Incident and Ransomware Reporting Requirement in Just Passed Spending Bill
President Biden signed a bill that requires critical infrastructure operators to report significant cyber incidents to CISA within 72 hours after they reasonably believe an incident has occurred and within 24 hours of making a ransomware payment. The ransomware reporting requirement applies even if it is not connected to a covered incident. Critical infrastructure and federal agencies that do not report on time may be subpoena. Failure to comply with the subpoena risks contempt of court. Credit: CSO Online and The Record
Germany Warns Against Using Kaspersky Products
Germany’s Office of Information Security is warning users to find alternatives as the antivirus company could be required to spy for Mother Russia. Kaspersky says, of course, that won’t happen. And I believe in the Easter Bunny too. The U.S. government banned Kaspersky’s software in government offices in 2017, but there are plenty of companies that still use it. I agree with Germany. Credit: SC Magazine
Deep Fake Videos Enters Ukraine Invasion
No doubt you have heard about deep fake videos where a video seems to be of someone, usually famous, saying something or doing something that they never did. Often these videos are pornographic in nature, but a new video is part of the Russian invasion of Ukraine. The video is of Ukraine’s President Zelenskyy saying that he was surrendering to Russia. He never said that and he did not surrender. Even so, a lot of people saw the video because the hackers hacked a Ukrainian TV channel and broadcast it. The new world of war. Credit: Metacurity
Hacking is a Business
Just like other modern businesses, the hacking business is optimizing its processes. Google’s Threat Analysis Group exposed a new Initial Access Broker, related to Russian hacking gangs, whom they are calling Exotic Lily. All these folks do is figure out how to break into your organization. They don’t steal anything or do any damage. They do, however, sell that access to the highest bidder and those folks do the crime. Credit: The Hacker News
Russia Jamming GPSS and Satellites, Imperiling Airplanes, etc.
The EU Aviation Safety Agency and CISA say someone is jamming satellite navigation systems in eastern Europe, including parts of Finland, Cyprus, Turkey, Lebanon and Israel, among others. Depending on the situation, a plane that is using the satellite for navigation might go in the wrong direction or fly into a war zone. Planes trying to land could crash into the ground or be forced to land at a different airport. Aviation authorities are telling pilots to make sure that backup navigation tools are working. Credit: Threatpost