top of page

The CyberDiplomat Daily




EdVotersPA report indicates 'staggering growth' in cyber charter assets, millions spent on advertising


A recent report by Education Voters of Pennsylvania found significant increases in assets for four cyber charter schools in Pennsylvania. The report revealed that the assets of these schools soared from $566,858 to over $486 million from 2018 to 2022, marking an increase of nearly 92,057 percent. The report also raised concerns about discrepancies in financial reporting and the accumulation of surplus funding by cyber charter schools. Calls for cyber charter funding reform, including a resolution passed by 94 percent of all school boards in Pennsylvania, have gained momentum. The report emphasizes the need for state lawmakers to align cyber charter tuition payments with the actual cost of providing an online education to ensure that school property taxes are invested in providing educational opportunities for students.



US Cyber Chief Sees ‘Very Aggressive’ Chinese Hacking Strategy


Beijing seeking out, targeting weaknesses in networks abroad General Timothy Haugh serves as head of NSA, Cyber Command. A top US spy chief said China is increasingly using its companies to find vulnerabilities in their own computer networks and then tapping that knowledge to target foreign nations and industries. “We’re really seeing China be very aggressive,” General Timothy Haugh, the director of the National Security Agency and head of Cyber Command, said in an interview with Haslinda Amin on Bloomberg Television.



Healthcare Sector Maps Cyber Risk Posed by ‘Single Points of Failure’


The Department of Health and Human Services is spearheading an effort to map out the cybersecurity risks associated with relying on a single technology supplier dominating a specific market sector. This initiative comes in response to the recent cyberattack on UnitedHealth Group’s Change Healthcare unit, which resulted in widespread disruptions to health claims processing and financial transactions. The goal is to proactively identify and address the vulnerabilities associated with a single point of failure in the healthcare technology infrastructure, in order to better prepare for and mitigate potential future cyber threats.



Mastercard Looks To Fight Cyber Threats: What's Going On With Credit Card Company's Shares Thursday?


Mastercard Incorporated (NYSE: MA) has opened a European Cyber Resilience Centre at its European Headquarters to enhance its cyber defense capabilities. The center includes a Fusion Centre, Digital Forensics Lab, and representatives from over 20 teams. It aims to address cyber threats by collaborating with partners from the public and private sectors across Europe. Mastercard is under scrutiny for its fee structure, with concerns raised by Britain's Payment Systems Regulator (PSR) about higher fees imposed on retailers without corresponding service improvements. In addition, Mastercard has partnered with Synchrony Financial (NYSE: SYF) and Virgin Red to launch the new Virgin Red Rewards World Elite Mastercard credit card program, allowing cardholders to earn Virgin Points on various purchases.



Ferraris, Bomb Threats, Billions: FBI Nabs Massive Cybercrime Kingpin


YunHe Wang, the alleged head of the 911S5 cybercrime ring, has been arrested by the FBI for running a global cybercrime network. He used various VPN services to collect data from 19 million unique IP addresses, including financial and personal information, which was then sold. Wang's alleged network of infected computers, described as a 'botnet,' was responsible for defrauding the U.S. government of billions of dollars in COVID pandemic aid, accessing and sharing child pornography, and defrauding people in 200 countries, according to the indictment. The FBI found at least 19 million hijacked IP addresses sold by Wang, with 613,841 in the U.S. Wang and two unnamed co-conspirators allegedly opened accounts at financial institutions, including HSBC, where they laundered money from 911S5. Wang similarly created dozens of fraudulent shell companies across the world, through which he laundered millions, as stated in the indictment. Patek Philippes, BMWs, Ferrari, Audemars Piguet, Rolls Royce, and $30 million in property connected to the investigation were seized. The kingpin was arrested in Singapore and is facing felony charges of criminal conspiracy, computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering.



Over eight in ten critical infrastructure organizations concerned about AI-driven cyber threats


The use of AI in cyber threats is a major concern for 84% of critical infrastructure organizations in the US. This concern is highlighted in a recent study conducted by cybersecurity services firm Bridewell. The study revealed that respondents are worried about AI-powered phishing attacks, automated hacking, adaptive AI cyberattacks, and AI-driven exploit development. Although organizations are using AI to combat cyber threats, the deployment of AI in cyber defenses is still in its early stages. Chase Richardson, Vice President of Consulting at Bridewell, emphasized the importance of incorporating AI into cyber defense strategies to prepare for the impending AI arms race.



EPA to Increase Inspections and Take Enforcement Actions to Protect U.S. Water Systems from Cyber Attacks


The U.S. EPA is enforcing the Safe Drinking Water Act to prevent cyber attacks on community water systems. Water systems serving over 3,300 people must conduct assessments, develop emergency plans, and certify completion to the EPA. The EPA has increased inspections to enforce compliance with the Safe Drinking Water Act (SDWA). Since September 2023, 70% of water systems inspected have failed to fully comply, posing cybersecurity risks. Small water systems are also at risk, and basic cyber hygiene practices are crucial in preventing and responding to cyber attacks. Water utilities rely on computer software to operate their treatment plants and distribution systems, making it vital to protect information technology and process control systems from cyber attacks. Nick Tausek from Swimlane emphasized that water and wastewater systems are prime targets of cyber threats. In March 2024, EPA Administrator Michael S. Regan and National Security Advisor Jake Sullivan sent a letter to all state governors requesting them to collaborate with the federal government in developing strategies to address the cyber threats facing drinking water and wastewater systems. EPA Deputy Administrator Janet McCabe said the agency was "committed to using every tool, including our enforcement authorities," to protect the water sector from cyber attacks.



