widespread consequences. The report called for ransomware to become a political priority and for increased resources to tackle this threat to national security.
The U.S. Department of Energy's Office of Electricity has selected Southern Company Services to lead a $2.4 million project focused on developing a cognitive digital twin to enhance the security and resilience of the electric distribution system. The project aims to improve grid communication, security, and reliability, leading to fewer blackouts and power disruptions for consumers. The digital twin will enable utilities to better understand weaknesses, detect problems quickly, and address them effectively without risking the operational grid. This initiative is expected to translate into greater operational efficiency and fewer outages affecting critical services. The project will be housed at Southern Company's Schatz Grid Visualization and Analytics Centre and involves partners like Virginia Tech, GE Research, and OPAL-RT Corporation.
The impact of the recent cyberattack on software provider CDK Global has led to a slowdown in U.S. new-vehicle sales growth during the crucial second quarter. Major automakers like GM, Toyota, and Hyundai reported significantly lower sales growth compared to the previous year, as the CDK outage disrupted operations at thousands of dealerships across the country. While analysts expect most of the lost sales to be recouped in July, the attack has thrown a "monkey wrench" into one of the busiest sales periods for the industry.
Prudential Financial, a major financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. The company initially reported only 36,000 impacted, but has now updated that number to over 2.5 million. The breach was claimed by the ALPHV/Blackcat ransomware gang, which has been linked to over 60 breaches worldwide. Prudential is the second-largest life insurance company in the U.S. and has faced multiple data incidents in recent months.
Mastodon Design LLC, a CACI subsidiary, secured a nearly $100 million contract to provide the Army's Terrestrial Layer System-Brigade Combat Team Manpack, a dismounted electronic warfare system enabling soldiers to conduct jamming, direction finding, and limited signals intelligence capabilities on the move.
The Supreme Court's decision to overturn the Chevron doctrine could have significant implications for the cybersecurity regulatory landscape. Experts anticipate the ruling will lead to new legal challenges against recent agency cybersecurity requirements, including SEC incident reporting mandates and rules governing critical infrastructure sectors. The loss of Chevron deference means federal agencies will need to more carefully justify their statutory authority when issuing complex, technical cybersecurity regulations. This could force officials to seek clearer congressional backing or face an increased risk of court challenges, potentially creating more uncertainty and delays in implementing future cyber rules. The ruling represents an important shift that may require agencies to rethink their approach to crafting cybersecurity regulations in order to withstand heightened judicial scrutiny.
CDK Global, a critical software vendor for the automotive retail supply chain, is nearing the completion of its phased recovery process following a recent cyberattack. The company now expects to restore access to its cloud-based Dealer Management System for all of its more than 15,000 dealership customers by late July 3 or early July 4, just in time for the busy Fourth of July holiday weekend. While the restoration of the core DMS is nearly finished, CDK is still working to bring other services like its CRM platform back online. The extended outage has significantly disrupted operations for car dealers across North America, with several major publicly traded dealership groups warning investors of the negative business impacts.
Automotive leaders view cybersecurity as their biggest external threat, surpassing other key concerns, as the industry increasingly invests in connected technologies to drive efficiencies. The Rockwell Automation report found 97% of automakers and suppliers are using or considering smart manufacturing tools, heightening exposure to potential cyber threats. With cyberattacks causing $11.8 billion in damages in the first half of 2023 alone, the industry is prioritizing investments in zero trust architecture and emerging technologies like the industrial metaverse to bolster security and protect critical operations.
Prudential has revised its previous breach notification, now stating that over 2.5 million people had their information compromised during a February cybersecurity incident. The insurance giant initially reported that only 36,545 individuals were affected, but has since completed a more comprehensive analysis of the impacted data. While not all victims had the same information exposed, Prudential is providing 24 months of complimentary credit monitoring to all affected individuals as an additional protective measure.
领英推荐
The FBI warns that as the U.S. renewable energy industry expands to meet growing demand, it faces increased risk of cyber threats targeting operational technology systems, intellectual property theft, and ransomware attacks. The agency advises the industry to monitor networks, patch vulnerabilities, and report incidents to mitigate these emerging risks.
