InfoSecSherpa Newsletter — 12 June 2021
3 min readJun 12, 2021
- Seek to work with India, Internet firms to fight misinformation while respecting rights: US official
(Daily Excelsior, 13 June 2021)
The Joe Biden administration seeks to work with the Indian government and Internet businesses to ensure that freedom of expression is respected while combating the spread of misinformation, a senior US official has told lawmakers. - Minister Harakka: Contributions to information security and data protection in critical sectors of society are an investment in the future
(Helsinki Times, 12 June 2021)
On 10 June 2021, the Government adopted a resolution that proposes measures to improve the level of information security and data protection in critical sectors of society. - European Air Safety Agency Proposes New Rules to Protect Against Cyber Attacks
(Homeland Security Today, 12 June 2021)
The European Union Aviation Safety Agency (EASA) has published an Opinion on Management of Information Security Risks, aimed at safeguarding the entire civil aviation system against potential safety effects caused by cyberattacks. - Google Says Beware ‘Destructive, Financially-Motivated’ Ransomware Threats
(Forbes, 12 June 2021)
Much of the discussion centers on Google products and the authors are quick to point out the benefits of Google Cloud and other Google software and services but, more broadly, it applies to any organization looking to fend off ransomware attacks. - Ransomware’s suspected Russian roots point to a long detente between the Kremlin and hackers
(The Washington Post, 12 June 2021)
The ransomware hackers suspected of targeting Colonial Pipeline and other businesses around the world have a strict set of rules. - Endpoint security is a double-edge sword: protected systems can still be breached
(Venture Beat, 12 June 2021)
Endpoint protection can be a double-edged sword. That is because overloading endpoints with too many clients, not keeping OS patches current, and lacking reliable visibility to endpoints all combine to increase, rather than reduce, the risk of a breach. - House Oversight Committee Probing JBS Ransomware Payment
(Gov Info Security, 11 June 2021)
Chairwoman Carolyn Maloney Also Wants Details About Colonial, CNA Payments. - Utah cyberattacks on the rise as millions paid out in new ‘double-extortion’ ransomware schemes
(Deseret News, 11 June 2021)
Federal law enforcement officials report computer network ransomware attacks are on the rise in Utah as recent cybercriminal “double-extortion” schemes are earning headlines for multimillion dollar payouts. - Colorado Legislation Amps Up State Cybersecurity Efforts
(Government Technology, 11 June 2021)
In a bill recently sent to Colorado Gov. Jared Polis, state lawmakers have proposed increasing the state’s cybersecurity by creating a dedicated council and better defining the role of the Office of Information Technology. - Senate Hearing Clarifies New Federal Cybersecurity Roles
(Government Technology, 11 June 2021)
In nomination hearings, the prospective first-ever national cyber director and CISA director nominees discussed ransomware, cybersecurity staff shortages and how their departments would work together.
