Sign in
A newsletter briefing on cybersecurity news and policy.
A newsletter briefing on cybersecurity news and policy.
Good morning. A humble reminder: please send me your cybersecurity jokes for our April Fool’s edition!
Below: A major Ukrainian telecom company was hit in an apparent cyberattack, and the Biden administration considers sanctioning the Trickbot hacking gang.
President Biden is asking Congress to boost cybersecurity across the federal government to record levels as his administration attempts to follow-through on promises to modernize U.S. cyberdefenses.
The topline: Biden’s $5.8 trillion budget plan seeks $10.9 billion in cybersecurity funding across civilian government agencies, according to the administration. That’s an 11 percent increase from his request last year.
The request symbolizes the Biden administration’s appetite for resourcing cybersecurity at a time when the United States faces a host of cyberthreats like ransomware and potential Russian cyberattacks amid the war in Ukraine.
Some highlights:
The wishlist also has smaller but still meaningful cyber proposals, like $22 million in funding for National Cyber Director Chris Inglis’s office, a boost in funding for the FBI’s cyber investigations teams and $300 million for the Technology Modernization Fund, which helps federal agencies get new IT infrastructure.
Lawmakers on Capitol Hill broadly praised the funding, but some said more is needed:
The apparent cyberattack on Ukrainian Internet and phone service provider Ukrtelecom caused one of the most widespread Internet outages in Ukraine since Russia’s invasion last month, the Record’s Andrea Peterson reports. Ukrainian authorities hinted that Russia was behind the cyberattack and said Ukrtelecom was working to get back online.
Despite the disruption of service at Ukrtelecom and a cyberattack on satellite Internet provider Viasat at the beginning of the war, hacks aimed at Ukrainian telecommunications infrastructure have been smaller and less destructive than many experts expected, Gerrit De Vynck, Rachel Lerman and Cat Zakrzewski report. Networks have remained resilient with the help of engineers and backup plans.
Sanctions on the group would make it illegal for U.S. organizations to pay it ransoms, the Wall Street Journal’s Robert McMillan, Kevin Poulsen and Dustin Volz report. The hackers and their affiliates have made hundreds of millions of dollars by targeting hospitals, schools and governments across the United States since 2018.
A self-identified Ukrainian researcher said they breached the group’s servers and posted the data online last month. “More than 200,000 messages exchanged by 450 Trickbot managers, staff and business partners since June 2020 reveal a well-organized criminal syndicate with possible connections to Russian intelligence agencies,” they write. “They show an organizational resilience that allowed the group to rapidly recover from counterattacks by international law-enforcement coalitions, and grand ambitions to diversify and develop a cryptocurrency.”
Huawei, the world’s largest telecommunications equipment vendor by sales, says it’s still evaluating its response to Western sanctions on Russia, Eva Dou reports. The presentation of the Chinese tech giant’s financial report marked Huawei executive Meng Wanzhou‘s first public appearance since she was released from Canada in September.
“Meng’s detention in Canada at the request of U.S. officials in December 2018 sparked a hostage standoff in which China detained two Canadian nationals, Michael Kovrig and Michael Spavor, and charged them with espionage,” Eva writes. “Meng was indicted in the United States on fraud charges related to her representation of Huawei’s relationship with an affiliate company operating in Iran, and she pleaded not guilty.”
The war in Ukraine has brought more uncertainty to Huawei. “Huawei said Monday its revenue fell 28.6 percent in 2021 from the previous year, as it sold off its Honor smartphone business because of the lack of chip supply under U.S. sanctions,” Eva writes. “But the company said its profit jumped 75.9 percent thanks to the sale of part of its business and other factors, including ‘optimization of our product mix.’ ”
The U.S. government has argued that Huawei poses a national security risk and could be used by China’s government to spy on Americans. The company disputes the claims.
Hacked WordPress sites force visitors to DDoS Ukrainian targets (Bleeping Computer)
Ukraine dismantles 5 disinformation bot farms, seizes 10,000 SIM cards (Bleeping Computer)
Leaked details of the Lapsus$ hack make Okta’s slow response look more bizarre (Wired)
Microsoft Azure Defender for IoT vulnerabilities could lead to ‘full network compromise’ (VentureBeat)
Spyware vendor FinFisher claims insolvency amid investigation (Bloomberg)
Microsoft security chief issues call to arms to protect metaverse (Bloomberg)
Today’s first @washingtonpost TikTok features unsecured communication devices https://t.co/c2BxSHgkZA pic.twitter.com/6GWXofZ1ha
Thanks for reading. See you tomorrow.