Corvus revamps cyber offering, underwriting appetite


Corvus Insurance has expanded its Smart Cyber Insurance product, doubling its limit to $10 million for aggregate covered losses and raising the annual revenue limit to $5 billion. The company has also increased its underwriting scope for businesses with less than $30 million in annual revenue, focusing on the sub-$10 million segment. All Corvus products are now written on Travelers Excess and Surplus Lines paper. Corvus Insurance offers insurance products in the US, Middle East, Europe, Canada, and Australia. In March, the company unveiled an updated policy renewal process designed to enhance efficiency and convenience for brokers, including an application-free, click-and-bind renewal option for certain accounts.



New Army Cyber Command tool leveraged by Defense Department in achieving federal AI goals


The Panoptic Junction Tool developed by the Army Cyber Command has been chosen by the U.S. Cyber Command to fulfill President Joe Biden's executive order on artificial intelligence. The tool is designed to deploy AI capabilities to bolster vulnerability remediation in federal IT networks. It was originally created to automate tasks at the Army Cyber Command and has now been refined to address activities conducted by the Chinese state-sponsored threat operation Volt Typhoon. An Army Cyber Command spokesperson emphasized the tool's importance in continuously monitoring IT systems for faster detection of malicious activity and comprehensive vulnerability management while reducing complexity for personnel.



House committee OKs independent Cyber Force


The House Armed Services Committee approved an amendment to the fiscal year's defense authorization bill proposed by Reps. Morgan Luttrell, R-Texas, and Chrissy Houlahan, D-Pa. The amendment mandates an independent evaluation on the establishment of a dedicated Cyber Force. It was included in the House's version of the fiscal 2025 National Defense Authorization Act, despite opposition from some Democratic members. This comes after Rep. Luttrell emphasized the importance of an independent Cyber Force in an op-ed in Defense News.



Coinbase, Kraken Join New Industry Group to Combat Cyber Threats Over Web3


The crypto sector has seen significant growth globally but still faces cyber threats. Coinbase, Kraken, Circle, and The Solana Foundation have joined the newly formed Crypto ISAC to combat these threats and promote safe blockchain adoption. The mass adoption of crypto and digital assets relies on public trust in their security. Industry leaders are joining forces to combat evolving threats. In 2023, the crypto market saw over $1.8 billion in losses across 751 security incidents, with breaches affecting multiple chains. The crypto ISAC group aims to protect the community through awareness campaigns. ISAC plans to collaborate with governments to address prominent crypto threats. Jeff Lunglhofer, Chief Information Security Officer at Coinbase, emphasizes the importance of combating security threats and misinformation. ISAC aims to provide impartial information and awareness to the Web3 industry, especially on cybersecurity, after implementing security measures.



Mastercard Opens European Cyber Resilience Centre in Belgium


Mastercard has opened the European Cyber Resilience Centre (ECRC) at its European Headquarters in Belgium. The center aims to combat cyber threats, enhance resilience, and foster collaboration between the public and private sectors in Europe. It includes a Fusion Center, Digital Forensics Lab, and representatives from over 20 teams. The commitment reflects Mastercard's role in powering economies and empowering people, with a focus on privacy, data responsibility, and cybersecurity.



New cyber plans for critical infrastructure could be ready early next year


The Biden administration is working to establish minimum cybersecurity standards for critical infrastructure by early 2025. This effort involves developing new sector risk management plans and potentially recommending new cybersecurity regulations for sectors lacking minimum standards. The administration is also focused on improving cybersecurity for key sectors and increasing intelligence sharing with critical infrastructure owners. Additionally, there is an emphasis on ensuring equal prioritization and resources across all critical sectors.



Hundreds of thousands of US internet routers destroyed in newly discovered 2023 hack


An unidentified hacking group launched a cyberattack on a U.S. telecommunications company, disabling over 600,000 internet routers last October. The hackers installed malicious software, disrupting internet access in the Midwest. The attack was linked to internet service provider Windstream, but the company declined to comment. The consequences were serious, affecting rural communities and emergency services. The incident received little public attention, with affected customers complaining on Reddit about the sudden outage. It's unclear if the FBI was notified, as private companies often choose not to disclose such incidents.



Defending Professional Sports Organizations Against Cyber Threats


Professional sports organizations face significant cybersecurity challenges due to the high value of their data and widespread media coverage. Cisco has partnered with major sports organizations like the NFL to provide comprehensive security solutions. The NFL, in particular, is a constant target for cyberattacks due to its global popularity and expansion into international markets. Cisco is a crucial partner for McLaren Racing, providing security solutions for their global operations. They rely on Cisco Secure Firewall and Cisco XDR for threat monitoring and response. Similarly, the NFL benefits from Cisco's technology during major events like the Super Bowl. These partnerships emphasize the critical role of cybersecurity in professional sports. Jeetu Patel, from Cisco, highlighted the importance of trust and innovation in these partnerships. As cyber threats evolve, the need for advanced security technologies and strategic partnerships continues to grow, and Cisco aims to provide the necessary tools and expertise for defense.











0 views0 comments

Recent Posts

See All

Comments


bottom of page