Archive for USA

US Companies Will Soon Have To Report Any Instance That They Have Been Pwned Or They Paid A Ransom

Posted in Commentary with tags , , on March 13, 2022 by itnerd

I’ve said for a long time that companies will only ensure that their cyber defences are as strong as they possibly can be if they’re forced to by law. That’s why this news is really good news as far as I am concerned:

Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. 

The rules are part of a broader effort by the Biden administration and Congress to shore up the nation’s cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. The reporting will give the federal government much greater visibility into hacking efforts that target private companies, which often have skipped going to the FBI or other agencies for help.

“It’s clear we must take bold action to improve our online defenses,” Sen. Gary Peters, a Michigan Democrat who leads the Senate Homeland Security and Government Affairs Committee and wrote the legislation, said in a statement on Friday.

The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President Joe Biden soon. It requires any entity that’s considered part of the nation’s critical infrastructure, which includes the finance, transportation and energy sectors, to report any “substantial cyber incident” to the government within three days and any ransomware payment made within 24 hours.

What I hope this does is make companies think long and hard if they want to be on the wrong end of getting pwned, and having to report it to the US Government. Which will make them invest time, effort, money, and more time, effort, and money into people, training and products that will keep their companies from getting pwned. That in turn will hopefully make cybercrimes like ransomware less attractive to cybercriminals, and we will see less of this as a result.

Oh. In case you’re wondering what happens if a company doesn’t report a cyber incident? Here’s your answer:

The new rules also empower CISA to subpoena companies that fail to report hacks or ransomware payments, and those that fail to comply with a subpoena could be referred to the Justice Department for investigation.

The CISA is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. This is the lead agency for the US Government for this sort of thing. And I am pretty sure that no company wants the Justice Department knocking on their door. Thus this is great news as far as I am concerned.

US Goes After China For Hacking… China Hits Back

Posted in Commentary with tags , , on July 21, 2021 by itnerd

The US has taken the unusual step taking a shot at China over the hacking of Microsoft. This March, Microsoft reported that at least 30,000 customers were affected by a hack that allowed outsiders to access the firm’s email and calendar service through a software loophole previously unknown to the company. Volexity, the cybersecurity firm that first discovered the Exchange breach, and Microsoft concluded the attacks originated from China and appeared to be state-sponsored.

This has now led to the U.S. Justice Department charging four Chinese citizens from China’s secretive ministry of state security who are alleged to have hacked into the computer networks of dozens of companies, universities and government entities. China denies this:

“The U.S. ganged up with its allies and launched an unwarranted accusation against China on cybersecurity,” Chinese Foreign Ministry spokesman Zhao Lijian said Tuesday at a regular press briefing in Beijing. “It is purely a smear and suppression out of political motives. China will never accept this.”

But this is likely the beginning according to Director of Enterprise Security at Darktrace, David Masson:

“We have entered a new era of cyber-threat – attacks are increasing in speed, sophistication, and scale with malicious software like ransomware being able to encrypt an organization’s entire digital infrastructure in seconds. Even more alarmingly, geopolitical tensions are being played out in cyber battles with organizations getting caught in the crossfire.

Although it is difficult to attribute these attacks to any single nation-state, our government should take every opportunity to pressure cyber-criminals and grow international condemnation in the hopes of resetting the current state of unchecked nation and non-nation state cyber-aggression targeting countries globally. This lack of a unified strong and significant international response only further emboldens nation-state driven or sponsored cyber-attacks against the private sector and government institutions.

Canada can lead the way in putting every nation state and cybercriminal group, whether state-sponsored, supported, or simply sheltered, on notice that cyber-attacks will not only be taken extremely seriously, but that there could be a high cost where those responsible are held accountable through all levers of national power.

The priority must be protecting Canadian businesses and institutions from cyber-attacks that pose a threat to both economic and national security.”

Hopefully Canadian businesses, if not all businesses take heed of this warning.

