In one look.
- How Does NATO Article Five Apply to Cyber Defense?
- CISA’s new protective DNS could be extended to non-governmental entities.
- The GAO report on ransomware indicates that communication is a weakness.
How Does NATO Article Five Apply to Cyber Defense?
Prime Minister Edi Rama said Albania had been hit by Iranian cyberattacks so severe that he considered invoking Article Five, a NATO statement that calls on all members to act in collective defence, treating an attack on one member as “an attack on them all”. Although Rama decided against it – “I have too much respect for our friends and allies to tell them what to do. We always make sure to be very humble in our assessments,” he explains. The incident raises a larger question: Should Article Five be used to respond to cyberattacks, and if so, how? Explain, the only time the measure was used was after the 9/11 attacks in the United States, and it is unclear what the appropriate response should be when an attack is digital rather than physical. NATO’s Cooperative Cyber Defense Center of Excellence said the application of Article Five to a cyberattack is “a hazy but consistent NATO position”. In 2018, NATO Secretary General Jens Stoltenberg said the alliance’s protocols surrounding a cyberattack were intentionally vague. “I am often asked ‘under what circumstances would NATO trigger Article 5 in the event of a cyber attack?’ My answer is: we will see,” he said.
CISA’s new protective DNS could be extended to non-governmental entities.
The US Cybersecurity and Infrastructure Security Agency (CISA) is launching a Protection Domain Name System (DNS) service that will help federal agencies defend against cyberattacks. DNS is used as an attack vector for a wide range of cyber incidents, and CISA’s Protective DNS would serve as a barrier between agency networks and the rest of the Internet, blocking requests that seek to access malicious IP addresses. known. The new DNS resolver replaces an older DNS sink service that was limited to on-premises agency networks, while the new covers roaming and mobile devices and cloud-based assets. Branko Bokan, Principal Architect of Protective DNS at CISA, explains, “A lot of federal technology is no longer behind those on-premises networks, behind firewalls. They are now all over the Internet, in the cloud, but we also see a lot of what we call roaming and mobile devices and mobile devices that federal users, employees and contractors, use to access federal resources. Hope is to expand service beyond federal agencies in future, Federal News Network adds, and the natural next step would be local governments. “When we initially designed this service, we designed it with the need to scale it to serve the larger enterprise in mind,” Bokan says. “We would really like to be able to offer this service not just to the federal enterprise, not just to federal civilian executive agencies, but to other levels of US governments that might be interested in the same kind of protection.”
The GAO report on ransomware indicates that communication is a weakness.
The United States Government Accountability Office (GAO) this week released its Ransomware Report, a review of federal agencies’ ransomware prevention and response assistance to state, local, tribal, and territorial governments. (SLTT), Nextgov.com reports. After interviewing officials from thirteen SLTTs, the results indicate that a majority of local governments are “generally satisfied” with the ransomware-related support they received between January 2018 and May 2021 from agencies such as the Federal Security Agency. Emergency Management, National Guard Bureau, National Institute of Standards and Technology, Treasury Department and Federal Bureau of Investigation (FBI). However, eleven of the respondents “identified challenges related to education, outreach, and communication” when seeking FBI assistance. An SLTT official said when calling the FBI’s 24-hour incident response hotline, he was sent straight to voicemail and the agency never responded. Respondents also reported experiencing “difficulty identifying federal prevention and response services that were available to SLTTs.” The GAO report recommends that CISA and the Secret Service work to determine how to “improve inter-agency coordination on ransomware assistance,” and it calls on the FBI to improve inter-agency coordination.