Tag Archive for: director

CISA deputy director touts progress, anti-ransomware efforts

/in


In 2023 CISA reached its five-year anniversary, and much has happened in those years.

The Cybersecurity and Infrastructure Security Agency, the U.S. government’s federal agency dedicated to cybersecurity-related issues, has had to contend with a global pandemic, multiple geopolitical conflicts, leadership changes and an evolving, increasingly aggressive cyberthreat landscape.

CISA Deputy Director Nitin Natarajan, who was appointed to the role in February 2021, told TechTarget Editorial in an interview that adapting to such a landscape has been a challenge, but the agency has built a team of individuals who are “used to working in fast-paced and dynamic organizations.” Natarajan said CISA has hired well over a thousand staffers in the last few years, while also receiving increased budget support from Capitol Hill and forming partnerships that have helped it scale up.

Said staffers include individuals from backgrounds across the federal government, state governments, local governments, the private sector, the intelligence community, the Department of Defense and more. This wide range of experience, the deputy director said, has enabled CISA to adapt to the volatile, constantly changing cybersecurity landscape.

CISA recently published its 2023 Year in Review, a webpage detailing the agency’s accomplishments last year. Some of these accomplishments include nearly 6,700 engagements with stakeholders in the private and public sectors, newly updated secure-by-design guidance, 1,200 warnings of early-stage ransomware activity, a public service announcement campaign and more.

Natarajan said that of CISA’s 2023 accomplishments, he was most proud of the agency’s partnerships and collaborations with entities such as global government partners; security researchers; and state, local, tribal and territorial governments.

Nitin Natarajan, deputy director, CISANitin Natarajan

“It’s all about partnerships and collaboration. That is what has allowed us to be successful as well as what has allowed us to mitigate risks. It is what allows us to keep adversaries at bay. It is what’s allowed us to do a lot of what we do,” he said. “It’s not easy. It’s easy to say the words collaboration and partnership, but to really build…

Source…

FBI director warns Chinese hackers are targeting US infrastructure

/in


The comments align with assessments from outside cybersecurity firms, which said in May that Chinese hackers have been targeting U.S. critical infrastructure.

WASHINGTON — Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told House lawmakers Wednesday in a fresh warning from Washington about Beijing’s global ambitions.

Underscoring the threat, the Justice Department and FBI announced just before the hearing that they had disrupted a botnet of hundreds of U.S.-based small office and home routers owned by private citizens and companies and hijacked by the Chinese state hackers to cover their tracks and hide their origin as they sowed the malware.

Speaking before the House Select Committee on the Chinese Communist Party, Wray said there’s been “far too little public focus” on a cyber threat that affects “every American.”

“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray he said.

Jen Easterly, the director of the Department of Homeland Security’s cybersecurity arm, voiced a similar sentiment at the hearing.

“This is a world where a major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes — all to ensure that they can incite societal panic and chaos and to deter our ability” to respond, she said.

The comments align with assessments from outside cybersecurity firms including Microsoft, which said in May that state-backed Chinese hackers had been targeting U.S. critical…

Source…

AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director

/in


Nation state-backed hackers and criminals are using generative AI in their cyberattacks, but U.S. intelligence is also using artificial intelligence technologies to find malicious activity, according to a senior U.S. National Security Agency official.

“We already see criminal and nation state elements utilizing AI. They’re all subscribed to the big name companies that you would expect — all the generative AI models out there,” said NSA director of cybersecurity Rob Joyce, speaking at a conference at Fordham University in New York on Tuesday. “We’re seeing intelligence operators [and] criminals on those platforms,” said Joyce.

“On the flip side, though, AI, machine learning [and] deep learning is absolutely making us better at finding malicious activity,” he said.

Joyce, who oversees the NSA’s cybersecurity directorate tasked with preventing and eradicating threats targeting U.S. critical infrastructure and defense systems, did not speak to specific cyberattacks involving the use of AI or attribute particular activity to a state or government. But Joyce said that recent efforts by China-backed hackers to target U.S. critical infrastructure — thought to be in preparation for an anticipated Chinese invasion of Taiwan — was an example of how AI technologies are surfacing malicious activity, giving U.S. intelligence an upper hand.

“They’re in places like electric, transportation pipelines and courts, trying to hack in so that they can cause societal disruption and panic at the time in place of their choosing,” said Joyce.

Joyce said that China state-backed hackers are not using traditional malware that could be detected, but rather exploiting vulnerabilities and implementation flaws that allow the hackers to gain a foothold on a network and appear as though they are authorized to be there.

“Machine learning, AI and big data helps us surface those activities [and] brings them to the fore because those accounts don’t behave like the normal business operators on their critical infrastructure, so that gives us an advantage,” Joyce said.

Joyce’s comments come at a time where generative AI tools are capable of producing convincing computer-generated text and imagery and are increasingly used…

Source…

Nigerian govt indicts hospital’s Chief Medical Director for job racketeering

/in


An investigative panel set up by the Federal Ministry of Health and Social Welfare on Sunday revealed why some health workers at the Obafemi Awolowo University Teaching Hospital (OAUTH), Ile-Ife, Osun State, have been unpaid for months.

The investigative panel led by Aderemi Azeez found that the former Acting Chief Medical Director of the hospital, Afolabi Owojuyigbe, carried out over-employment in the hospital, without provision in the personnel budget. Mr Owojuyigbe and his accomplices are also culpable of job racketeering, according to the panel.

The ministry confirmed the development in a statement signed by its Director of Press, Patricia Deworitshe, noting that the government waded into the matter to set the record straight.

According to the statement, the panel disclosed that Mr Owojuyigbe, a Consultant Anaesthetist, employed over 1,973 staff as against the waiver for 450 vacancies granted to the hospital in the 2022 employment process by the Office of the Head of the Civil Service of the Federation.

FIRS

Protests

There were reports that some health workers accused the management of OAUTH of subjecting them to penury over unpaid salaries for 10 months.

The accusers lamented that they resorted to begging to feed their families “due to the hardship the non-payment of their salaries subjected them to.”

Many had also accused the hospital management of commercialising the job opportunities by allegedly selling the slots for as high as N500,000.

In response to the allegations, the Minister of Health and Social Welfare, Muhammad Pate, on his verified X handle @muhammadpate on 13 October, confirmed that an investigation had been completed on the matter.

“We are addressing the OAUTH situation. The investigation has just been completed on this unfortunate situation. We understand the difficulties being faced by numerous innocent health workers and will do our best to resolve it equitably,” the minister posted at the time.

Findings

In a statement on Sunday by the ministry, which is titled, ‘OAUTH Ife and the Unrest,’ it noted that the unrest was attributed to the alleged job racketeering, and over-employment saga under Mr Owojuyigbe.

The statement termed the…

Source…