wannacry - X-Industry - Red Sky Alliance2024-03-28T23:49:17Zhttps://redskyalliance.org/xindustry/feed/tag/wannacryMore Cryptocurrency Oversight Introducedhttps://redskyalliance.org/xindustry/more-cryptocurrency-oversight-introduced-12022-02-03T15:14:37.000Z2022-02-03T15:14:37.000ZJim McKeehttps://redskyalliance.org/members/JimMcKee<div><p><a href="{{#staticFileLink}}10068637857,RESIZE_400x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}10068637857,RESIZE_400x{{/staticFileLink}}" alt="10068637857?profile=RESIZE_400x" width="250" /></a>Democratic lawmakers on the House Committee on Financial Services on 27 January 2022 outlined nine (9) provisions of the proposed America COMPETES Act of 2022 one of which has been criticized by the cryptocurrency community for potential privacy and due process concerns.</p>
<p>Committee Chairwoman Maxine Waters, D-Calif., says the America Creating Opportunities for Manufacturing Pre-Eminence in Technology and Economic Strength or COMPETES Act will "strengthen the competitiveness of the US economy and US businesses and counter anti-competitive actions taken by China."</p>
<p>See: <a href="https://redskyalliance.org/xindustry/sec-chairman-pushes-for-more-cryptocurrency-regulations">https://redskyalliance.org/xindustry/sec-chairman-pushes-for-more-cryptocurrency-regulations</a></p>
<p>But the nonprofit crypto policy advocate group Coin Center warns that one provision, proposed by Rep. Jim Himes, D-Conn., would give U.S. Secretary of the Treasury Janet Yellen "unchecked and unilateral power" to ban financial institutions, including regulated exchanges, from engaging in transactions. Himes' provision, the committee said in a statement this week, "streamlines the process by which special measures may be introduced, and modernizes the authorities granted to the Financial Crimes Enforcement Network by allowing the agency to pursue bad actors like those laundering the proceeds of Chinese ransomware and/or declared a primary money laundering concern due to support to North Korea's sanctions evasion."</p>
<p>Himes initially introduced the same provision to the National Defense Authorization Act for Fiscal Year 2022. It would allow the Treasury secretary to utilize the Bank Secrecy Act which requires US financial institutions to assist government agencies in money laundering investigations to require such parties to report transaction details and potentially freeze accounts.<a href="#_ftn1">[1]</a></p>
<p>Coin Center Executive Director Jerry Brito initially flagged the provision on Twitter this week, saying it "would be disastrous not just for cryptocurrency but for privacy and the due process generally." He claims it would also eliminate all public notice and comment requirements under the BSA. "It empowers the Secretary to prohibit any (or indeed all) cryptocurrency transactions (or any other kind of transaction) without any process, rulemaking, or limitation on the duration of the prohibition," Brito says on Twitter. He added, "It's time to call your members of Congress and ask that they take action to make sure that notice and comment and duration limitations are not removed."</p>
<p>In a full posting on its site, Coin Center Research Director Peter Van Valkenburgh and Brito elaborate on their concerns: "Like the unnecessary redefinition of 'broker' in the infrastructure bill last summer, the parts of this language aimed at cryptocurrencies are entirely unnecessary while the removal of procedures and the creation of unlimited administrative discretion is deeply consequential. "In other words, it is an attempt (deliberate or not) to use the moral panic surrounding criminal usage of cryptocurrencies … to strip our surveillance laws of all public processes. Even if you don't particularly care about cryptocurrencies, this encroachment on basic privacy rights must be opposed."</p>
<p>Ted Budd, a GOP congressman from North Carolina, also took to Twitter, claiming that the "unilateral" powers of the provision would do away with all public input and that he has offered an amendment to remove the language.</p>
<p>In addition, other blockchain security experts agree that lawmakers could be overreaching with the special measure. "The bill would undoubtedly give Secretary Yellen unilateral ability to ban digital assets transactions, provided she and her team at Treasury deem them a 'primary money laundering concern,'" says Michael Fasanello, who has served in various roles within the US Justice and Treasury departments, including for Treasury's Financial Crimes Enforcement Network. Fasanello, who is currently the director of training and regulatory affairs for the firm Blockchain Intelligence Group, says, "This doesn't just apply to crypto. It applies to any financial institution regulated under the BSA and any transactions they facilitate for customers."</p>