US Government Introduces Legislation To Take On Big Tech

Posted in Commentary with tags on June 11, 2021 by itnerd

US House representatives have unveiled the Ending Platform Monopolies Act today with Rep. David Cicilline (D-RI) sharing a statement that I found in The Verge that aims to take big tech down a peg or two:

“Right now, unregulated tech monopolies have too much power over our economy. They are in a unique position to pick winners and losers, destroy small businesses, raise prices on consumers, and put folks out of work,” Rep. David Cicilline (D-RI) said in a statement Friday. “Our agenda will level the playing field and ensure the wealthiest, most powerful tech monopolies play by the same rules as the rest of us.”

If eventually passed in the House and Senate, that could usher in the regulation of Apple, Amazon, Facebook, and Google to ensure that they don’t have too much power. I am not sure that this is a great thing to do. But I guess we will see how this plays out.

America To Give Ransomware Attacks Similar Priority As Terrorism

Posted in Commentary with tags , on June 4, 2021 by itnerd

The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters:

Internal guidance sent on Thursday to U.S. attorney’s offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington. “It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, acting deputy attorney general at the Justice Department.

Last month, a cyber criminal group that the U.S. authorities said operates from Russia, penetrated a pipeline operator on the U.S. East Coast, locking its systems and demanding a ransom. The hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localized fuel shortages in the southeast. Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million to regain access, the company said.

The problem is that this won’t help as a lot of these threat actors are based in countries where the US can’t get them and toss them into jail. Here’s what will actually help:

  1. Business systems should be running ONLY applications needed to do the job, and no others.
  2. Business systems networks should be isolated from operations networks. Air Gapped as needed.
  3. Systems that need access in or out should be properly firewalled, including blocking entire countries or regions as needed.

The fact is that good IT is expensive. Bad IT is costly. We are in a place where bad IT is the norm. On top of that, it is perceived that it is much easier to have bad IT and pay the BITCOIN when they get pwned. But it isn’t cheaper. And that needs to change. When it does, this problem will get mitigated.

Bill To Strip Section 230 Protections From Internet Companies Introduced…. Is Trump Getting What He Wants?

Posted in Commentary with tags on December 10, 2020 by itnerd

I’ve talked about the fact that President Trump has been whining and complaining about nuking Section 230 which would strip the protections from nearly every internet venue with user interaction. That would include Facebook and Twitter among others. The Break Up Big Tech Act of 2020, introduced yesterday by Rep. Tulsi Gabbard (D-HI) and Rep. Paul Gosar (R-AZ), seeks to strip companies of those protections if they take supposed actions like “acting as publishers and censoring certain users.”

The legislation if passed would remove Section 230 protections from online companies that perform the following activities.

  • Selling and displaying targeted ads without a user’s consent
  • Collecting data for “commercial purposes other than the direct sale of the interactive computer service.”
  • Acting as a marketplace by “facilitate the placement of items into the stream of commerce.”
  • Employing digital products intended to “engage and addict users” to the service.
  • Acting as a publisher by using algorithms to moderate or censor content without opt-in from users

So this would effectively give Trump and conservatives who have been claiming that the Internet censors their voices what they want. Assuming that this passes. We’ll see if that actually happens or if this bill dies quietly after January 20th 2021.

Report: Trump Gave The CIA More Power To Launch Cyberattacks

Posted in Commentary with tags on July 15, 2020 by itnerd

The Central Intelligence Agency has conducted a series of covert cyber operations against Iran and other targets since winning a secret victory in 2018 when President Trump signed what amounts to a sweeping authorization for such activities, Yahoo News reported, citing former U.S. officials with direct knowledge of the matter:

The secret authorization, known as a presidential finding, gives the spy agency more freedom in both the kinds of operations it conducts and who it targets, undoing many restrictions that had been in place under prior administrations. The finding allows the CIA to more easily authorize its own covert cyber operations, rather than requiring the agency to get approval from the White House. Unlike previous presidential findings that have focused on a specific foreign policy objective or outcome — such as preventing Iran from becoming a nuclear power — this directive, driven by the National Security Council and crafted by the CIA, focuses more broadly on a capability: covert action in cyberspace.

