Cyberconflict and warfare

US government targets healthcare data breaches with new cybersecurity proposals

Healthcare organizations in the US may face stricter cybersecurity rules to address the growing threat of data breaches. Proposals introduced by the Biden administration seek to prevent sensitive patient information from being leaked through hacking or ransomware attacks. Measures include mandatory encryption and compliance checks to enhance network security.

Data breaches have exposed the healthcare information of over 167 million people in 2023 alone, according to Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology. The updated standards, introduced by the Office for Civil Rights under the Health Insurance Portability and Accountability Act (HIPAA), are estimated to cost $9 billion in the first year and $6 billion annually in subsequent years.

Officials highlighted the rising danger of healthcare cyberattacks, with hacking and ransomware incidents increasing by 89% and 102% respectively since 2019. Hospitals often face operational disruption, while leaked data can lead to blackmail. A 60-day public comment period will allow stakeholders to provide input before finalising the rules.

The new standards are designed to safeguard healthcare networks and protect Americans’ private information, including mental health records. Strengthened cybersecurity is expected to reduce vulnerabilities and ensure the safety of critical healthcare systems.

US charges Russian-Israeli citizen over Lockbit ransomware

The United States has charged Rostislav Panev, a Russian-Israeli dual citizen, for his alleged role as a developer for the Lockbit ransomware group, which authorities describe as one of the world’s most destructive cybercrime operations. Panev, arrested in Israel in August, awaits extradition.

Lockbit, active since 2019, targeted over 2,500 victims across 120 countries, including critical infrastructure and businesses, extorting $500 million. Recent arrests, guilty pleas, and international law enforcement efforts have significantly disrupted the group’s activities.

Experts say law enforcement actions have tarnished Lockbit’s reputation, reducing its attacks and deterring affiliates. Authorities emphasise the importance of holding cybercriminals accountable.

Tech giants join forces for US defence contracts, FT says

Data analytics firm Palantir Technologies and defence tech company Anduril Industries are leading efforts to form a consortium of technology companies to bid jointly for US government contracts, according to a report from the Financial Times. The group is expected to include SpaceX, OpenAI, Scale AI, autonomous shipbuilder Saronic, and other key players, with formal agreements anticipated as early as January.

The consortium aims to reshape the defence contracting landscape by combining cutting-edge technologies from some of Silicon Valley’s most innovative firms. A member involved in the initiative described it as a move toward creating “a new generation of defence contractors.” This collective effort seeks to enhance the efficiency of supplying advanced defence systems, leveraging technologies like AI, autonomous vehicles, and other innovations.

The initiative aligns with President-elect Donald Trump’s push for greater government efficiency, spearheaded in part by Elon Musk, who has been outspoken about reforming Pentagon spending priorities. Musk and others have criticised traditional defence programs, such as Lockheed Martin’s F-35 fighter jet, advocating instead for the development of cost-effective, AI-driven drones, missiles, and submarines.

With these partnerships, the consortium hopes to challenge the dominance of established defence contractors like Boeing, Northrop Grumman, and Lockheed Martin, offering a modernised approach to defence technology and procurement in the US.

Russia strikes Ukraine’s registries with a massive cyberattack, according to the deputy PM

Ukraine‘s Deputy Prime Minister Olha Stefanishyna announced that Russia launched a large-scale cyberattack on Thursday, temporarily crippling the country’s state registries. These registries contain essential citizen data, including information on births, deaths, marriages, and property ownership. The attack forced a suspension of services managed by the Ministry of Justice.

Stefanishyna described the incident as a deliberate attempt by Russia to disrupt Ukraine’s critical infrastructure. While restoration efforts are expected to take about two weeks, some services will resume on Friday. Other state functions appear to be unaffected.

This is the latest in a series of cyberattacks during the ongoing war, including a December 2023 assault on Ukrainian telecom provider Kyivstar and previous attacks on Russian ministries. Ukrainian authorities plan to conduct a thorough investigation to bolster defences against future cyber threats.

