Our picksGoing on Cyber Offense | Data Theft Risk Posed by Chinese Technology | Floating Cities

With Hacking, the United States Needs to Stop Playing the Victim (Paul R. Kolbe, New York Times)
The U.S. also uses cybertools to defend its interests. It’s the age of perpetual cyberconflict.

SolarWinds Hackers ‘Impacting’ State, Local Governments, US Cyber Agency Says(Reuters)
The U.S. cybersecurity agency said on Wednesday that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details.
The hacking campaign, which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks, was “impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations,” the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement posted to its website.

Dominion Voting Systems May Sue President Trump Personally for Spreading Election Fraud Disinformation (Brian Niemietz, New York Daily News)
Get in line, buddy. Dominion Voting Systems CEO John Poulos is not ruling out legal action against President Trump, whose surrogates have spent nearly two months alleging the Nov. 3 election, which Trump lost, may have been the result of compromised machines and software.
“We will not be overlooking anybody,” Poulos told CNN Thursday.
Lawyers for the president, who have offered no credible proof of claims being made against Dominion, reportedly received notice from the company’s attorney’s that all records dealing with Dominion should be preserved for “imminent” litigation.

Iran-Linked Hackers Say They Breached Israeli Cyber Security Firm Portnox(Times of Israel)
Pay2Key hacking group leaks documents from leading Israeli companies, latest in series of ransomware attacks tied to outfit researchers have traced to Iran

Firms Warned They “Wouldn’t Survive” Data Breach as a Third Fail to Train Staff (Kalila Sangster, Yahoo)
Experts have warned that most UK businesses “would not survive” a data breach as a new report reveals that almost a third (28%) of firms do not provide essential cyber security training to help workers identify potential data breaches.
Some 28% of UK employees said that their company gave no cyber security training at all, according to the new Cyber Security Insights Report from security provider Iomart.

Emerging Threats in Healthcare Information Security (Nikki Robinson, Touro College)
How Vulnerable Systems Lead to Cyber Attacks in Healthcare

Misinformation Spread By Anti-Science Groups Endangers COVID-19 Vaccination Efforts( Kirk Siegler, NPR)
In some parts of the U.S., the biggest challenge surrounding the COVID-19 vaccine isn’t distribution, but convincing people to get it, as anti-science groups are spreading misinformation.

The History of Russia’s Cyberwarfare Against NATO Shows It Is Time to Add to NATO’s Article 5 (Brian E. Frydenborg, Real Context News)
Since cyberwarfare has become a thing, Russia has been the only serious perpetrator of cyberwarfare against members of the NATO military alliance, with its just-discovered massive SolarWinds cyberwarfare operation only the latest in a string of impunities.  It is long past time for NATO to view these as the acts of war that they are and to evolve accordingly.

Could Floating Cities Be a Haven as Coastlines Submerge? (Daniel Cusick, E&E News / Scientific American)
“Seasteader” housing built on platforms would rise and fall with the tides, but practical challenges are huge

DHS Warns of Data Theft Risk Posed by Chinese Technology (DHS)
Earlier this week, the Department of Homeland Security issued a business advisory to American businesses warning of risks associated with the use of data services and equipment from firms linked to the People’s Republic of China (PRC).
The PRC presents a grave threat to the data security of the U.S. government and U.S. businesses. It has both the intent and ability to covertly access data directly through entities under the influence or jurisdiction of PRC laws, often without the knowledge or consent of the non-PRC businesses or institutions that maintain rights to the data.
“For too long, U.S. networks and data have been exposed to cyber threats based in China which are using that data to give Chinese firms an unfair competitive advantage in the global marketplace,” said Acting Secretary of Homeland Security Chad F. Wolf. “Practices that give the PRC government unauthorized access to sensitive data – both personal and proprietary – puts the U.S. economy and businesses at direct risk for exploitation. We urge businesses to exercise caution before entering into any agreement with a PRC-linked firm.”