This Week in Washington
CyberScoop NATO to create cyber rapid response force, increase cyber defense aid to Ukraine
NATO announced plans Wednesday for a commitment to create a rapid response cyber force and to bolster military partnerships with civil society and industry to respond to cyber threats. Coming on the heels of a meeting that included leaders from all 30 allied countries, the Madrid summit declaration also said NATO will do more to support Ukraine’s cyber resilience and defense against Russia while also focusing on China as a long-term and mounting cyberthreat. “We are confronted by cyber, space, and hybrid and other asymmetric threats, and by the malicious use of emerging and disruptive technologies,” the declaration said. “We face systemic competition from those, including the People’s Republic of China, who challenge our interests, security, and values and seek to undermine the rules-based international order.”
Protocol Security experts are bracing for major cyberattacks against the West if Russia gets desperate
In the four months since its invasion of Ukraine, Russia hasn’t intensified its usual pattern of cyberattacks against the U.S. and Western Europe in response to sanctions and Ukrainian military aid, as many expected. But that doesn’t mean the risk of escalation with the West is gone, numerous experts told Protocol. In all likelihood, the political and economic issues facing the Kremlin will only continue to mount, raising the prospects of Russia bringing new cyber pressure against the U.S., said Chris Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). According to a Microsoft report released last week, Russian agencies have been conducting network penetration tests across a wide swath of NATO countries in the months since the invasion, with the U.S. being the top target. Microsoft says that 29% of the attacks successfully breached the target networks, which included government agencies, IT enterprises and critical infrastructure organizations.
Nextgov Key State Official Warns of ‘Peril’ as US Pursues Cybersecurity Goals at G7
The U.S. advanced efforts to outrun China in supplying the market for emerging technologies across the globe with a presidential memo on agencies coordinating with those of the world’s leading economies, including to establish criteria for distributing hundreds of billions of development dollars. Some officials are worried about the implications for cybersecurity. The White House announced the Partnership for Global Infrastructure and Investment Sunday in advance of the annual meeting of leaders from a group of the world’s richest nations—Canada, France, Germany, Italy, Japan, the United Kingdom and the European Union, along with the United States—happening through Tuesday. The U.S. has committed to a third of the $600 billion partnership, and the plan is contingent on congressional approval.
FedScoop Watchdog calls on HHS to improve feedback system for health care cyber breach reporting
The Government Accountability Office has called on the Department of Health and Human Services to improve how it collects feedback from the health care sector on cybersecurity breach reporting requirements. In a report issued Monday, the watchdog recommended that the agency’s Office of Civil Rights set up a process to assess the ease with which entities like health plans and health care providers can disclose potential cybersecurity incidents to the federal government. “[Office of civil rights] OCR has not provided a formal method for covered entities and business associates to provide feedback to about the breach reporting and investigations processes,” said GAO. It added: “Addressing this shortcoming will be an important step toward improving or simplifying aspects of the breach and investigations process and preventing long lapses of communication during ongoing breach reporting investigations.
The Hill Bipartisan bill targets data flows to American adversaries
A bipartisan group of senators on Thursday unveiled legislation aimed at restricting the ability of foreign adversaries to purchase data about American citizens. The Protecting Americans’ Data from Foreign Surveillance Act would direct the Commerce Secretary to identify kinds of personal data that could harm national security if exported. The agency would then determine which countries are low risk and which are high risk. Low-risk countries would be allowed to import data without restrictions, while high-risk ones would see exports of data be presumptively denied. All other countries would require license for bulk exports of data identified as potentially harmful.
Nextgov House Panel Passes RANSOMWARE Act to Get FTC Reports on Cross-Border Work
Lawmakers on the House Energy and Commerce Committee want the Federal Trade Commission to share its insights and recommendations for securing the U.S. against ransomware and other cyberattacks by amending a law that facilitates the commission’s international law enforcement collaboration. The committee’s panel on consumer protection and commerce unanimously cleared the RANSOMWARE—or Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies—Act in a legislative markup Thursday.
