Policy & Regulation

Federal agencies warn of ransomware targeting water, wastewater treatment plants

Months after the attack on a Florida water treatment plant, the FBI, CISA and other agencies are concerned about a new round of threats to vulnerable municipal sites.

By David Jones • Oct. 18, 2021

2021 ransomware bitcoin activity eclipses last year, Treasury finds

The number of suspicious activity report transactions is already up 30% over 2020 numbers and the agency has tracked billions of dollars in outgoing bitcoin payments potentially linked to ransomware.

By Samantha Schwartz • Oct. 18, 2021

Ransomware summit takeaways: Pledges to disrupt safe havens, money laundering

The State Department is in talks with Russia, however, some U.S. experts warn the Biden administration needs to take more forceful action out in the open. 

By David Jones • Oct. 15, 2021

Biden administration seeks international progress on ransomware fight

Russia, China and North Korea were left out of the virtual summit, while officials from 30 nations look to combat ransomware and illegal crypto transactions.

By David Jones • Oct. 14, 2021

White House tackles endpoint security in federal agencies, tees up CISA

Agencies should have "enterprise-level visibility" across bureaus and sub-agencies, a Friday memo said.

By Samantha Schwartz • Oct. 13, 2021

DOJ cracks down on ransomware with cyber task force, civil fraud initiative

Federal authorities will target illegal crypto trading platforms and pursue federal contractors that fail to report breaches.

By David Jones • Oct. 07, 2021

Ransomware attacks put availability of medical devices at risk: FDA cyber chief

Industry reached a "watershed moment" earlier this year when a device outage caused by malware endangered patient lives, said the acting director of cybersecurity at CDRH. 

By Greg Slabodkin • Oct. 04, 2021

How CISA's head wants to reform federal cybersecurity

Without a federal incident reporting law, CISA and the private sector lack efficient information-sharing capabilites, Director Jen Easterly said.

By Samantha Schwartz • Sept. 23, 2021

Treasury sanctions crypto exchange Suex in push to thwart ransomware

While more legal measures await international cybercrime, the government is sending interim messages to ransomware gangs.

By Samantha Schwartz • Sept. 22, 2021

FTC warns app makers fall under breach notification rule

A breach must be reported regardless of whether it was the result of malicious action, the agency said. Any unauthorized access, including sharing information without consent, would trigger the rule.

By Shannon Muchmore • Sept. 17, 2021

Neuberger amplifies Labor Day ransomware fears

The FBI alerted the food and agricultural industries of the increased risk of ransomware attacks, citing a series of damaging incidents against farms and production facilities.

By David Jones • Sept. 03, 2021

Tech CEOs promise billions of dollars in cybersecurity support

The Biden administration has to strike a balance between honoring big tech's capitalism while pushing it to a higher standard for the sake of national security.

By Samantha Schwartz • Aug. 26, 2021

FDA seeks more power for medical device cybersecurity mandates

The agency wants to require medtechs, as part of a premarket submission, to have a Software Bill of Materials and the capability to update and patch device security into a product's design.

By Greg Slabodkin • Aug. 20, 2021

US slow to adopt cyber improvements, with legacy issues lingering

The Cyberspace Solarium Commission worked with government and private industry stakeholders to develop scores of recommendations. Only 22% are fully adopted.

By Samantha Schwartz • Aug. 16, 2021

Pipeline operators raise concerns over aggressive TSA cybersecurity directives

Many of the agency's directives are rooted in basic cybersecurity hygiene, not necessarily lengthy digital transformation efforts, the TSA administrator said. 

By Samantha Schwartz • July 28, 2021

Lack of visibility leaves critical infrastructure vulnerable to ransomware

Corporate executives approve massive payouts to attackers because they see few options to quickly restore business operations, according to security experts.

By David Jones • July 22, 2021

White House ties cyberattacks to China, but private sector awaits stronger action

Security leaders urge more forceful action after the U.S. accused China of backing a campaign of malicious cyberattacks, including the early 2021 attacks against Microsoft Exchange server.

By David Jones • July 20, 2021

WFH shift tests resilience of financial services amid surge in phishing, ransomware

The Financial Stability Board warned the sector must remain vigilant amid new cyber risks and dependence on third-party technologies.

By David Jones • July 16, 2021

Grid regulators urge 'continued vigilance,' as Congress scrutinizes ransomware

With more attacks against critical infrastructure, legislators and federal officials are urging better response and prevention to curb the rise in ransomware.

By Robert Walton • July 15, 2021

White House cyber strategy takes shape

Cyber leaders officially join the ranks as White House grapples with remediation

The Senate confirmed Jen Easterly to lead CISA while the White House swore in the first national cyber director, Chris Inglis.

By Katie Malone • July 13, 2021

House passes broad bipartisan measures to help states fund energy cybersecurity

The bills position the private sector to receive financial incentives for helping improve states' energy cybersecurity, which experts say will be a key to securing systems from hackers.

By Robert Walton • UPDATED: July 22, 2021 at 10:25 a.m.

Gaps in DOD supply chain leave Pentagon vulnerable: report

SMBs in the defense industry remain vulnerable to persistent threats, and research shows a large percentage are missing the security basics, including data storage security.

By David Jones • June 24, 2021

Biden confronts Putin on cyberattacks, private sector optimistic

The U.S. president drew a line with the Russian leader on critical infrastructure as the countries plan to cooperate on reducing malign activity.

By David Jones • June 17, 2021

White House cyber strategy takes shape

What to expect from the national cyber director

While there are technicalities to sort out, the primary goal of the role is to fill a void in federal cybersecurity strategy across agencies and sectors. 

By Samantha Schwartz • UPDATED: June 18, 2021 at 8:54 a.m.

Colonial CEO defends oversight response, urges transparency on ransomware

Private industry needs more immediate and detailed threat intelligence to prevent these attacks from happening in the future, CEO Joseph Blount said.

By David Jones • June 10, 2021