The HHS Cybersecurity Program offers us timely “CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure.”
Health IT Security adds “The American Hospital Association (AHA) urged hospitals and health systems to remain vigilant against healthcare cyberattacks amid Russia’s invasion of Ukraine” in a public advisory.
Cyberscoop provides the following example.
An infamous ransomware group with potential ties to Russian intelligence and known for attacking health care providers and hundreds of other targets posted a warning Friday saying it was “officially announcing a full support of Russian government.”
The gang said that it would use “all possible resources to strike back at the critical infrastructures” of any entity that organizes a cyberattack “or any war activities against Russia.” The message appeared Friday on the dark-web site used by ransomware group Conti to post threats and its victims’ data. Security researchers believe the gang to be Russia-based.
Conti ransomware was part of more than 400 attacks against mostly U.S. targets between spring 2020 and spring 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the FBI reported in September.
From the FEHB front, FedScoop reports
The Office of Personnel Management has named James Saunders as chief information security officer.
He starts work in the new role Feb. 28 after joining the agency last year as a senior adviser for cloud and cybersecurity.
Previously, Saunders held the post of CISO at the Small Business Administration and moved to OPM in April 2021. One federal IT source speaking to this publication said that Saunders has already been acting as an “unofficial CISO” since joining the agency.
Good luck, Mr. Saunders.
From the good old Log4j front, Security Magazine reports
Security professionals around the globe continue to mitigate the effects of the Log4j vulnerability, which was discovered in December 2021.
Cybersecurity nonprofit (ISC)² published the results of an online poll examining the Log4j vulnerability and the human impact of the efforts to remediate it. The poll surveyed 269 cybersecurity professionals, revealing the severity and long-term consequences of the Log4j attack for both security teams and the organizations they protect.
Key findings from the poll include:
— Nearly half (48%) of cybersecurity teams gave up holiday time and weekends to assist with Log4j remediation
— Fifty-two percent of respondents said their team collectively spent weeks or more than a month remediating Log4j
— Nearly two-thirds (64%) of cybersecurity professionals believe their peers are taking the zero-day exploit seriously
— Twenty-three percent noted that they are now behind on 2022 security priorities as a result of the change in focus
— More than one in four (27%) professionals believe their organization was less secure while remediating the vulnerability
“The main takeaway from the Log4j crisis and this data is that dedicated cybersecurity professionals are spread thin and need more support to effectively remediate zero-day exploits while still maintaining overall security operations,” said Clar Rosso, CEO of (ISC)
Regrettably, Bleeping Computer’s The Week in Ransomware was not published this week.