At a glance.
- US Senate committee considers FISMA revisions to facilitate information sharing.
- Anti-ransomware best practices.
- The 5G attack surface.
Senators consider FISMA changes to facilitate incident information-sharing.
MeriTalk reports concerns from the US Senate Homeland Security and Governmental Affairs Committee that the Federal Information Security Modernization Act (FISMA) may need tweaking to ensure prompt and thorough disclosures of significant cyberattacks to Congress. Committee members expressed alarm in a hearing yesterday that the Department of Health and Human Services didn’t report the Holiday Bear breach as a “major incident,” and that other agencies report attacks on a delay or with inadequate detail. Congress may need to update FISMA to remove “ambiguity” about Federal civilian agencies’ notification requirements, lawmakers warned. Senator Portman (Republican of Ohio) said he’d also like to see a “single point of accountability” for Federal cybersecurity.
CISA shares best practices for avoiding a devastating ransomware attack.
In the wake of the Colonial Pipeline ransomware attack, a Cybersecurity and Infrastructure Security Agency (CISA) alert describes best practices for critical infrastructure operators hoping to avoid a similar occurrence:
- “Require multi-factor authentication”
- “Enable strong spam filters to prevent phishing emails from reaching end users”
- “Implement a user training program and simulated attacks for spearphishing”
- “Filter network traffic”
- “Update software”
- “Limit access to resources over networks, especially by restricting RDP”
- “Set antivirus/antimalware programs to conduct regular scans”
- “Implement unauthorized execution prevention”
- “Implement and ensure robust network segmentation between IT and OT networks”
- “Organize OT assets into logical zones”
- “Identify OT and IT network inter-dependencies and develop workarounds or manual controls”
- “Regularly test manual controls”
- “Implement regular data backup procedures”
- “Ensure user and process accounts are limited”
The alert concludes with a link to CISA’s free “hygiene services” and a reminder that the FBI and CISA discourage ransomware payment.
NSA outlines 5G vulnerabilities.
The NSA this week announced the publication of an analysis paper titled “Potential Threat Vectors to 5G Infrastructure.” The Office of the Director of National Intelligence and CISA collaborated with the NSA and industry experts to evaluate 5G risks, threats, and vulnerabilities, with a particular focus on systems architecture, standards, and the supply chain.
C4ISRNET highlights the threat posed by adversarial influence over standards-setting processes. China is the elephant in the room when the report refers to “the competitive balance within the 5G market” and “the availability of trusted suppliers.” Beijing has been known to inundate regulatory bodies with “mass amounts of proposed technical standards” with the aim of blocking rival technology.
For an idea of the stakes involved in the issue, consider that the Pentagon is currently testing 5G warehouse and radar applications.