<p>Regulation in the space has proven particularly challenging, given certain interagency jurisdictional boundaries. This week, it was reported that the White House is expected to issue an executive order outlining key priorities to rein in cryptocurrencies. The space was also the topic of several congressional hearings in 2021 when for the first time, crypto executives testified on the upside of digital currencies and their associated risks, or the existing regulatory void. SEC Chair Gary Gensler has been an advocate of comprehensive cryptocurrency regulation - calling the assets "rife with fraud, scams, and abuse."</p>
<p>The sentiment around crypto regulation has largely been split down party lines, with Republicans in favor of less-stringent measures so as not to curtail innovation. Some Democrats, on the other hand, including Sen. Elizabeth Warren, D-Mass., have been outspoken critics of crypto's volatility and its state of cybersecurity, particularly in decentralized finance, or DeFi.</p>
<p>Recently, Singaporean crypto exchange Crypto.com confirmed that its platform had fallen victim to a multimillion-dollar cyberattack. In a postmortem entry on its website, Crypto.com confirmed that unauthorized withdrawals targeted the Ethereum and Bitcoin of 483 users with associated losses near $34 million, which the company says has been reimbursed.</p>
<p>The Federal Reserve published its long-awaited discussion paper on a central bank digital currency, or CBDC, for the US. In it, the Fed pointed to the innovative qualities of digital currencies, but stressed potential risks to the nation's financial system, including heightened cyber threats and privacy concerns.</p>
<p>The Fed said any CBDC design must consider privacy and ensure strong identification verification controls to stem money laundering and the financing of terrorism. It's currently open for public comment.</p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization that has long collected and analyzed transportation cyber indicators. For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or <a href="mailto:feedback@wapacklabs.com">feedback@wapacklabs.com</a> </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www.linkedin.com/company/64265941</a> </li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a id="share-reg-url" class="plAwLUVihzEw9Kyd" href="https://attendee.gotowebinar.com/register/5504229295967742989" target="_blank">https://attendee.gotowebinar.com/register/5504229295967742989</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://www.bankinfosecurity.com/crypto-advocates-decry-bill-that-could-ban-transactions-a-18393">https://www.bankinfosecurity.com/crypto-advocates-decry-bill-that-could-ban-transactions-a-18393</a></p></div>CISA warns of Impending Cyber Attackshttps://redskyalliance.org/xindustry/cisa-warns-of-impending-cyber-attacks-12022-02-03T14:59:45.000Z2022-02-03T14:59:45.000ZJim McKeehttps://redskyalliance.org/members/JimMcKee<div><p><a href="{{#staticFileLink}}10065321492,RESIZE_584x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}10065321492,RESIZE_400x{{/staticFileLink}}" alt="10065321492?profile=RESIZE_400x" width="250" /></a>The US government has urged organizations to shore up defenses "now" in response to website defacements and destructive malware targeting Ukraine government websites and IT systems this week.</p>
<p>The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new 'CISA Insights' document aimed at all US organizations, not just critical infrastructure operators. The checklist of actions is CISA's response to this week's cyberattacks on Ukraine's systems and websites, which the country's officials have blamed on hackers linked to Russian intelligence services.<a href="#_ftn1">[1]</a></p>
<p>Ukraine officials also told the media that dozens of systems in at least two government agencies were wiped during an attack two weeks ago. The use of destructive malware is reminiscent of NotPetya in 2017, which was effectively ransomware that lacked a recovery mechanism. It hit several global businesses, most notably shipping giant Maersk which needed to overhaul 45,000 desktops and 4,000 servers, although the actual target was probably businesses in Ukraine. Many NotPetya victims were infected through a hacked update for a Ukrainian software accounting package.</p>
<p>"The identification of destructive malware is particularly alarming given that similar malware has been deployed in the past—e.g., NotPetya and WannaCry ransomware—to cause significant, widespread damage to critical infrastructure," CISA notes in the Insights document.</p>
<p>See: <a href="https://www.cisa.gov/insights">https://www.cisa.gov/insights</a></p>
