Our picksIt's Too Easy to Troll Like a Russian | Cyber Insurance Industry Initiatives | Labor Concerns Plaguing U.S. Agriculture, and more

Published 7 July 2021

·  U.S., Russian Officials to Meet Following Kaseya Ransomware Attack

·  Self-Described Virginia Militiaman Is Arrested in Capitol Breach

·  DHS Considering Small Business-Made Tech Greenlighted by Other Agencies

·  Labor Concerns Plaguing U.S. Agriculture

·  Understanding Russia’s Cyber Strategy

·  It’s Too Easy to Troll Like a Russian

·  Two Cyber Insurance Industry Initiatives Grapple with Rise of Ransomware

·  Republican National Committee Denies Russian Hackers Accessed Data

U.S., Russian Officials to Meet Following Kaseya Ransomware Attack  (Mariam Baksh, Nextgov)
President Joe Biden also plans to meet with U.S. officials on measures to address ransomware.

Self-Described Virginia Militiaman Is Arrested in Capitol Breach  (Alan Feuer, New York Times)
In mid-June, a self-described Virginia militiaman drove with a new acquaintance from his home in Alexandria to a former prison in the nearby town of Lorton, about 15 miles away. His mission was a secret one, prosecutors say: He was scouting a location where he could test a batch of Molotov cocktails he was planning to make. The man, Fi Duong, apparently liked the prison and, according to court papers, he told his friend — and another man who joined them — that it was “the perfect place” to do the job. “Technically,” the papers quote him as saying before the group departed, “you’re engaging in war or conflict. But again, what is the price we ultimately pay for peace?” What Mr. Duong did not know, however, was that the other men were not like-minded activists who shared his beliefs in a pending civil war and the need for Virginia to secede from the union. They were instead federal agents who had been spying on him and some of his associates since shortly after the riot at the Capitol six months ago. On Tuesday, federal prosecutors unsealed a complaint against Mr. Duong, charging him not with making bombs but with illegally breaching the Capitol on Jan. 6. In the complaint, they did not accuse Mr. Duong of committing any violence, but rather accused him of repeatedly using violent rhetoric and conducting surveillance at the Capitol in the weeks after the attack by the pro-Trump mob.

DHS Considering Small Business-Made Tech Greenlighted by Other Agencies  (Brandi Vincent, Nextgov)
The agency wants to know if other parts of the government have developed tech that could help its mission.

Labor Concerns Plaguing U.S. Agriculture  (Ohio’s Country Journal and Ohio Ag Net)
Access to labor was a concern for Ohio’s food and agriculture sectors before the onset of the COVID-19 pandemic which brought more volatility to the food supply chain. Now, the challenges with labor have only gotten worse.

Understanding Russia’s Cyber Strategy  (Josephine Wolff, Foreign Policy Research Institute)
The Russian Federation’s willingness to engage in offensive cyber operations has caused enormous harm, including massive financial losses, interruptions to the operation of critical infrastructure, and disruptions of crucial software supply chains. The variety and frequency of these operations, as well as the resulting attribution efforts, have offered an unusually vivid picture of Russia’s cyber capabilities and tactics. While many other countries have relied heavily on vague strategies and threats to signal their emerging cyber powers, Russia has exercised its technical capabilities with relative impunity for more than a decade. This makes it possible to chart Moscow’s increasingly bold forays into the cyber domain alongside the increasingly technically sophisticated specific vulnerabilities, techniques, and tactics that Russia has leveraged. This timeline reveals a shift towards more covert, targeted cyber capabilities in recent years, as well as an evolution away from phishing-based compromises to supply chain and service provider intrusions, in conjunction with a continued reliance on and reuse of the same infrastructure and malware across multiple operations.

It’s Too Easy to Troll Like a Russian  (Ivana Stradner and Pulkit Agrawal, Defense One)
We’re scholars, but amateurs, and we found it alarming how quickly we imagined a personalized misinformation campaign with actual publicly available data.

Two Cyber Insurance Industry Initiatives Grapple with Rise of Ransomware  (Tim Starks, Cyberscoop)
Twice in the past few weeks, insurers have joined together in response to the spiraling ransomware attacks that have rocked their industry.
In mid-June, seven top insurance companies formed CyberAcuView, a company to combine their data collection and analysis powers in a bid to strengthen risk mitigation in the cyber insurance industry. The chief executive officer of CyberAcuView told CyberScoop that ransomware was one of the factors that drove creation of the company.
Then, last week, the American Property Casualty Insurance Association (APCIAreleased its guiding principles on cyber extortion and ransomware, including its views on regulation.

Republican National Committee Denies Russian Hackers Accessed Data  (Kari Paukl, Guardian)
Report says RNC computers were breached by Cozy Bear hackers, accused of DNC hack in 2016.