Sign in
A newsletter briefing on cybersecurity news and policy.
with research by Aaron Schaffer
A newsletter briefing on cybersecurity news and policy.
Good morning! I’m sitting in for Tim this morning and thankful I didn’t have to monitor any flight info yesterday. More below on the apparent Russian hack that knocked more than a dozen airport websites offline yesterday.
Below: Officials say flight operations weren’t affected by pro-Russian hackers’ denial-of-service attacks and in a speech today, the U.K. intelligence chief will warn about China’s use of technology.
Washington is the center of the world for the cryptocurrency industry this week, as top crypto executives and global financial regulators converge on the city for a pair of meetings that could indicate how the sector will fit into the broader financial system.
The meetings come as U.S. law enforcement and national security officials warn that cybercriminals are using cryptocurrencies and tools to profit off cyberattacks and launder their ill-gotten gains.
U.S. policymakers take the stage first, starting today, as the two-day DC Fintech Week kicks off with speeches from acting comptroller of the currency Michael Hsu and Rostin Behnam, the Commodity Futures Trading Commission chair who has been angling to oversee more of the industry.
But a potentially bigger reveal will come as soon as Wednesday: The Financial Stability Board, which coordinates international financial regulation, is set to unveil its proposed global rules for crypto amid a conference of Group of 20 finance ministers. The board’s plan is expected to advocate a strict approach to ensuring digital assets don’t pose a systemic risk or allow terrorists and other criminals to fund their exploits.
The White House has called for oversight and enforcement in the cryptocurrency space, with officials citing massive North Korean hacks and the use of cryptocurrency in the ransomware ecosystem. President Biden is considering amendments to finance and other laws so that prosecutors can investigate and crack down on criminals using cryptocurrencies, the White House said.
The crypto industry has won powerful friends in Congress, but federal financial watchdogs remain skeptical.
The Financial Stability Board appears primed to make a similar case. Steven Maijoor, who is crafting the group’s policy, told Politico last month that a “lot of the activities in crypto assets and crypto assets markets resemble activities in the traditional financial system and therefore we take the approach: Same activity, same risk, same regulation.”
The board is also set to take a closer look at stablecoins, the digital tokens that peg their value to an external asset such as the dollar. The failure of the Terra stablecoin in May wiped out $40 billion in value and accelerated a downturn in crypto markets, underlining the urgency of establishing rules for issuers of those cryptocurrencies. Yet a congressional push to regulate stablecoins has foundered ahead of the midterm elections. Congress, rather than global regulators, still needs to resolve the matter with clearer rules for the assets, said Dario de Martino, co-head of the fintech and blockchain practice at law firm Allen & Overy.
In the meantime, the Crypto Council for Innovation, an industry group that takes an international approach, warned “a heavy-handed approach could cut this technology off at its knees.” Linda Jeng, the group’s chief global regulatory officer, said in a statement that global coordination “is a good thing. It means companies don’t have dozens of different rules to follow. But we are headed into a web3 economy and we hope they considered the benefits of what a web3 economy can do.”
Websites for a half dozen U.S. airports went offline after a group of pro-Russian hackers known as Killnet called for coordinated denial-of-service attacks on a list that included U.S. airports, Lori Aratani reports. In denial-of-service attacks, targets are flooded with traffic until they can’t respond or crash.
“Managers at multiple airports said they notified the FBI and the Transportation Security Administration about the cyberattacks,” Lori writes. “In a statement, the FBI said it was aware of the incident but had no additional information. The TSA declined to comment, referring inquiries to individual airports.”
Though the attacks were highly visible, Mandiant Vice President for Intelligence John Hultquist characterized denial-of-service attacks more as a “public nuisance” than a serious cybersecurity threat because they don’t target key internal systems that would affect the operations of an airport. But when such attacks do take place, they’re effective in drawing attention, he said.
The Killnet group has been behind other such attacks, including ones targeting European governments. Last week, the websites of some U.S. states went down after the group took aim at states, NBC News reported. Ukraine’s government-affiliated volunteer force known as the IT Army has rallied its supporters to launch waves of traffic directed at Russian sites, NBC News reported.
The crimes that former National Security Agency information systems security designer Jareh Dalke is being accused of — six counts of trying to send defense documents to Russia — are so serious that Dalke should be detained before his trial, prosecutors said in a filing. Dalke was an NSA employee for a month-long period this year; around a month after he left, he tried to contact Russian agents, prosecutors say.
In a sealed filing, Dalke “appears to concede that he is accused of a serious offense and therefore that he should only be released on the strictest of conditions,” the government said in its filing, noting that Dalke “claims that his background in the military and law enforcement weigh in his favor.” But prosecutors say he betrayed the United States — apparently out of a mix of “profit and ideology” — and needs to be held in custody.
A federal court is set to hold a hearing on Dalke’s detention today. Dalke’s attorneys didn’t respond to a request for comment.
GCHQ Director Jeremy Fleming will warn in a speech today that China’s pursuit of digital currencies and satellite systems could allow the country’s government to easily track its citizens, NBC News‘s Dan De Luce reports. Fleming is set to deliver the China-focused remarks at the Royal United Services Institute think tank.
U.S. and U.K. officials have been warning that China’s government poses a significant threat to the United States. In July, FBI Director Christopher A. Wray and MI5 Director General Ken McCallum warned that Western firms and governments are under relentless pressure from the Chinese government.
Fleming also plans to discuss Russia’s invasion of Ukraine, De Luce reports. “Far from the inevitable Russian military victory that their propaganda machine spouted, it’s clear that Ukraine’s courageous action on the battlefield and in cyberspace is turning the tide,” Fleming plans to say.
In a fact sheet, the Biden administration previewed upcoming cybersecurity developments:
The White House said it would “continue to work with critical infrastructure owners and operators, sector by sector, to accelerate rapid cybersecurity and resilience improvements and proactive measures.” The document also provides administration initiatives on quantum cybersecurity, ransomware and other cybersecurity issues.
Toyota discloses data leak after access key exposed on GitHub (Bleeping Computer)
Texas election chief speaks out on conspiracy “nuts,” death threats, and President Biden’s legitimacy (Texas Monthly)
Lloyd’s of London says no evidence found of data compromise from cyberattack (Reuters)
Today’s second @washingtonpost TikTok features very early holiday discounts https://t.co/Q83NeU8AJF pic.twitter.com/3rqlzB3Po8
Thanks for reading. See you tomorrow.
Author
Administraroot