<p>Prior to the latest cyberattacks on Ukraine, CISA published an advisory aimed primarily at US critical infrastructure operators detailing recent Russian state-sponsored hacker tactics, techniques, and attacks on enterprise systems such as VPNs, Microsoft Exchange, VMware, Oracle software. It also spotlighted destructive attacks on operational technology (OT)/industrial control systems (ICS) networks in the US and Ukraine. </p>
<p>The new CISA document stresses that "senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise." It added, "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic."</p>
<p>A Microsoft spokesman reported on 22 January 2022 it had found destructive malware on dozens of systems at government, non-profit, and IT organizations, all located in Ukraine. The malware displays a ransom demand but this is just a ruse, as it overwrites the Windows Master Boot Records (MBR) and lacks a recovery mechanism, according to Microsoft. </p>
<p>Multi-factor authentication is central to CISA's recommendations. It should be used by all organizations for networks and systems that require privileged or admin access. The other is patching systems with available updates. Also, organizations should disable all non-essential ports and protocols, implement controls for using cloud services, and conduct vulnerability scanning.</p>
<p>CISA also recommends preparing a crisis-response team, developing response plans and nominating key personnel, and practicing incident response. To build resilience to destructive malware, CISA urges everyone to test backup procedures, ensure backups are isolated from network connections and ensure that critical data can be rapidly restored. Organizations with ICS or OT systems should endure critical functions that remain operable in a network outage. </p>
<p>The following is what Red Sky Alliance recommends:</p>
<ul>
<li>All data in transmission and at rest should be encrypted.</li>
<li>Proper data backup and off-site storage policies should be adopted and followed.</li>
<li>Implement 2-Factor authentication-company-wide.</li>
<li>For USA readers, join and become active in your local Infragard chapter, there is no charge for membership. infragard.org</li>
<li>Update disaster recovery plans and emergency procedures with cyber threat recovery procedures. And test them.</li>
<li>Institute cyber threat and phishing training for all employees, with testing and updating.</li>
<li>Recommend/require cyber security software, services, and devices to be used by all at-home working employees and consultants.</li>
<li>Review and update your cyber threat and information security policies and procedures. Make them a part of all emergency planning and training.</li>
<li>Ensure that all software updates and patches are installed immediately.</li>
<li>Enroll your company/organization in RedXray for daily cyber threat notifications are directed at your domains. RedXray service is $500 a month and provides threat intelligence on ten (10) cyber threat categories including Keyloggers and dark web without having to connect to your network.</li>
<li>Purchase annual cyber insurance coverage from Red Sky Alliance provided by Cysurance.</li>
</ul>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization that has long collected and analyzed transportation cyber indicators. For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or <a href="mailto:feedback@wapacklabs.com">feedback@wapacklabs.com</a> </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www.linkedin.com/company/64265941</a> </li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a id="share-reg-url" class="plAwLUVihzEw9Kyd" href="https://attendee.gotowebinar.com/register/5504229295967742989" target="_blank">https://attendee.gotowebinar.com/register/5504229295967742989</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://www.zdnet.com/article/cisa-warns-upgrade-your-cybersecurity-now-to-defend-against-potential-critical-threats/">https://www.zdnet.com/article/cisa-warns-upgrade-your-cybersecurity-now-to-defend-against-potential-critical-threats/</a></p></div>AI and its Hazardshttps://redskyalliance.org/xindustry/ai-and-its-hazards2020-02-27T18:47:52.000Z2020-02-27T18:47:52.000ZMatt Weidnerhttps://redskyalliance.org/members/MattWeidner<div><p><a href="{{#staticFileLink}}3947449230,RESIZE_1200x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}3947449230,RESIZE_710x{{/staticFileLink}}" alt="3947449230?profile=RESIZE_710x" width="275" height="183" /></a>Artificial Intelligence (AI) has been viewed as the right answer to all our questions for the past few years. AI, like a lot of technology, can be used for both Good and Evil. This article explores how AI is being used on both sides of the fight.</p><p>Link to the full report: <a href="{{#staticFileLink}}3947376206,original{{/staticFileLink}}">TR-20-054-001_AI hazards.pdf</a></p></div>