At a glance.
- CERT-In announces new cyberincident reporting requirements.
- Biden administration names head of Disinformation Governance Board.
- “Declaration for the Future of the Internet” cements commitment to a global free web.
- Routinely exploited vulnerabilities.
CERT-In announces new cyberincident reporting requirements.
India’s Computer Emergency Response Team (CERT-In) has issued a new cyberincident reporting directive requiring all service providers, intermediaries, data center providers, corporates, and government organizations to report incidents within six hours of detection, mint reports. Service providers will also be required to provide details about their mitigation efforts, and to connect and synchronize all their ICT systems clocks to the Network Time Protocol (NTP) Server of the National Informatics Centre (NIC) or National Physical Laboratory (NPL). NTP is a protocol used for reliably transmitting and receiving accurate time sources over TCP/IP-based networks to ensure the chain of events is accurately recorded. CERT-In says the new guidance is intended to remediate time gaps that were “causing hindrance to incident analysis." Rajeev Chandrasekhar, Union minister of state for electronics and IT tweeted, “To effectively fight cybercrime, all companies n enterprises must mandatorily report cyber incidents to IndianCERT New CyberSecurity directions for a SafeAndTrusted Internet issued under Sec 70b of IT Act."
Biden administration names head of Disinformation Governance Board.
The White House has selected Nina Jankowicz to head the Department of Homeland Security's (DHS) new Disinformation Governance Board, established “to coordinate countering misinformation related to homeland security, focused specifically on irregular migration and Russia.” Homeland Security Today explains that Homeland Security Secretary Alejandro Mayorkas Mayorkas spoke about the board’s mission during a hearing before the House Appropriations Subcommittee on Homeland Security this week. Announcing her new role, Jankowiz tweeted, “Honored to be serving in the Biden Administration @DHSgov and helping shape our counter-disinformation efforts…a HUGE focus of our work, and indeed, one of the key reasons the Board was established, is to maintain the Dept’s commitment to protecting free speech, privacy, civil rights, & civil liberties.” Newsweek reports that Jankowicz previously served as a global fellow at the Woodrow Wilson International Center for Scholars studying "the intersection of democracy and technology in Central and Eastern Europe," and has authored research about the spread of disinformation and the treatment of women online. Newsweek adds that in 2020 Jankowicz faced some criticism over a tweet she posted regarding the Hunter Biden laptop controversy, but on Wednesday she referenced the incident in a new tweet, stating that she was merely quoting candidates’ remarks during a presidential debate.
“Declaration for the Future of the Internet” cements commitment to a global free web.
The US and sixty global partners, including the Australia, Argentina, Belgium, Canada, Denmark, Georgia, Germany, Greece, Israel, Italy, Japan, Netherlands, the United Kingdom, and Ukraine, yesterday released a “Declaration for the Future of the Internet,” intended to reclaim “the promise of the Internet in the face of the global opportunities and challenges presented by the 21st century.” The document, the first of its kind, also “reaffirms and recommits its partners to a single global Internet – one that is truly open and fosters competition, privacy, and respect for human rights,” according to a statement from the White House. During a press call, a Biden administration senior official explained, “On the international front — what we’re talking about today — we have seen a trend of rising digital authoritarianism, where some states have been acting to repress freedom of expression, to censor independent news sources, to interfere with elections, promote disinformation around the world, and deny their citizens other human rights.” He referenced Russia’s spread of disinformation during its invasion of Ukraine, as well as China’s attempts at digital authoritarianism. Reuters notes that the declaration is a modification of last year’s attempt by the White House to create a coalition of democracies in support of an open and free intent.
The South China Morning Post notes that China and Russia are not included in the partnership, not surprising given that Ukraine is a signatory, and that the declaration expresses a commitment to upholding democratic values when it comes to internet regulation. One Biden administration official commented, “Look at what…Russia is doing, some of the steps China is taking, and I think we see this as a response to these kind of ‘splinternet’ tendencies by a number of authoritarian countries around the world.” ZDNet adds that India is also missing, but a Biden official has stated "the hope remains that time isn't fully passed yet for India to join.”
Big tech has already begun weighing in on the declaration, with Google expressing its support: "Since Russia's invasion in Ukraine, our teams have been working around the clock to support people in Ukraine through our products, defend against cybersecurity threats, and surface high-quality, reliable information.” Microsoft president and vice chair Brad Smith also commented, "We need new and innovative internet initiatives that bring governments together with NGOs, academic researchers, tech companies and many others from across the business community.”
Routinely exploited vulnerabilities.
Lorri Janssen-Anessi, Director, External Cybersecurity Assessments at BlueVoyant, emailed us some comments on the recently published advisory on the Five Eyes' Top Routinely Exploited Vulnerabilities advisory, Alert (AA22-117A). On the one hand the alert is a welcome case of official information sharing. On the other, the evidence that poor cyber hygiene remains common seems dismaying:
"I was encouraged to see the guidance published from the worldwide securities agencies on the top routinely exploited vulnerabilities. What the securities agencies highlighted aligns with what BlueVoyant's threat intelligence monitors for and observes. We consistently inform our clients of these vulnerabilities as they are identified. Our continuous monitoring of their networks also allows us to provide accurate and actionable information needed to mitigate these vulnerabilities. The similarities between BlueVoyant's threat intelligence monitoring and this guidance is evidence of consistency in the cybersecurity community and may be a result of good public/private partnering.
"That being said, the guidance unfortunately highlights the reality that many organizations still struggle with cyber hygiene. Some of these vulnerabilities have been known publicly since 2020 and have patches available. Just like the security agencies suggested, organizations need to more regularly patch their systems, use multi-factor authentication (MFA), or use two ways to verify user's identities before allowing them access to the network, and to segment their networks so users only have access to systems they need.
"In addition, the guidance should serve as reminder to organizations to regularly monitor their supply chain, and/or the third parties and vendors in their digital ecosystem. Even if you have patched and properly secured your internal network, you could be vulnerable if a third-party has not done the same."