A newsletter briefing on cybersecurity news and policy.
with research by Aaron Schaffer
A newsletter briefing on cybersecurity news and policy.
Welcome to The Cybersecurity 202! I’m back at the helm after a great break, including a restorative week in Puerto Rico. Piña coladas and mofongo should definitely play a bigger role in my life. Big thanks to Aaron, Cat and Tatum for filling in. Hit me up with cyber news and tips here or on Twitter.
Below: Top European officials were targeted with NSO spyware, and U.S. officials fear renewed Russian election interference.
Philanthropist Craig Newmark wants the United States to mobilize to improve cybersecurity the same way it did to fight World War II.
The Craigslist founder is donating $50 million to what he’s dubbed a “civil cyber defense” effort aimed at broadly raising cybersecurity standards for small businesses and regular U.S. citizens. Axios first reported on the grants here.
The concept was inspired by people who didn’t join the military during World War II but did their part for the war effort by working in armament factories, surveying shorelines for German submarines and planting victory gardens. Regular Americans could be putting forth a similar effort to protect themselves, their businesses and their families from hackers – but they’re often stymied because cybersecurity tools are too complicated to use or it’s not clear which ones are useful and which ones are snake oil.
Details: The funding will be aimed broadly at building and promoting cybersecurity tools that are easy for average citizens to use, pushing companies to make technology more secure by default and publicizing vetted information about which products are most secure.
The effort comes as government and large corporations have made great strides in improving cyber protections for their most critical systems – but those improvements haven’t always filtered down to the general public.
“My hidden agenda is to get the entire American public to play their role in cybersecurity because we are being attacked on American soil,” Newmark told me in an interview. “If you have the skills to stand up, you should do that. … Everyone needs to stand up and play their part, just like we were all expected to play our part in World War II.”
Recipients of the funding include:
One key aim for the grants: Figuring out which consumer cyber tools are actually helpful.
That can be difficult even for people with lots of training and resources to figure out. Newmark told me he’s even unsure if some of the tools he’s using are the best ones – despite his background as an extremely successful software engineer.
“I will work with people to find out what tools can be recommended in good faith. And then I will get loud about that,” he said.
Here’s more from Phil Reitinger, president of the Global Cyber Alliance: “We in industry and across the tech spectrum haven’t made things easy for people,” Reitinger told me. “There are ways for powerful people with lots of resources to do what they need to do, but that isn’t actually that easy for most people.”
Reitinger declined to give a detailed explanation of what GCA will do with its portion of the civil cyber defense funding, but said he expects to release details in a couple of weeks.
Another key goal: Educating citizens about the huge scale of the threat and what they can do to protect themselves.
Newmark compared this to the “Why we fight” videos produced during World War II by famed director Frank Capra.
“Our country is under attack,” Newmark said. “If you can play a role, please do so. And we will be providing the means for people to do that. This is a time to stand up for the country.”
Ciao amici: Newmark spoke to me during a visit to Florence, Italy, in between a motorcycle tour of the city and a nice dinner. (Following Stanley Tucci’s advice, Newmark says, he recommends the steak Florentine).
Newmark and his wife on their motorcycle tour:
… Via directive via the Mrs Newmark pic.twitter.com/VCZlwJVRYR
Hills of Florence… pic.twitter.com/awK93GvisF
The Ukrainian government’s cyber defense agency blocked a Kremlin hacking group’s effort to shut down electrical substations late last week, the agency said in a release this morning.
“The intention of the attackers was to disable several infrastructure elements of the attack object, namely: electrical substations using the Industroyer2 malware,” officials said. The hackers first compromised the electrical systems in February, the officials said.The cybersecurity firm ESET helped remove the attackers from Ukrainian systems and published a blog post this morning about the effort.
European Union Justice Commissioner Didier Reynders and four European Commission staffers were targeted last year, Raphael Satter and Christopher Bing of Reuters report. The revelation comes a week before the planned launch of a European Parliament committee of inquiry investigating use of NSO’s Pegasus spyware.
NSO told Reuters that it wasn’t responsible and such targeting “could not have happened with NSO’s tools.”
In other NSO news:
The Russian president could decide to launch disruptive cyberattacks against U.S. election infrastructure, which would be a step beyond previous election interference campaigns, four people familiar with recent U.S. intelligence assessments told CNN. There’s no evidence that Putin has decided to make such a move in the wake of Russia’s war with Ukraine.
“We do not have any direct intelligence that Russia is looking to target state, local or election systems more directly than before, but we are certainly anticipating the possibility,” a U.S. official told CNN. “We will continue to actively share any intelligence about increased threats with state and local officials as we receive it.”
Kremlin hackers penetrated some U.S. voter rolls in advance of the 2016 election, U.S. intelligence agencies determined, but there’s no evidence they changed any votes.
The Japanese tech giant’s Canadian operations were hit in the latest “targeted cybersecurity attack” in February, TechCrunch’s Carly Page reports. It comes months after the company said hackers had stolen the personal data of job candidates and interns in a November cyberattack. Hackers also posted information from Panasonic’s India subsidiary in 2020 after launching a ransomware hack.
The Conti ransomware gang has reportedly claimed responsibility for the latest cyberattack. Panasonic didn’t dispute that it was hit by ransomware when asked by TechCrunch. The cyberattack only affected the company’s Canada operations, it said.
Federal prosecutors going after alleged Russian hacker mistakenly turn over unrelated case documents, lawyer says (CyberScoop)
Google sues alleged scam site operator who ran fake basset hound puppy mill (The Record)
Hackers use Conti’s leaked ransomware to attack Russian companies (Bleeping Computer)
Pinellas Park man stole nearly $600,000 in cryptocurrency, police say (Tampa Bay Times)
U.S. extradites man who allegedly sold backdoored phones for the FBI (Motherboard)
How a Trump ally got his unfounded voting-machine audit push in front of federal cyber cops (Politico)
Lawmakers ask Energy Dept. to take lead on sector’s digital security (The Record)
Substack rolls out two-factor authentication for users (Zero Day)
Open-source leader advocates strong FCC enforcement of routing security (NextGov)
Today’s first @washingtonpost TikTok features Elon Musk deciding not to join the Twitter board after buying 9.2 percent stake in the company: https://t.co/OlL988CKr2 pic.twitter.com/CR6YRweV3q
Pro tip: You can skip the wait by getting piña coladas to go at Barrachina restaurant, alleged birthplace of the drink. Thanks for reading. See you tomorrow.