Evidence of Russian Malware Found on US Electrical Company Laptop*:
- A utilities company in Vermont, Burlington Electric Department, has detected evidence of Russian malware.
- The code is said to be connected to a Russian hacking outfit the US government has named Grizzly Steppe.
- The code linked to Grizzly Steppe was found on just one laptop, and the laptop wasn’t connected to the electrical grid – allaying earlier fears that Russia had hacked into the nation’s electrical grid.
- The Department of Homeland Security and the Federal Bureau of Investigation released their joint analysis report describing the Grizzly Steppe hacking campaign, and notified US utilities to be on the lookout for malware code.
- Green Mountain Power, another Vermont utilities company, also received a recent safety check from the Department of Homeland Security.
- Malicious cyber activity reportedly shut down the power grid in Kiev, Ukraine in December 2015.
*Source: The Verge, December 30, 2016
See How Hackers are Getting Bolder*:
- No network is safe from hackers these days.
- The number and size of DDoS or distributed denial of service attacks have been growing.
- There were an average of 414,985 DDoS incidents per month globally in 2016 according to a networking security company, up from 283,303 monthly in 2014, a 46% increase.
- New malware that has the ability to hijack Internet connected devices like baby monitors, DVRs, and remote cameras – of which there are already billions globally – only increases the threat to the networks of companies large and small.
- Click the below link to view an interactive graphic showing the size of DDoS attacks in several different countries.
*Source: Fortune, December 29, 2016
John McCain to Create New Senate Cybersecurity Subcommittee*:
- Senate Armed Services Committee Chairman John McCain (R-Ariz.) will create a new subcommittee focused on cybersecurity.
- The panel, which McCain said will be created within the next several days, will draft legislation related to cybersecurity and call on the incoming Trump administration to develop a strategy to deter and respond to cyber-attacks.
- Cybersecurity currently falls under the purview of the Subcommittee on Emerging Threats & Capabilities, which also oversees issues related to counterterrorism and weapons proliferation.
- Senator Lindsey Graham (R-S.C.) will head the new subcommittee.
- McCain and Graham have been two of the loudest voices within the Republican Party calling for a more aggressive response to the cyber-attack against the Democratic National Committee.
- Last month, McCain and Graham called on the Senate Majority Leader to create a select committee to investigate cyberthreats from foreign adversaries.
- McConnell rebuffed the request for a select committee, saying the Senate Intelligence Committee is “fully capable” of investigating the matter.
- As chairman of the Senate Armed Services Committee, McCain doesn’t need approval from McConnell to create a new subcommittee; McCain still favors the creation of a select committee if McConnell ever changes his mind.
*Source: The Huffington Post, January 6, 2017
White House Issues Government Wide Breach Notification Protocols*:
- Office of Management and Budget (OMB) released both guidance on how government agencies must prepare for and respond to data breaches, as well as how to comply with the Privacy Act in these modern times.
- The breach guidance, issued just under the wire before the Trump administration officially moves into town, rescinds the breach guidance initially issued in 2007 following the breach at the Department of Veterans Affairs.
- Senior Policy Advisor Marc Groman said the guidance is especially important for federal agencies because the threat landscape has changed significantly since the last guidance was issued a decade ago.
- The framework for breach response takes a risk-based approach on "assessing and mitigating the risk of harm to individuals potentially affected by a breach” and then delivers on whether notification to individuals is required or necessary.
- Federal agencies have 180 days to implement the changes reflected in the new breach guidance.
- OMB also issued guidance on how agencies implement aspects of the Privacy Act of 1974, which was last updated in 2000.
- The updated guidance reflects current technology and the evolution of how agencies are implementing certain aspects of the Privacy Act.
- Groman said both documents at their core are about good governance and having more effective and efficient government able to provice better and faster services.
*Source: IAPP, January 4, 2017
Ukraine Hit by 6,500 Hack Attacks*:
- Hackers have targeted Ukrainian state institutions about 6,500 times in the past two months, including incidents that showed Russian security services were waging a cyber-war against the country according to President Petro Poroshenko.
- Ukraine suffered attacks on its finance and defense ministries and the State Treasury that allocates cash to government institutions.
- A suspected hack also wiped out part of Kiev’s power grid, causing a blackout in part of the capital.
- A statement by the president of Ukraine said that “the investigation of a number of incidents indicated the complicity directly or indirectly of Russian security services waging a cyberwar against our country.”
- A cyber security firm said a hacking group linked to the Russian government likely used a malware implant on Android devices to track and target Ukrainian artillery units from late 2014 through 2016.
- There is a growing view among Western security officials that Russian President Vladimir Putin has increasingly relied on hacking to exert influence and attack foes; Russia has repeatedly denied hacking accusations.
- As a result of the cyber-attacks, Ukraine's Security Council agreed on measures to protect state institutions and the statement.
*Source: Reuters, December 29, 2016
FINRA Fines 12 Financial Institutions $14.4M for Illicit Data Storage*:
- The Financial Industry Regulatory Authority (“FINRA”) announced that it had fined 12 financial institutions a total of $14.4 million for improper storage of electronic broker-dealer and customer records.
- Federal securities law and FINRA rules require that business-related electronic records be kept in “write once, read many” (“WORM”) format, which prevents alteration or destruction.
- These 12 firms had WORM deficiencies that affected millions, and in some cases, hundreds of millions, of records pivotal to the firms’ brokerage businesses, spanning multiple systems and categories of records.
- Preventing the alteration or destruction of electronic brokerage records is, as the SEC has previously stated, “the primary means of monitoring compliance with applicable securities laws.”
- The individual fines ranged from $500,000 to $4 million.
- The Chief of Enforcement for FINRA stated, “These disciplinary actions are a result of FINRA’s focus on ensuring that firms maintain accurate, complete and adequately protected electronic records.”
*Source: Hunton & Williams, January 4, 2017