[The security box] US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking

Jennifer Martinez reignblessing at yahoo.com
Thu Oct 7 08:02:46 EDT 2021 

Good morning! No, not happy to be up so early. But since I am, I decided to read some. Even at 4 a.m. my brain is on. Like the Energizer Bunny my brain keeps on going and going. Yes, I even thought of a great question. Crypto, since it is so dirty...its probably not a bad idea...to TAX. Crypto cash like you would tax most other income. Sorry folks. I'm not making sense this early. Perhaps, if.crypto. becomes taxable, the criminal community may be deterred from using it? Then, if taxes on crypto are not paid...and we all know...dirty criminals do NOT, most of them WILL NOT PAY TAXES. That being said, they could later be charged with TAX EVASION and go away for not paying raves on their crypto riches. Sent from Yahoo Mail on Android 
 
  On Wed, Oct 6, 2021 at 9:22 PM, Jared Rimer via Thesecuritybox<thesecuritybox at 986themix.com> wrote:   
US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking
Cyberscoop »   /  Tim Starks

U.S. officials unveiled a suite of cybersecurity initiatives Wednesday, from cracking down on illicit cryptocurrency usages to increasing transparency about data breaches, as part of an ongoing White House effort to slow rampant cybercrime.

The Justice Department signaled it will increase its focus on illicit use of virtual money, which is frequently used in ransomware attacks, and move to punish federal contractors that hide security incidents. In a separate plan, the Transportation Security Administration this year will require top air and rail transportation companies to report cyberattacks to the government, name an internal cyber chief capable of corresponding about cyber incidents and develop a plan for recovering from attacks.

Deputy Attorney General Lisa Monaco unveiled two initiatives: a national cryptocurrency enforcement team and a civil cyber fraud initiative. Ransomware and cryptocurrency are “inexorably linked” because of the anonymity that cryptocurrency payments help afford, Monaco said at the Aspen Cyber Summit.

“We want to strengthen our capacity to dismantle the financial ecosystem that enables these criminal actors to flourish, quite frankly, and to profit from what they’re doing,” Monaco said. “And we’re going to do that by drawing on our cyber experts and cyber prosecutors are money laundering experts.”

Elsewhere, Department of Homeland Security Secretary Alejandro Mayorkas  announced the TSA requirements, which expand on regulations the agency has already put in place for pipeline operators.

The plans are the latest moves by the Biden administration to take action on ransomware after major attacks this summer on Colonial Pipeline, JBS and Kaseya. They come days after the White House announced another plan to convene 30 nations to tackle ransomware collectively.

The second DOJ initiative will make use of the False Claims Act, which authorizes what Monaco deemed “very, very hefty fines” for government contractors, when they skirt federal cyber guidelines or fail to disclose breaches. The focus comes after suspected Russian hackers breached the federal contractor SolarWinds in 2020, using the federal contractor as a foothold into nine U.S. agencies.

“For too long, companies have chosen silence, under the mistaken belief that it’s less risky to hide a breach than to bring it forward and to report it. Well, that changes today,” she said. “We are announcing for the first time that we will use our civil enforcement tools to pursue companies — those who are government contractors and receive federal funds — when they fail to follow required cybersecurity standards, because we know that puts all of us at risk.”

The federal government won’t tolerate “those who are entrusted with government dollars, who are trusted to work on sensitive government systems, [who] fail to follow required cybersecurity standards,” Monaco said.

She also said the department would take steps to protect whistleblowers who report those failings. Monaco also wrote an op-ed published by CNBC Wednesday encouraging Congress to act on legislation requiring companies to report attacks.

Speaking at the Billington CyberSecurity Summit, Mayorkas unveiled the requirements on air and transport companies. TSA put in place similar mandates on pipeline operators in May following the Colonial Pipeline ransomware attack.

“Mirroring those steps … TSA is now laying the foundation for more secure and resilient aviation and surface transportation sector,” he said.

Mayorkas signaled future plans for more such rules: “TSA will expand the covered entities gradually to other relevant entities in consider additional measures.”

A rail industry group, the Association of American Railroads, took issue with Mayorkas’ rollout of the plan, saying industry only had three days to evaluate and respond to the proposal, which included many things the industry is doing already, according to the group.

“AAR hopes the substantive comments provided will be thoroughly considered in the decision on whether to proceed with the directive and to ensure any actions taken enhance, not hinder, coordinated cybersecurity efforts,” a spokesperson for the group said.

The second DOJ initiative and new TSA steps reflect the ongoing push within the Biden administration and in Congress to mandate that a larger swath of companies report major hacks and cyberattack-related information to the federal government.

Updated, 10/6/21: to include commentary from the Association of American Railroads.

 

The post US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking appeared first on CyberScoop.


Original Article: https://www.cyberscoop.com/lisa-monaco-alejandro-mayorkas-doj-tsa-cryptocurrency-air-rail-cyber-fraud-initiative/


Jared RimerCheck out my shows on Saturdays and Sundays right here on the mix. Www.986themix.com for more details. Jared Rimer 
Check out my show on www.986themix.com from 7 pm to 10 pm where we play Magnatune and other indipendant artists Thank you for subscribing to the Security Box email list.  If you need list management options, please see the link for a section to log in, manage your subscription, and possibly other options that may be of interest.

Need help?  write the owner, and the owner will get back to you as quickly as possible.  Be clear on what you need.

Thanks for subscribing!

-- 
Thesecuritybox mailing list
Thesecuritybox at 986themix.com
http://mail.986themix.com/mailman/listinfo/thesecuritybox_986themix.com
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.986themix.com/pipermail/thesecuritybox_986themix.com/attachments/20211007/50e8d3b9/attachment-0001.htm>

More information about the Thesecuritybox mailing list