Parliamentary panel at IGF discusses ICTs and AI in counterterrorism efforts

At the 2024 Internet Governance Forum (IGF) in Riyadh, a panel of experts explored how parliaments can harness information and communication technologies (ICTs) and AI to combat terrorism while safeguarding human rights. The session, titled ‘Parliamentary Approaches to ICT and UN SC Resolution 1373,’ emphasised the dual nature of these technologies—as tools for both law enforcement and malicious actors—and highlighted the pivotal role of international collaboration.

Legislation and oversight in a digital era

David Alamos, Chief of the UNOCT programme on Parliamentary Engagement, set the stage by underscoring the responsibility of parliaments to translate international frameworks like UN Security Council Resolution 1373 into national laws. ‘Parliamentarians must allocate budgets and exercise oversight to ensure counterterrorism efforts are both effective and ethical,’ Alamos stated.

Akvile Giniotiene of the UN Office of Counterterrorism echoed this sentiment, emphasising the need for robust legal frameworks to empower law enforcement in leveraging new technologies responsibly.

Opportunities and risks in emerging technologies

Panelists examined the dual role of ICTs and AI in counterterrorism. Abdelouahab Yagoubi, a member of Algeria’s National Assembly, highlighted AI’s potential to enhance threat detection and predictive analysis.

At the same time, Jennifer Bramlette from the UN Counterterrorism Committee stressed the importance of digital literacy in fortifying societal resilience. On the other hand, Kamil Aydin and Emanuele Loperfido of the OSCE Parliamentary Assembly cautioned against the misuse of these technologies, pointing to risks like deepfakes and cybercrime-as-a-service, enabling terrorist propaganda and disinformation campaigns.

The case for collaboration

The session spotlighted the critical need for international cooperation and public-private partnerships to address the cross-border nature of terrorist threats. Giniotiene called for enhanced coordination mechanisms among nations, while Yagoubi praised the Parliamentary Assembly of the Mediterranean for fostering knowledge-sharing on AI’s implications.

‘No single entity can tackle this alone,’ Alamos remarked, advocating for UN-led capacity-building initiatives to support member states.

Balancing security with civil liberties

A recurring theme was the necessity of balancing counterterrorism measures with the protection of human rights. Loperfido warned against the overreach of security measures, noting that ethical considerations must guide the development and deployment of AI in law enforcement.

An audience query on the potential misuse of the term ‘terrorism’ further underscored the importance of safeguarding civil liberties within legislative frameworks.

Looking ahead

The panel concluded with actionable recommendations, including updating the UN Parliamentary Handbook on Resolution 1373, investing in digital literacy, and ensuring parliamentarians are well-versed in emerging technologies.

‘Adapting to the rapid pace of technological advancement while maintaining a steadfast commitment to the rule of law is paramount,’ Alamos said, encapsulating the session’s ethos. The discussion underscored the indispensable role of parliaments in shaping a global counterterrorism strategy that is both effective and equitable.

Rhode Island suffers major data breach

Rhode Island officials have confirmed a major data breach in the state’s social services system, potentially exposing the personal and financial details of hundreds of thousands of residents. The hackers, believed to be an international cybercriminal group, accessed sensitive information through RIBridges, the state’s portal for government assistance programmes, including Social Security numbers and banking details.

The breach, which was detected earlier this month, affects users of the Supplemental Nutrition Assistance Program, Temporary Assistance for Needy Families, and healthcare services accessed through HealthSource RI since 2016. The attackers have demanded an undisclosed ransom, threatening to release the stolen data if unpaid. Deloitte, the system’s vendor, confirmed the breach on Friday, prompting the state to shut down the portal temporarily.

Residents impacted by the breach will be notified via letters detailing steps to secure their personal information and protect their bank accounts. For now, new applicants for state benefits must use paper applications as authorities work to secure the compromised system. Governor Dan McKee described the incident as extortion, calling for swift remediation and protection for affected citisens.

