At a glance.
- National security implications of a water treatment system hack.
- Domain security for state and local governments.
- US increases emphasis on ransomware investigation, prosecution.
- Access to Russia's markets will require a Russian office.
Water-treatment plant cyberattack: a national security matter, but not a casus belli.
Especially because it could have been the work of anyone, from neighborhood skid to more than one hostile intelligence service.
This wasn't obviously a financially motivated crime, nor was it, assuming a nation-state was behind it, mere espionage. It's best to regard it as an unsuccessful (and in some ways pretty casual, since the attackers were only in the system, it's believed, for about five minutes) attempt at sabotage. Sabotage, especially unsuccessful sabotage, seldom amounts to a casus belli, and Dragos CEO Lee tweeted much the same conclusion.
US Representative Jim Langevin (Democrat, Rhode Island 2nd District), a member of the House Committee on Homeland Security's Subcommittee on Cybersecurity and Infrastructure Protection, tweeted that the incident is another reminder that the Internet wasn't created with security in mind. US Senator Marco Rubio (Republican, Florida) tweeted that the incident should be treated as a "matter of national security," and that he's requested an FBI investigation, which is surely already in progress.
Paving the path to state and local agency domain security.
StateTech explains that December’s DOTGOV Online Trust in Government Act facilitates technical and financial assistance for local and state agencies making the transition to .gov domains. The General Services Administration will pass the .gov torch to the Cybersecurity and Infrastructure Security Agency (CISA), which will develop a local and state outreach plan, craft a reference manual, offer tech support, and waive charges where necessary. The Act also makes Homeland Security Grant Program funding available. The National Association of State Chief Information Officers president commented that the “adoption of the DotGov domain is one of the simplest steps that governments can take to strengthen their cybersecurity posture and sends a message to the user that the domain is legitimate, secure and trusted.”
US ramps up ransomware rumpus.
Last month the US Justice Department published enforcement actions against the Emotet operation and a Canadian allegedly caught up in NetWalker, JD Supra reports, signaling an enhanced focus on ransomware offenses. Meanwhile the Financial Crimes Enforcement Network reminded financial institutions of their obligation to report suspicious activity that looks like ransomware payments, and the Office of Foreign Assets Control added that penalties will be forthcoming for those that don’t play ball. Seeing as law enforcement is up against foreign servers, uncrackable encryption, nigh-untrackable crypto payments, and the dark web itself, they are eager to enlist allies.
Want to do business in Russia? You may need to open an office there.
Draft regulation in Moscow could compel foreign tech firms to open shop in Russia, a move Slate says “would fit exactly into the Kremlin’s internet control model.” The Kremlin has been working since 2018 towards an isolated, disconnectable “domestic internet,” though the pandemic seems to have temporarily stymied progress. Vietnam leveraged a similar law to squash “undesirable” speech and promote what critics call “digital repression under the veil of cybersecurity.” Locality requirements also enable age-old intimidation tactics like threats and arrests. While Internet companies already largely comply with Kremlin-ordered censorship (see for example YouTube’s scrubbing of Navalny protest content), Moscow is as a rule interested in “raising the costs of noncompliance.” At the moment, Apple, Google, Facebook, and Twitter have an online presence in Russia but no in-country offices.