At a glance.
- FTC seeks public comment on future commercial surveillance rules.
- State Department announces $10 million bounty for info on Conti.
- The war in Ukraine’s impact on US cybersecurity.
FTC seeks public comment on future commercial surveillance rules.
In recent months the US Federal Trade Commission (FTC) has been looking for ways to crack down on mass commercial surveillance, and yesterday the FTC released an Advance Notice of Proposed Rulemaking requesting input from the public on future regulation. As the FTC explains, commercial surveillance has made it profitable for companies to gather data on customers’ online activities – browsing histories, personal contacts, buying habits, geolocation information – for advertising and marketing purposes. The problem is, that data are often collected without user permission, or permission is a requirement of receiving service. What’s more, a lack of adequate regulation means many businesses lack the security protocols to effectively protect the data they collect, leaving customer info at risk of theft.
FTC Chair Lina Khan stated, “Our goal today is to begin building a robust public record to inform whether the FTC should issue rules to address commercial surveillance and data security practices and what those rules should potentially look like.” The Wall Street Journal notes that although the FTC has brought enforcement actions against businesses found to be in violation of the FTC Act, the commission lacks the authority to impose financial penalties. Tighter regulations that set clearly defined data security requirements could change all that, and would fall in line with Khan’s more aggressive stance when it comes to regulating big business.
State Department announces $10 million bounty for info on Conti.
Under its Rewards for Justice program, the US State Department yesterday declared it’s offering up to $10 million to anyone with intel on members of the Conti ransomware gang (aka Wizard Spider). In an unprecedented step, the State Department has specifically asked for any information on five individual Conti members who go by the handles Professor, Reshaev, Tramp, Dandis, and Target, and has even circulated an alleged photo of Target (who appears to be a middle-aged man with a penchant for hats with ear flaps).
Wired reports the move signals the US government’s commitment to disrupting the malicious activities of the prolific threat group, which targeted over one thousand organizations and acquired over $180 million last year alone. Conti is known for its business-like structure that employs over one hundred members, and leaked information indicates the group has even attempted to implement its own cryptocurrency payments platform. Senior members are believed to have ties to the Russian government and security services, and the US State Department has declared the group a threat to national security. US Air Force major Katrina Cheesman, a spokesperson for the Cyber National Mission Force, stated, “Conti has publicly acknowledged its connection with foreign governments, specifically its support of the Russian government. Based on its ties to Conti and other indicators, it is assessed that the leadership of the organized crime group known as Wizard Spider likely have a connection to government entities inside of Russia.”
Adam Flatley, [redacted]'s Director of Threat Intelligence, cautions that going, literally, after Conti proper is in all likelihood a day late and a dollar short. “The sad news here is that the government continues to fight the last war, instead of the current war or prepare for the next war. Conti has dissolved and broken up into disparate groups that look almost nothing like the original," he wrote in emailed remarks. "The bad guys are still staying multiple steps ahead of them because the government is still failing to treat this like a national security issue. As long as they try to fight cybercriminals in Russia without utilizing national security capabilities, they're going to keep losing. You can't shame them (they take it as a badge of honor), you can't arrest them (the Russians protect and utilize them), they don't travel (so you can't sanction them or grab them when they are in a friendly country). Right now, the administration is failing to raise this to the level in the national security community to take actions that would actually impact these groups.”
So don't let "Conti" prove a distraction to any potential whistleblowers, informants, or snitches. Rewards for Justice is after information tying individuals or malware to a "foreign government targeting U.S. critical infrastructure."
The war in Ukraine’s impact on US cybersecurity.
Russia’s invasion of Ukraine has the US on high alert for potential cyberaggression from Moscow, but federal officials say the war in Ukraine may have had some positive impact on American cybersecurity, SearchSecurity reports. As a result of the invasion, the White House and federal agencies have imposed economic sanctions against the Russian government private entities like cryptocurrency exchanges, and according to the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), these penalties have led to a decrease in cyberattacks from state-backed threat actors. Speaking at the RSA Conference 2022 last week, NSA Director of Cybersecurity Rob Joyce stated, "Sanctions related to Russia and their Ukraine problem have impacted the ransomware actors. They are finding it difficult to extract funds out of the ecosystem, get them converted as well as use payments that are accepted to buy the infrastructure they need to operate." During a speech at the Chamber of Commerce last month, Mike Herrington, section chief of the FBI's cyber division, agreed that recent attacks impacting the US have been mostly acts of opportunity rather than government-backed strategy. That said, he warned that the shift could be temporary, especially as US support of Ukraine persists. "As we continue to ratchet up sanctions in support of Ukraine, there is going to be increased pressure on Russia to respond in some way," Herrington stated.
Breaking Defense adds that the war in Ukraine has also changed the way the US defense industry operates, as the invasion has motivated an increase in production of existing weapon systems at an unprecedented scale. The need to replenish US supplies being sent to Ukraine and to prepare for future conflicts has led the weapons industry to double-down on production and maintenance, resulting in a strain on resources already stretched by the push for consolidation after the Cold War. For the first time in recent years, the FTC has been cracking down on mergers and acquisitions in the defense sector, even taking legal action to pull the plug on the recently proposed merger of Aerojet and Lockheed.