Consider This

  • Paranoid or Proactive? On August 1, 2023, the Biden administration announced its belief that China has implanted malware into critical U.S. infrastructure that can potentially disrupt access to water, power, and communications.
  • Those Who Can Do Teach. On August 1, 2023, several leading academics and practitioners issued an open letter to law schools asking them to: (1) hire more faculty who focus their research and teaching on privacy and technology issues; and (2) expand curriculum to cover privacy law.
  • Border Patrol. On August 2, 2023, the FCC stated that U.S. government actions are needed to secure the Border Gateway Protocol, the internet's global routing system, which is a set of rules used to route data. The data routing, however, is based on efficiency and not security.
  • The List Is In. On August 4, 2023, CISA revealed its Strategic Plan that outlines nine objectives for how it will fulfill its cybersecurity mission over the next three years.
  • Putting Money Where Your Mouth Is. On August 7, 2023, the Department of Homeland Security allocated nearly $375 million in grants to help state and local governments strengthen their cybersecurity programs and protect critical infrastructure.
  • New NIST Rules Amidst. On August 8, 2023, NIST issued a new framework, which is open for public comment until November 4, 2023.
  • Give AI A Try. On August 10, 2023, the Biden administration issued a challenge for companies to use artificial intelligence to identify and fix software vulnerabilities. The competition will feature top AI companies and nearly $20 million in prizes.
  • Turning The Table. On August 14, 2023, the US announced the seizure of LolekHosted.net, a domain used by threat actors for nearly a decade to facilitate cybercriminal activities, such as ransomware, phishing, and (DDoS) attacks.
  • Power In Numbers. On August 17, 2023, CISA and the Joint Cyber Defense Collaborative (JCDC) revealed the Remote Monitoring and Management (RMM) Cyber Defense Plan to counter the heightening risks of threat actors exploiting RMM software.
  • Duck Hunt Not Only for NES. On August 29, 2023, the FBI announced the success of Operation Duck Hunt, which seized a Qakbot botnet by redirecting the botnet's network communications to servers under the FBI's control and then uninstalling the malware that the botnet had installed on the victim's computer.

As The World Turns

  • Ransomware on the Rise. A recent report revealed an 18% increase in ransomware attacks on industrial organizations and critical infrastructure during the second quarter. LockBit, BlackCat, and Black Basta were responsible for the most attacks.
  • Irony. On August 5, 2023, LetMeSpy, the Polish spyware service, shut down after a June data breach deleted its servers and stole data.
  • Password Reset? Researchers discovered over 140,000 breached passwords linked to accounts of users on hacking forums.
  • The Full Monti? The Monti group has reemerged, this time armed with a Linux-based variant that targets legal and governmental institutions.

Don't Forget

  • New Credit Union Reporting Requirements. The National Credit Union Administration's (NCUA) updated cyberattack reporting rules went into effect on September 1, 2023. The rules require the reporting of a cyber incident within 72 hours of its discovery.
  • New Texas Data Breach Statute. On September 1, 2023, Texas's amended data breach law will take effect. The amendments shorten the time to notify the Texas attorney general from 60 days to 30 days. The amendments also require that notification be made via an electronic form on the attorney general's website.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.