• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

US Agencies Have Been Busy

October 8, 2021 By Josh Stuifbergen

U.S. Agencies have been making headlines recently for a lot of their new cyber related regulations. The following are several noteworthy of examples of what they have been up to.

The Federal Communications Commission (FCC) and Robocalls

The FCC expects phone carriers to block illegal robocalls from providers not yet registered with the Robocall Mitigation Database. The order requires blocking “voice service providers that have neither certified to implementation of STIR/SHAKEN caller ID authentication standards nor filed a detailed robocall mitigation plan with the FCC.” More can be read on STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted Information Using toKENs) protocols here. Voice providers have had ample time since the creation of the Robocall Mitigation Database back in April 2021. The FCC smartly points out the that this measure isn’t an end all solution to robocalls, and to “remain vigilant against robocall scammers.”

The FCC also proposed rules to prevent illegal foreign-originated robocalls. It would require “these companies to apply STIR/SHAKEN caller ID authentication to, and perform robocall mitigation on, all foreign-originated calls with U.S. numbers.”

The Federal Communications Commission and SIM Swapping

SIM Swapping and port-out fraud are two types of attacks that US mobile carriers have failed to meaningfully address.

FCC SIM swapping definition: “…when a bad actor convinces a victim’s wireless carrier to transfer the victim’s service from the victim’s cell phone to a cell phone in the bad actor’s possession”

FCC port-out fraud definition: “…when the bad actor, posing as the victim, opens an account with a carrier other than the victim’s current carrier. The bad actor then arranges for the victim’s phone number to be transferred to (or “ported out”) to the account with the new carrier controlled by the bad actor.”

The FCC has taken notice and begun drafting rules to minimize these attacks. One is to put further onus onto the carrier to improve customer authentication mechanisms. The rules would standardize notifications to customers when a phone number moves to a new device or carrier, when a SIM card changes, or when a port request is made.

The Department of Justice (DOJ) Civil Cyber-Fraud Initiative

The DOJ intends to pursue government contractors who fail to notify the government of cybersecurity related breaches. The Civil Cyber-Fraud Initiative will “utilize the False Claims Act to pursue cybersecurity related fraud by government contractors and grant recipients.”

“For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it,” said Deputy Attorney General Monaco. This will certainly help those who have found themselves in a legal gray area on whether to disclose a breach. It especially makes the choice easier for employees asked to keep mum on a breach, as they can now point to the consequence of defying the DOJ clear-cut expectations.

The Department of Justice and the new National Cryptocurrency Enforcement Team

The DOJ created the National Cryptocurrency Enforcement Team (NCET) to “tackle complex investigations and prosecutions of criminal misuses of cryptocurrency, particularly crimes committed by virtual currency exchanges, mixing and tumbling services, and money laundering infrastructure actors.” They will also focus on extortions that are often paid to ransomware groups using cryptocurrency. The NCET team “will foster the development of expertise in cryptocurrency and blockchain technologies” which will certainly go a long way for the DOJ, who are likely playing catch up to the evolving cryptocurrency systems.

The Cybersecurity and Infrastructure Security Agency (CISA) and State Coordinators

CISA intends to have a coordinator in each state by the end of the year, according to an interview The Record had with Matt Hartman, Deputy Executive Assistant Director for Cybersecurity at CISA. The Cybersecurity State Coordinator Act of 2020 includes Bill S.3207 that “requires the Department of Homeland Security to appoint a Cybersecurity State Coordinator in each state”.

Positional duties include:

  • “advising on developing and maintaining secure and resilient infrastructure”
  • “serving as a federal cybersecurity risk advisor”
  • “facilitating the sharing of cyberthreat information between federal and nonfederal entities.”

Building local relationships and relaying security objectives from headquarters will certainly improve CISA’s efforts to protect against ransomware and nation-state attacks. Hartman states that they want to achieve “better operational visibility”.

The Transportation Safety Administration (TSA) and Rail and Aviation Operators

Homeland Security Secretary Alejandro Mayorkas spoke at the Billington Cybersecurity Summit on the department’s intention to improve security for aviation and rail operators considered high risk. The directive (not yet issued) will require operators to have a head cybersecurity official, report cyber-related incidents, and provide disaster recovery plans.

The Senate Homeland Security Committee and Cybersecurity Legislation

The Senate Homeland Security Committee approved the Cyber Incident Reporting Act of 2021 bill and Federal Information Security Modernization Act (FISMA) of 2021 bill. The Cyber Incident Reporting Act will require critical infrastructure organizations and civilian federal agencies to report cyber-attacks to CISA within 72 hours and 24 hours for ransomware payments. The FISMA bill updates the previous Federal Information Security Modernization Act of 2014 to improve coordination between federal agencies, with CISA acting as the lead agency. These bills require a vote on the Senate floor, which should have a good chance of passing based on the bipartisan efforts put into the bills.

Share This:

Related

Filed Under: Editorial Articles Tagged With: CISA, DoJ, FCC, Senate, TSA

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use