Reuters Online privacy bill easily passed by U.S. House panel
A U.S. House of Representatives panel passed a bipartisan online privacy bill on Thursday that aims to limit the collection of personal data, though doubts remain as to whether it will become law. The measure easily passed a House Energy and Commerce subcommittee on a voice vote. It now goes to the full committee. The fate of the bill is uncertain given that it faces criticism from powerful Senate Democrats, including Senator Maria Cantwell. Lead sponsors are Energy and Commerce Committee Chair Frank Pallone along with Representative Jan Schakowsky, both Democrats, as well as Republican Representatives Cathy McMorris Rodgers and Gus Bilirakis. “Today’s markup is another milestone towards our ultimate goal of enacting meaningful national privacy legislation,” said Pallone.
Wall Street Journal Cyberattack Prevents Macmillan From Shipping Its Books to Retailers
Macmillan, one of the largest book publishers in the U.S., said it has been hit by a cyberattack, and book retailers nationwide said they were unable to place new orders from the publisher. Macmillan “recently experienced a security incident, which involves the encryption of certain files on our network,” the publisher said Wednesday. “As a precautionary measure, we immediately took systems offline to prevent further impact to our network.” The publisher said it was working to restore its networks, adding that its staff and “other third-party partners may notice that certain systems are unavailable while these efforts are under way.”
Fierce Telecom Second study links broadband access to lower Covid death rates
A new study from Tufts University’s Digital Planet initiative found a correlation between broadband and Covid-19 death rates, highlighting a particular link between greater access and better outcomes in urban areas. The report comes after researchers at the University of Chicago released a paper earlier this year that came to a similar conclusion. The study from Tufts included data from the U.S. Census Bureau, the Department of Labor, Department of Commerce, Broadband Now and a Covid-19 map put out by USAFacts, among other sources. Researchers found that even after controlling for a range of factors including age, gender, healthcare access, poverty and racism, a 1% increase in broadband access reduced Covid death rates by approximately 19 people per 100,000 in the U.S. Put another way, a 1% increase in broadband access led to a 0.1% decline in Covid mortality overall.
StateScoop New York governor appoints state’s first ‘chief cyber officer’
Months after launching a statewide security operations center to protect against mounting cyberattacks, New York Gov. Kathy Hochul on Monday named Colin Ahern, a former New York City cyber official, as the state’s first chief cyber officer. As chief cyber officer, Ahern is tasked with overseeing operations of the state’s Joint Security Operations Center, which Hochul said upon the Brooklyn facility’s unveiling in February is designed as a hub for local governments and other entities rallying a defense against bad actors online and “terrorists who want to disrupt our way of life.” Ahern is also tasked in his new role with “working with executive management at every state agency,” according to a news release.
Fierce Telecom ACA study finds broadband competition in U.S. is thriving
A new study from ACA Connects, a trade group that represents small and medium-sized broadband providers, found that more than 90% of U.S. households have access to at least one broadband provider today and 74% of households will have access to at least two broadband providers by 2025. ACA said that it analyzed FCC deployment data and found that from 2014 to 2020 the percentage of U.S. households with access to at least one broadband provider offering at least 100 Mbps downstream and 20 Mbps upstream service and at least one provider offering 25 Mbps downstream and 3 Mbps upstream broadband services more than doubled from 32% to 84%.
Daily Nonpareil Federal broadband aid adds to Iowa’s expansion
An influx of federal funding for high-speed internet expansion has created an opportunity in Iowa that must be met, agriculture and business leaders in Iowa said Wednesday during a roundtable discussion with a representative from the federal commerce department. Andrew Berke, the special representative for broadband with the federal commerce department’s National Telecommunications and Information Administration, participated in the discussion at Des Moines Area Community College. Iowa’s discussion was the 21st such event in as many states that he has participated in, he said, as states prepare for how to spend $42 billion from the bipartisan federal infrastructure funding law to expand high-speed, broadband internet access to underserved areas. Just how much of that federal money Iowa will receive has yet to be determined.
Tech Podcast of the Week
Podcast on Data Privacy Legislation
Senator Maroney is the author of the Connecticut Data Privacy Act – the nation’s fifth broad consumer privacy law. In this episode, Senator Maroney discusses how he navigated passing the law in 2022 after coming up just short in 2021. Among other topics, Senator Maroney discusses establishing a privacy work group to bring various stakeholders together in-between sessions. He also discusses working through various last minute issues to ensure passage. (Legislating Data Privacy Series: A Conversation with Connecticut Senator James Maroney – June 29, 2022)