Press "Enter" to skip to content

CISA’s warnings, the FBI’s moves, and geo politics collide

Two notices from CISA to be aware of.

First, a list of free cybersecurity services and tools to help organizations increase their security capabilities and better defend against cyberattacks.   Quoting BleepingComputer, “While the set is neither comprehensive nor impervious to change, it aims to mature an entity’s cybersecurity risk management when combined with baseline security practices for a strong cybersecurity program.

The list is a mix of services from CISA, open-source utilities, and free tools and services from organizations in the public and private sectors.”

Second, CISA urged leaders of U.S. critical infrastructure organizations on Friday to increase their orgs’ resilience against a growing risk of being targeted by foreign influence operations using misinformation, disinformation, and malformation (MDM) tactics.

Multiple influence operations coordinated by foreign actors had an impact on US critical services and functions across critical sectors,” according to the cybersecurity agency.

Meanwhile, NIST has released rules that will be used to create a labeling scheme for more secure consumer-facing IoT devices, as well as rules related to creating a cybersecurity label for consumer software.    They include a number of recommendations, including unique ways to identify the device, being able to delete all data on it, and devices not to include universal default passwords, among others.  

The US has indicated that Russia was behind the disruptions of Ukrainian government and banking websites, a top White House official said Friday.  Russia, on Saturday, rejected those claims. 

And the FBI is launching a new unit dedicated to tracking cryptocurrency crimes and ransomware profits.   The Virtual Asset Exploitation Team (VAXU) will help the U.S. government to keep pace with “threat actors who exploit innovations as fast as the marketplace produces them.”   The FBI’s VAXU unit will combine cryptocurrency experts, blockchain analysis and virtual asset seizure in one place to work investigations and provide training to the rest of the FBI. The specialized unit will form part of the National Cryptocurrency Enforcement Team (NCET), a division of the U.S. Justice Department created in late-2021 to investigate the criminal use of digital assets, with a particular focus on virtual cryptocurrency exchanges and other technologies that enable the misuse of cryptocurrency or facilitate criminal activity.

Why do we care?

One can see all the parts of government involvement.    We’ve got resources, warnings, law enforcement, and geo-political warfare.     Tracking all of this is a role within your organization.   Formally.