At a glance.
- TikTok CEO testifies before US Congress.
- SEC’s new cyber rules could be a step toward federal cybersecurity legislation.
- CISA's steps against ransomware.
CISA's steps against ransomware.
The US Cybersecurity and Infrastructure Security Agency’s (CISA’s) Joint Cyber Defense Collaborative (JCDC) is cultivating its pre-ransomware notification capability. JCDC states, “With pre-ransomware notifications, organizations can receive early warning and potentially evict threat actors before they can encrypt and hold critical data and systems for ransom.” The JCDC is a public-private sector information-sharing organization established by CISA in 2021. JCDC Associate Director Clayton Romans explained in a blog post yesterday that pre-ransomware notifications are possible due to “tips from the cybersecurity research community, infrastructure providers, and cyber threat intelligence companies about potential early-stage ransomware activity.” Romans added that “since the start of 2023, we’ve notified over 60 entities across the energy, healthcare, water/wastewater, education, and other sectors about potential pre-ransomware intrusions, and we’ve confirmed that many of them identified and remediated the intrusion before encryption or exfiltration occurred.” For more on JCDC, see CyberWire Pro.
Tom Kellermann, SVP of cyber strategy at Contrast Security, compares it to sound police work. “This is a big step towards managing the ransomware threat," he said. "CISA can now provide emergency notification and guidance to critical infrastructures per impending ransomware campaigns which will exploit their vulnerabilities. When a clear and present danger is identified, CISA will lean in. I would liken this to notifying police notifying home owners that their doors are open and there is a burglar in the neighborhood.”
Dror Liwer, co-founder of cybersecurity company Coro, also likes the initiative, but cautions that smaller businesses can't be overlooked. “While we applaud the initiative to protect and inform critical organizations, it is the smaller companies, those that make up the economic backbone of the US, that have been completely overlooked by the government as well as the cybersecurity industry. Especially in times of an economic downturn, an attack on a mid-market or small business could put it out of business forever.”