Tag Archives: CISA

FBI and CISA Issue Advisory on Scattered Spider Ransomware Attacks

Key Takeaways:

  • The Federal Bureau of Investigation (FBI) and Cybersecurity & Infrastructure Security Agency (CISA) have jointly issued a cybersecurity advisory in response to recent activity by the threat actor group known as Scattered Spider.
  • Scattered Spider is known to target large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – for ransomware attacks.
  • Scattered Spider largely relies upon impersonating IT support professionals and manipulating target company employees into sharing passwords or running malicious executables through remote access software.…
  • More

CISA Publishes Mitigation Guide to Combat Cyber Threats in the Healthcare and Public Health Sectors

If you need a little intellectual stimulation after hours of Thanksgiving turkey and football, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just the thing — the new CISA Mitigation Guide for the Healthcare and Public Health Sectors.  This somewhat technical guide is a little dry, but it offers solid recommendations and sugested best practices to combat the pervasive cyber threats affecting the Healthcare and Public Health (HPH) Sectors.… More

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force

On May 23, 2023, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and includes additional recommended actions,… More

Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (i.e., Dealing with the Fallout from Russia’s Invasion of Ukraine)

The Cybersecurity & Infrastructure Security Agency (“CISA”) has just released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors (i.e., Russia) may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical functions and services across multiple sectors. … More

U.S. Department of Homeland Security Launches First-Ever Cyber Safety Review Board

Earlier this week, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is a public-private initiative that will bring together government and industry leaders to elevate U.S. cybersecurity.

The CSRB will review and assess significant cybersecurity events, so that government,… More

CISA on Russia, Ukraine and Ransomware

According to the U.S. Cybersecurity and Infrastructure Security Agency (“CISA“), the potential hostilities between Russia and Ukraine are likely to spill over into cyber warfare.  In this month’s CISA Insights:

Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies,… More

Will “stopransomware.gov” Actually Stop Ransomware?

In response to the spate of ransomware attacks, the United States has launched a website, www.cisa.gov/stopransomware.   According to the government press release, the website’s aim is:

to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov<http://stopransomware.gov/> is a whole-of-government approach that gives one central location for ransomware resources and alerts. We encourage organizations to use this new website to understand the threat of ransomware,… More

Kaseya VSA Cyberattack: What Kaseya and the Feds Are Saying

If you aren’t following the ransomware attack on Kaseya’s VSA product and approximately 800-1500 of its users, you should be.  Like many cyberattacks, this one came on the verge of a holiday weekend.  As the company itself notes, “Kaseya’s VSA product has unfortunately been the victim of a sophisticated cyberattack.   Due to our teams’ fast response, we believe that this has been localized to a very small number of on-premises customers only. … More

U.S. Department of Homeland Security Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

On May 27, 2021, the Department of Homeland Security’s Transportation Security Administration (TSA) announced a Security Directive that will enable DHS to better identify, protect against, and respond to threats to critical companies in the pipeline sector.  (And for those in other business sectors, this is a potential preview of cybersecurity regulation to come.)

“The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats,” said Secretary of Homeland Security Alejandro N.… More