A former employee of Nuance Communications, a vendor for Geisinger Health, accessed patient information after being terminated, potentially exposing data for over 1.2 million patients. The employee has been arrested and is facing federal charges. Geisinger is working closely with authorities on the investigation, and the health system is notifying affected patients.
According to this article, the widespread outage affecting car dealerships following two cyberattacks against CDK Global in June could be resolved by the upcoming July 4th holiday. CDK Global, which provides software to nearly 15,000 dealerships, says it is rapidly restoring dealer connections to its Dealer Management System and anticipates all dealers will be back online by late July 3rd or early July 4th. The company had proactively shut down its systems after the attacks, which were attributed to the BlackSuit ransomware group. While some dealerships had to resort to manual processes during the outage, CDK Global reports it has already brought some dealers back online as part of its phased restoration approach.
Largest tech companies are looking to buy nuclear power directly from plants, which could sap the grid of critical resources. Amazon Web Services is nearing a deal for electricity supplied directly from a nuclear plant on the East Coast, while Amazon has already purchased a nuclear-powered data center in Pennsylvania. This trend of tech companies securing direct nuclear power deals could remove stable power generation from the grid, even as reliability concerns are rising and new electricity-intensive industries like AI, manufacturing, and transportation are significantly increasing demand in certain regions.
Critical vulnerabilities in the popular CocoaPods dependency manager have exposed millions of Apple apps to arbitrary code injection for nearly a decade. The flaws, including a remote code execution bug with a CVSS score of 10, allowed attackers to take full control of affected apps. Researchers urge developers to thoroughly review dependencies and take remediation steps, as the scale of the issue is enormous.
The Department of Homeland Security has awarded $18.2 million in tribal cybersecurity grants through the Federal Emergency Management Agency, the first-ever such program to support tribes facing growing digital threats. The grants will help tribes assess risks, implement solutions, and increase cyber defenses, with recipients required to participate in CISA services.
The General Services Administration provides guidance to FedRAMP cloud service providers on fulfilling secure software development attestation requirements based on a common form developed by CISA and OMB. The guidance covers form submission, agency requirements, and deadlines for critical and non-critical software.
Venable's Harley Geiger warns that the Supreme Court's decision to overturn the Chevron doctrine will have a "sweeping effect on regulations" in cybersecurity. Existing security regulations are now vulnerable to court challenges, future rulemakings must more clearly reflect Congressional intent, and inconsistent court rulings will make compliance more complex.
BSA-The Software Alliance proposes a risk-based approach to define "substantial cyber incidents" that would require mandatory reporting under CISA's upcoming regulations. BSA also recommends CISA focus on incident impact, harmonize reporting requirements across agencies, and address concerns around data preservation and subpoenas.
The US State Department is providing training to diplomats on cybersecurity, privacy, telecommunications, and other technology issues. This initiative aims to equip diplomats with the knowledge and skills to understand and address the complex technological landscape, enabling them to advance US policy abroad. The training includes discussions on the impact of technology on diplomacy and prepares diplomats to effectively respond to emerging threats and challenges.
Ali El Kaafarani, founder of PQShield, is working to establish new international security standards to protect sensitive data from the threat of quantum computers. Quantum computers have the potential to break existing encryption methods, posing a significant challenge to cybersecurity infrastructure. PQShield, based in Oxford, has raised $37 million in funding and has a team of 25 scientists focused on developing cryptography solutions. The company has advised organizations like the White House and GCHQ's cyber arm in addressing this critical security concern.
The US government's targeting of both TikTok and Kaspersky over national security concerns sets a precedent that undermines internet freedom and access to information. The bans raise questions about the potential erosion of a free and open internet.
Affirm Holdings, a US fintech firm, has stated that it believes the personal information of its card users may have been compromised in a cybersecurity incident at Evolve Bank and Trust, a third-party issuer of Affirm cards. While Affirm's systems were not compromised, customer data was illegally released on the dark web. Affirm has launched an independent investigation to determine if any personal information was compromised and is continuing remediation efforts.
Subscribe to our LinkedIn Cyber Briefing .
Subscribe to the daily Cyber Briefing email .
Subscribe to our Cyber Focus podcast .
Copyright ? 2024 Auburn University 's McCrary Institute. All Rights Reserved.