Major US telecom hack prompts security push after Salt Typhoon attack

Lawmakers have called for urgent measures to strengthen US telecommunications security following a massive cyberattack linked to China. The hacking campaign, referred to as Salt Typhoon, targeted American telecom companies, compromising vast amounts of metadata and call records. Federal agencies have briefed Congress on the incident, which officials say could be the largest telecom breach in US history.

Senator Ben Ray Luján described the hack as a wake-up call, urging the full implementation of federal recommendations to secure networks. Senator Ted Cruz warned of future threats, emphasising the need to close vulnerabilities in critical infrastructure. Debate also surfaced over the role of offensive cybersecurity measures, with Senator Dan Sullivan questioning whether deterrence efforts are adequate.

The White House reported that at least eight telecommunications firms were affected, with significant data theft. In response, Federal Communications Commission Chairwoman Jessica Rosenworcel proposed annual cybersecurity certifications for telecom companies. Efforts to replace insecure Chinese-made equipment in US networks continue, but funding shortfalls have hampered progress.

China has dismissed the allegations, claiming opposition to all forms of cybercrime. However, US officials have cited evidence of data theft involving companies like Verizon, AT&T, and Lumen. Congress is set to vote on a defence bill allocating $3.1 billion to remove and replace vulnerable telecom hardware.

Salt Typhoon cyberespionage operation raises alarm over US telecommunications security vulnerabilities

US government agencies are set to brief the House of Representatives on a widespread cyberespionage campaign allegedly linked to China. Known as Salt Typhoon, the operation reportedly targeted American telecommunications firms to steal call metadata and other sensitive information. A similar briefing was held for senators last week.

The White House revealed that at least eight US telecom companies had been affected, with a large number of citizens’ data compromised. Senator Ron Wyden is drafting legislation in response, while Senator Bob Casey expressed significant concern, noting that legislative action might be delayed until the new year.

On Wednesday, a Senate Commerce subcommittee will examine the broader risks posed by cyber threats to communication networks. Industry representatives, including Competitive Carriers Association CEO Tim Donovan, will contribute insights on best practices to counter such attacks.

China has denied the allegations, labelling them as disinformation, and reaffirmed its opposition to cyber theft. Officials and lawmakers continue to emphasise the gravity of the breaches, with Senator Richard Blumenthal calling the scale of Chinese hacking efforts ‘terrifying.’

FCC targets cybersecurity in the telecom sector

FCC Chairwoman Jessica Rosenworcel has proposed requiring US communications providers to certify annually that they have plans to defend against cyberattacks. The move comes amid growing concerns over espionage by ‘Salt Typhoon,’ a hacking group allegedly linked to Beijing that has infiltrated several American telecom companies to steal call data.

Rosenworcel highlighted the need for a modern framework to secure networks as US intelligence agencies assess the impact of Salt Typhoon’s widespread attack. A senior US official confirmed the hackers had stolen metadata from numerous Americans, breaching at least eight telecom firms.

The FCC proposal, which Rosenworcel has circulated to other commissioners, would take effect immediately if approved. The announcement follows a classified Senate briefing on the breach, but industry giants like Verizon, AT&T, and T-Mobile have yet to comment.

Chinese hackers stole metadata of numerous Americans, senior official reports

A senior US official revealed that a Chinese hacking group, known as ‘Salt Typhoon,’ has stolen vast amounts of Americans’ metadata in a broad cyberespionage effort targeting US telecommunications. While specific figures remain undisclosed, the hackers are said to have breached at least eight American telecom firms, including Verizon, AT&T, and T-Mobile.

Call record metadata — detailing who called whom, when, and where — was a key target, exposing sensitive personal and professional patterns. In some cases, telephone audio intercepts were also reportedly stolen. The campaign remains active, with the White House prioritising efforts to counter the intrusions.

Government agencies, including the FBI and the National Security Council, have briefed lawmakers and President Joe Biden on the matter, highlighting the severity of the breach. Efforts to secure the nation’s telecommunications infrastructure are ongoing.