The “very aggressive” finding “gave the agency very specific authorities to really take the fight offensively to a handful of adversarial countries,” said a former U.S. government official. These countries include Russia, China, Iran and North Korea — which are mentioned directly in the document — but the finding potentially applies to others as well, according to another former official. “The White House wanted a vehicle to strike back,” said the second former official. “And this was the way to do it.” The CIA’s new powers are not about hacking to collect intelligence. Instead, they open the way for the agency to launch offensive cyber operations with the aim of producing disruption — like cutting off electricity or compromising an intelligence operation by dumping documents online — as well as destruction, similar to the U.S.-Israeli 2009 Stuxnet attack, which destroyed centrifuges that Iran used to enrich uranium gas for its nuclear program.

Assuming that this is accurate, I am not sure that this was a good idea. Having checks and balances to ensure that this is an option that is only used if it is truly required would likely mean that these are targeted operations by the US with a limited scope and a low chance that the target will retaliate. But now that this is out there, countries with the ability to launch these sorts of cyberattacks will likely feel that they have the green light to retaliate. Or launch larger scale cyberattacks of their own with potentially devastating effects. That has the potential to create all sorts of chaos. And it may come back to haunt the US at some point.

Tata Consultancy CEO Warns The USA On H1B Visa Freeze

Posted in Commentary with tags on July 10, 2020 by itnerd

The chief executive officer of Tata Consultancy Services which is Asia’s largest IT services firm warned that a U.S. freeze on thousands of employment visas by President Donald Trump will only raise costs for American corporations like Wall Street banks, auto manufacturers and drugmakers.

Tata Consultancy Services (TCS) CEO Rajesh Gopinathan told Bloomberg News the move has put massive stress on a huge swath of Indian-born engineers that have lived in the U.S. for years and helped support American clients, who will ultimately be the ones hurt most. His remarks were among the strongest public rebukes from India’s $181 billion IT industry since U.S. President Donald Trump’s June decree to halt approvals for a range of visas until the end of the year — including those for intra-company transfers. 

TCS and peers like Infosys have relied for years on the ability to send talent to work alongside their customers overseas, which include some of the largest electronics manufacturers and global retailers. Investors worry that the inability to do so will hurt their competitiveness in the largest international market. “The ignorance around this ruling should be addressed,” Gopinathan said via video conference on Friday. “Playing with the status of people who’ve moved away from families and committed to spending five-six years in a foreign country without immigrant status to deliver value to customers, is a short-term gimmick,” the executive said.

Now there is a bit of self interest at work here. Tata and Infosys are used by US companies because they are cheaper, not because they are better. The IT industry has been replacing competent local staff with less competent and cheaper Indian staff for years now. Every IT type like me has seen this happen. Many of us have seen the disasters these cheaper staff create and are quite happy to see curbs on H1B visas.

Here’s the flip side. This could send tech workers of all sorts running to other countries like Canada. As it stands, Canada was becoming a tech hub thanks to Trump administration policies. Now I have seen an acceleration of this because of the latest move by Trump. That cannot end well for the US.

It will be interesting to see how this plays out. My guess is that this is far from over.

DOJ Opening “Broad Antitrust Review” Of Major Tech Companies

Posted in Commentary with tags on July 24, 2019 by itnerd

If you’re Apple, Google, or Facebook, this may be a problem. As detailed by the Wall Street Journal [Likely Paywalled], the DOJ review targets practices of online platforms:

Justice Department officials said those agreements weren’t meant to be open-ended or all-encompassing. But in any case the department isn’t trying to pre-empt the FTC’s work, they said, and suggested the two agencies might explore different tech practices by the same company, as well as different legal theories for possible cases.

While companies like Facebook and Google perhaps have some “questionable” business practices, Apple perhaps doesn’t belong on this list. Though the The Wall Street Journal suggests otherwise when it comes to the App Store [Likely Paywalled]. In short, I wonder how much of this is about politics and how much of this is because there are actual problems with tech companies. I guess we’re about to find out.

