At a glance.
- Israel's National Cyber Directorate acknowledges retaliatory capabilities.
- US Cyber Command hits ransomware actors.
- US cybersecurity regulations for air, rail travel systems.
- Australia plans to give telcos authority to block scam calls.
Israel’s civilian cyber defense is committed to retaliation.
CNN offers a glimpse into the inner workings of Israel's National Cyber Directorate, which coordinates Israel’s civilian cyber defense operations. Led by Yigal Unna, the directorate works twenty-four hours a day tracking cyberattacks from all manner of threat actors, from petty criminals to sophisticated, state-backed threat groups with political motivations. When asked about the growing shadow cyber war between Israel and Iran, which has gone from focusing only on military networks to targeting civilians (see the recent attacks on an Israeli dating site and Iran’s fuel distribution system), Unna was careful not to reveal too much, but made it clear that Israel would use “special measures and means” to fight back: "Of course we know who is behind it and we remember...and we can get even with those who are behind any of these attacks...Israel has all the tools and all the advantages not just in cyber but in all other aspects that we can use when it is needed.”
US Cyber Command acknowledges actions against ransomware attackers.
The US is also committed to the imposition of costs. In an unusual public acknowledgment of such measures, General Paul M. Nakasone, the head of US Cyber Command and Director, NSA, said that the US military has taken actions against ransomware gangs. The New York Times explains that his announcement denotes a shift, as in the past ransomware attacks were the responsibility of law enforcement agencies, but with an increasing number of attacks threatening the country’s critical infrastructure, the government is assuming a more aggressive posture. Nakasone would not go into detail, but stated that one of the US’s goals is to “impose costs,” military lingo for punitive cyberoperations. “We know much more about what our adversaries can and might do to us. This is an area where vigilance is really important,” he stated.
US TSA announces new cybersecurity directive for railway and airline operators.
In conjunction with the rail regulations the CyberWire discussed last week, the US Transportation Security Administration (TSA) has released cybersecurity directives for airlines, part of a larger push to protect the nation’s critical infrastructure from damaging disruptions, Security Week reports.
Homeland Security Secretary Alejandro Mayorkas explained, “These new cybersecurity requirements and recommendations will help keep the traveling public safe.” As Infosecurity Magazine notes, the directives require that all breaches be reported to the Cybersecurity and Infrastructure Security Agency within twenty-four hours, and that operators must complete a vulnerability review to identify any chinks in their systems’ armor and establish a contingency and recovery plan. The directives bear some resemblance to the regulations created for pipeline operators after the ransomware attack on the Colonial Pipeline. Announced by the US Department of Homeland Security (DHS) on Thursday, the new directives will go into effect on the last day of December.
Australian telcos may receive authority to intercept scam messages.
The Australian government has released plans to modify the Telecommunications (Interception and Access) Act 1979 to give telcos the power to intercept and block malicious SMS messages, ZDNet reports. Minister for Home Affairs Karen Andrews explained, "The regulatory amendment we have enacted provides the telecommunications sector with the authority they need to block malicious SMS messages at scale and protect the Australian public from scammers." Australian telco Telstra is piloting the development of new cybersecurity tech that will teach their systems to detect and intercept malicious messages. Andrews also announced that, beginning in March 2022, a new Joint Policing Cybercrime Coordination Centre (JPC3) led by Australian Federal Police (AFP) assistant commissioner Justine Gough will begin working to fight cybercriminals aiming to defraud Australians. An AFP spokesperson stated, "AFP-led JPC3 will target at scale those cyber criminals who trick firms using business email compromise or unleash mass phishing attacks, which can scam individuals out of personal information or money.”