with Aaron Schaffer

State and local governments have been begging the government for more resources since they are on the front lines of a growing number of cyberattacks that lock up the computer systems of government services even more critical in a pandemic – including hospitals, schools and benefit distribution systems.

A surge in efforts by hackers holding data hostage in exchange for a fees has become a top concern for the Department of Homeland Security's cybersecurity division, its acting director now says.

“Because right now, if there was a catastrophic cyber incident affecting states and they did lack the resources to address it, we would not be able to move as quickly and expeditiously as we need to respond and recover,” acting Cybersecurity and Infrastructure Security Agency director Brandon Wales said at an event hosted by the Auburn University Center for Cyber and Homeland Security yesterday. 

A recent breach of Microsoft Exchange that impacted thousands of state and local organizations and governments hints at how overwhelming this lack of preparation could be. Wales emphasized that, even as federal officials and Microsoft are racing to contain the breach, stakeholders need to make sure they are no longer compromised to prevent ransomware and other follow-up attacks. 

Broadly, the agency is talking to state, local and community partners “every single day” and has hundreds of employees across the country assisting with cyber and physical security support, Wales said. The agency, he added, is eager to work with Congress and the federal government to help empower states to be their first own best line of defense. 

CISA is already readying the use of some new tools to combat the rise in ransomware.

The most recent defense authorization bill required the agency to set up cyber state coordinators to work as advisers to public institutions in every state in the country. Wales says that about 20 of the positions have already been filled. 

The agency is also preparing to within the next two months start using its new subpoena power to contact companies who have vulnerable systems exposed online. This could provide another tool for improving government insight into private-sector threats, a major concern in light of the SolarWinds and Microsoft hacks. 

Wales urged state and local governments to take advantage of its Multi-State Information Sharing and Analysis Center program, which provides cybersecurity resources to state, local and tribal governments. Both the House and Senate have introduced legislation focused on increasing cybersecurity resources and training to state and local governments and have expressed interested in helping CISA get more funding.

Wales says the agency is also looking at how it can foster the market for new innovations to protect potential victims from ransomware at scale. 

Ransomware attacks have risen significantly during the pandemic. (In 2020, the FBI received 2,474 complaints identified as ransomware with estimated losses of over $29.1 million. However, many such attacks go unreported.)  

We have not cracked the code, Wales said. The ransomware problem continues to grow and we need more and new innovative thinking on this.

The keys

Cybersecurity researchers said TikTok poses no more of a privacy threat than other social media apps.

The findings appear to contradict claims by the Trump administration that the app is an imminent national security risk, which led to an attempted ban of the app. The CitizenLab report comes as the company works to assuage the concerns, which the Biden administration is reviewing.

But the app’s rising dominance could pose a threat to U.S. businesses, the researchers said. “This potentially is an area that can be viewed as threatening U.S. national security,” they said, “as it decreases a U.S. business advantage and the influence it could exert by controlling the content distribution channels of the Internet.”

Criminals are selling coronavirus vaccination certificates online.

They’re taking to the anonymous, hidden parts of the Internet to trade forged government documents for hundreds of dollars, researchers from Check Point Research said. They’re also selling negative coronavirus test results that can be produced within an hour on the marketplaces, which have been booming with coronavirus-related activity this year.

Oded Vanunu, the head of products vulnerabilities at Check Point, said in a statement that he expects activity on illicit coronavirus-related markets to continue to rise. 

Former Trump campaign attorney Sidney Powell’s lawyers asked a judge to dismiss a defamation case by voting machine maker Dominion.

Powell’s attorneys said Dominion’s $1.3 billion defamation suit should be thrown out because “no reasonable person” would believe her claims about the company were “truly statements of fact,” Bloomberg News’s Erik Larson reports. Powell claimed that Dominion used computer code originally made for Venezuelan leader Hugo Chávez to flip votes in the 2020 election from then-President Donald Trump to then-candidate Joe Biden.

“Powell’s attempt to dismiss the case contradicts her claim that she wants to present her evidence in court,” Dominion attorney Tom Clare said in a statement. “Dominion Voting Systems is eager for the case to move forward and intends to hold Powell accountable.”

Chat room

Powell's court filing validated some, including former Cybersecurity and Infrastructure Security Agency director Chris Krebs:

Others, such as Georgia Public Broadcasting reporter Stephen Fowler, noted the bigger picture:

Global cyberspace

Cyber insecurity

Daybook

  • The Cyber Initiatives Group’s three-day conference kicks off today. The day’s speakers include Brandon Wales, the acting director of Cybersecurity and Infrastructure Security Agency, and FireEye CEO Kevin Mandia.
  • Dmitri Alperovitch, the chairman of the Silverado Policy Accelerator who previously co-founded cybersecurity company CrowdStrike and worked as its chief technology officer, discusses Russian cyberattacks at an event hosted by the Center for Strategic and International Studies on Thursday at 9:30 a.m.
  • Gen. Paul Nakasone, the commander of U.S. Cyber Command and director of the National Security Agency, testifies at a Senate Armed Services Committee hearing on Thursday at 9:30 a.m. 
  • Philipp Amann, the head of strategy at the European Cybercrime Center, speaks at an event on ransomware hosted by the Institute for Security and Technology on Thursday at 2 p.m.

Mentions

  • Ferox Strategies registered to lobby for software giant Microsoft effective March 1, one day before the company announced that Chinese hackers were exploiting a vulnerability in its email software. Debra Dixon, a former aide to Health and Human Services Secretary Xavier Becerra when he was a member of Congress, is registered to lobby on the account. She plans to lobby on issues including cybersecurity.
  • Franklin Square Group registered to lobby for semiconductor industry group SEMI effective Feb. 1.

Secure log off