Visitors To The US Will Need To Hand Over Their Social Media Info If They Need A Visa

Posted in Commentary with tags , on June 2, 2017 by itnerd

I’ve been following this story for a while now, and it’s finally become reality. The US Government has rolled out a new questionnaire for U.S. visa applicants worldwide that asks for social media handles for the last five years and biographical information going back 15 years. From the report:

The new questions, part of an effort to tighten vetting of would-be visitors to the United States, was approved on May 23 by the Office of Management and Budget despite criticism from a range of education officials and academic groups during a public comment period. Critics argued that the new questions would be overly burdensome, lead to long delays in processing and discourage international students and scientists from coming to the United States. Under the new procedures, consular officials can request all prior passport numbers, five years’ worth of social media handles, email addresses and phone numbers and 15 years of biographical information including addresses, employment and travel history.

Welcome to the world of extreme vetting. And the problem with this is that:

  1. It’s not going to work because nobody who is up to no good is going to serve up any social media information that highlights the fact that they’re up to no good. Nor are they going to make it easy enough to find. Thus I seriously doubt that a single “bad dude” is going to get caught via any sort of extreme vetting.
  2. The unintended side effect of this sort of thing is that nobody is going go to the US. That’s going to have a negative effect on the $1.6 trillion in economic output in 2015 that tourism to the US generates. And according to The IndependentThe Washington Post and even FourSquare, tourism to the US has dropped since President Trump took power in the US. And my wife and I are examples of this as we cancelled a vacation to the US and instead will be road tripping across Canada simply because we do not feel that the US is a good place to go on vacation right now. I also have really cut back on any business trips to the US since Trump became president unless I have no other choice for a similar reason. Thus in the process, depriving the US of additional revenue from the flight, hotel, car rental, restaurants, etc. that my business trips would generate.

I suspect that once jobs start disappearing and the lawsuits start getting filed regarding how overly broad this appears to be, then they may be a rethink of this. We will have to watch and see.

UPDATE: I should have mentioned that disclosing your social media is “voluntary” as per this from the Reuters story:

While the new questions are voluntary, the form says failure to provide the information may delay or prevent the processing of an individual visa application.

So, to me it sounds like you pretty much have to hand this info over if you want your visa application processed in a timely manner.


“Extreme Vetting” Proposal Would Require Some Visitors To US To Share Contacts & Social Media Passwords

Posted in Commentary with tags , on April 5, 2017 by itnerd

This proposal has popped up in the past, and it has been suggested long before Donald Trump became President of the USA, but it now looks like that it may actually happen. The Guardian is quoting a Wall Street Journal story that visitors from 38 countries that participate in the US Visa Waiver Program would be required to hand over mobile phone contacts, social media passwords and financial data as part of the “Extreme Vetting” proposals that are being floated by the Trump Administration. The idea is that this will be used to figure out if a visitor is up to no good.

Here’s why this is not going to work in my opinion. Nobody who is up to no good is going to serve up that information. Nor are they going to make it easy enough to find. Think fake social media handles, burner phones and the like. Not to mention that they’ll leave electronic devices at home. Thus leaving border guards with nothing to search. Plus how does a border agent quickly figure out if you’re a threat when US airports have lineups of people coming into their country if they now have troll your Facebook, Twitter, and Instagram accounts? True, there are some details missing here, but It seems incredibly cumbersome, fraught with judicial over-reach, and more to the point, I am not sure what will actually get accomplished by this. As in, will a single “bad dude” get caught by this policy?

One other point. Tourism is a huge economic driver for the US. According to my favorite search engine, it accounted for $1.6 trillion in economic output in 2015. Proposals like this will likely have the effect of driving those dollars away from the US. I’m not sure that is what the folks behind this plan had in mind when they came up with it. But it’s not going to help them get tourists. Previous tweaks to US border rules have resulted in Canadians deciding to avoid travel to the US because of stories of Canadian citizens being denied entry to the US and questioned about their faith. That’s led to school boards and even the Girl Guides of Canada banning trips to the US for fear that all those on such a trip will not be treated equally. This latest move is likely to add to this and the number of people who plan to avoid the USA is about to skyrocket as this idea seems way over the top.

What are your thoughts? Is America doing the right thing or not? Are you going to avoid travel to the US because of this? Please leave a comment below and share your thoughts?