“Evolving intelligence” shows Russia is exploring potential cyberattacks against the U.S., President Joe Biden said Monday. He urged private sector entities to implement best practices to strengthen cyber defense, noting most U.S. critical infrastructure is owned and operated by the private sector. Best practices include multifactor authentication, patches against the newest and known vulnerabilities, data backup, emergency drills, encrypted data and employee education, the White House said.

A new cyber incident reporting law signed by President Joe Biden is a “significant step” in helping combat potential cyberattacks from foreign adversaries, said Senate Homeland Security Committee Chairman Gary Peters, D-Mich., and ranking member Rob Portman, R-Ohio, Tuesday (see 2203110052). Biden signed it into law with passage of the government funding package. It requires critical infrastructure owners and operators to report to the Cybersecurity and Infrastructure Security Agency within “72 hours if they are experiencing a substantial cyberattack and within 24 hours of making a ransomware payment.”

Gov. Roy Cooper (D) created a North Carolina cybersecurity task force by executive order Wednesday. “Systems that provide communications, energy, transportation, water and wastewater treatment are all critical public resources that need to remain protected from all hazards,” said State Public Safety Secretary Eddie Buffaloe.

To counter malicious domain name registrations involving Russia's invasion of Ukraine, ICANN has begun adding terms in English, Ukrainian, Russian, Polish and other languages to its domain name security threat information collection and reporting system, it said. The watchlist, originally rolled out to fight COVID-19 DNS security threats, searches for phishing or malware names that match a set of related keywords. When evidence of malice appears, the results are reported to the corresponding registrars. Measures European telecom companies are taking to help Ukraine are updated here. Telcos welcomed governments' call to reinforce cybersecurity measures (see 2203090038) and promised to "remain trusted partners to public institutions in countering cyber threats to digital infrastructure." The European Telecommunications Network Operators Association stressed, however, that critical IT infrastructures in sectors such as energy, finance and transport will be increasingly in the sights of cyberattackers, and that there, too, "adequate regulatory precautions must be taken." It urged officials to consider the need to allocate more responsibility for risk management in digital infrastructures to providers of ICT products and services that become integral parts of communication networks.

It’s “no secret” that corporate awareness of cybersecurity is “high,” Palo Alto Networks CEO Nikesh Arora told a Morgan Stanley investment conference Monday. “I can’t imagine five years ago, you’d be asking the CEO, how secure is your infrastructure? And are you worried about the risk of cyberattacks?” Arora thinks there's "more of a focus on getting security right than there ever was,” he said. “We’re woefully ill-prepared for what could happen to the technology infrastructure in this country and around the world.” The cybersecurity “debate” has evolved from “whether I could be hacked,” to “if I did get hacked, how am I going to get back up again?” he said.

Authorities arrested a man who committed cryptocurrency securities fraud by misrepresenting the size and profitability of Ormeus Coin, DOJ announced Tuesday. John Albert Loar Barksdale, 40, falsely claimed that Ormeus “was secured by a $250 million cryptocurrency mining operation, which would have been one of the largest such operations in the world, and that its mining revenues exceeded $5 million on a monthly basis,” the department said. According to DOJ, he raised $70 million from more than 8,000 investors “through a web of lies, which he spread through in-person roadshows, social media, and even a jumbotron in Times Square.” He faces up to five years in prison for securities fraud and up to 20 years for additional charges of conspiracy and wire fraud. The company didn't comment.

The Senate passed a legislative package by unanimous consent Monday that includes mandatory cyber reporting and cyber ransomware payment requirements (see 2202080082). The Strengthening American Cybersecurity Act (S-3600) combines the Cyber Incident Reporting Act, the Federal Information Security Modernization Act, and the Federal Secure Cloud Improvement and Jobs Act. Critical infrastructure entities would have to report to the Cybersecurity and Infrastructure Security Agency within “72 hours if they are experiencing a substantial cyberattack, and within 24 hours if they make a ransomware payment.” Senate Homeland Security Committee Chairman Gary Peters, D-Mich.; ranking member Rob Portman, R-Ohio; and Senate Intelligence Committee Chairman Mark Warner, D-Va., who have led efforts in the Senate, said they look forward to helping move legislation in the House.

Though consumers understand their desktops and laptops need protection against cyberthreats, awareness of the need for smartphone security “has not kept pace,” a McAfee study found. The company hired MSI International to canvass 15,500 parents in 10 countries of children 10-18 years old in December, plus 12,000 of their kids, finding most children (59%) think a new phone is more secure than a new computer, but parents are equally split (49%). Though 56% of parents use passwords to protect mobile devices, only 41% of children and teens do so, it said. In the U.S., 29% of boys 10-14 reported a threat to their mobile device accounts compared with 16% of girls the same age, it said.

When CEO Nikesh Arora joined Palo Alto Networks in June 2018, its “mean time” to respond to cyberattacks was measured in days, he told an earnings call Tuesday for fiscal Q2 ended Jan. 31. “For someone who did not work in the security industry, I found that a little flabbergasting,” said Arora, who earlier had worked at SoftBank and Google. “We challenged our team internally” to convert Palo Alto’s response time to seconds or minutes “because that's the only way we're going to have a chance” to protect customers, he said. The company still sees “an evolving and complicated threat landscape,” said Arora. “We have highlighted in the past that cybersecurity is at the front and center of all conversations around risks and threats,” he said. “We believe cybersecurity will continue to become more and more relevant and important. With increased reliance on technology in the prevalence of cyberattacks, there is an ability to disrupt businesses and critical systems, making cybersecurity an area that will need continued focused investment.”

The Cybersecurity and Infrastructure Security Agency is preparing to release guidance on how to identify and mitigate risks of misinformation and malware attacks, given rising tensions between Russia and Ukraine, CISA Director Jen Easterly said Friday. CISA hasn’t identified specific, credible threats to the “U.S. homeland,” but agencies and entities need to be ready for digital risk, she said during an Aspen Institute livestream. Private entities are more likely to experience threats first, so it’s important for businesses to report incidents to CISA, she said. That way the government can assess “seemingly disparate events,” she said.