|
|
|
|
|
Cyber Daily: After Prison, Hackers Face Tech Restrictions, Limited Job Prospects
|
|
|
|
|
|
Good day. Security leaders may confront the decision to hire or reject a postprison job candidate as cybercrime grows and more hackers move through the justice system.
In the U.S. and U.K., people convicted of cyber crimes often have to contend with tech limitations after they leave prison. In Belgium and the Netherlands, tech restrictions on released hackers are rare, with judges reasoning that they would harm the individual’s ability to work and rejoin society. WSJ Pro's Catherine Stupp talked to convicted hackers, law enforcement authorities and others for her look at the issue. Read the full story.
What kind of traits and criteria would you look at if considering a candidate with a hacking past? Let me know.
More news, including:
-
What big banks spend on cyber
-
U.S. blames Iran for Albanian attacks
-
NEWSLETTER EXTRA | Navigating a 'nightmare'
-
What CISOs are paid
|
|
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
You Can’t Manage What You Can’t See
In today’s hybrid work environment, gaps in visibility can create chaos in your network. NETSCOUT’s Smart Edge Monitoring fills those gaps, assuring performance and user experience.
Learn More
|
|
|
|
|
|
|
U.S. Officials Blame Iran for Cyberattacks in Albania
Cyber operations against the Albanian government this month and in July were likely carried out by hackers supported by Iran, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency said Wednesday in a joint statement. Wiper malware that destroys data and tools that encrypt systems hit websites and services of Albania's government, the U.S. officials said.
-
Hackers had lurked in Albanian systems for at least 14 months before setting off malware, the FBI and CISA said.
-
Earlier in September, Albanian Prime Minister Edi Rama cut diplomatic ties with Iran over the incidents, expelling embassy staff.
-
The FBI-CISA advisory provides details about the hackers' techniques and how to counteract them.
|
|
'Grand Theft Auto' Maker Says Hackers Contacted Customers
Take-Two Interactive Software Inc., which confirmed it had been hit with a cyberattack last week, said hackers accessed one of the company's help desks and sent malicious links to customers. Earlier in the week, hackers said to be in the Lapsus$ gang leaked footage from a forthcoming version of the "Grand Theft Auto" game. (Reuters)
|
|
|
|
PHOTO: JAKE MAY
/ASSOCIATED PRESS
|
|
|
Water Security Too Costly for Some Utilities
Cybersecurity recommendations from the federal government for securing the U.S. water supply are often too expensive for small municipal utilities with thin budgets and sometimes no technology staff, according to water-industry leaders who testified Wednesday in Capitol Hill.
|
|
|
-
David Gadis, chief executive and general manager of DC Water (pictured), said his utility, which serves Washington, D.C., has the resources to model cybersecurity on national standards but also takes tech help from the city. "Unfunded federal mandates are putting a lot of pressure on utilities," Mr. Gadis said. (NextGov)
|
|
How Much Do Big Banks Spend On Cyber Security?
Bank CEOs typically say cyber threats are their biggest concern, so how much do they spend trying to stop them? A lot. Testifying at a House hearing on Wednesday, Bank of America CEO Brian Moynihan said his bank budgets $1 billion a year directly on cybersecurity. JPMorgan’s Jamie Dimon said his bank spent about $700 million, while Citigroup’s Jane Fraser and Wells Fargo’s Charlie Scharf said they both were around $700 million to $800 million.
— David Benoit
|
|
|
|
Navigating a 'Nightmare:' Don't Expect Congress to Create Dedicated Cyber Committees, Lawmakers Warn
|
|
Designated Congressional cybersecurity committees are unlikely to happen, lawmakers say, mainly because colleagues are unwilling to give up their individual hold on the critical issue.
A key recommendation from a Congressionally-mandated body to examine U.S. cyber policy, the Cyberspace Solarium Commission, was to create committees in the House and the Senate to consolidate fact-finding hearings and efforts to enact cyber laws.
|
|
|
PHOTO: LEAH MILLIS
/REUTERS
|
|
|
The proposal was modeled on one that established the Senate Select Committee on Intelligence during the 1970s, after the investigation of scandals involving U.S. intelligence agencies. Yet Sen. Angus King, an Independent from Maine (pictured), doubts any cyber equivalent will come to pass.
|
|
|
“In '76, they realized that intelligence was spread all over the Congress and they set up committees on intelligence in the Senate and the House to consolidate that jurisdiction. I don't know how they did it because trying to do that with cyber, we have found, is virtually impossible,” said Mr. King, a co-chair of the commission, speaking at an event hosted Wednesday by the Foundation for the Defense of Democracies think tank.
“Nobody wants to give up their little piece of the jurisdiction,” he said.
The Solarium Commission, which issued 82 proposals in March 2020, has had marked success elsewhere, including establishing a National Cyber Director position in the White House and expanding the powers of the Cybersecurity and Infrastructure Security Agency. Getting proposals through Congress involved getting almost 200 clearances from various committees and subcommittees, Mr. King said.
“You have no idea what a nightmare that is,” he said.
Rep. Mike Gallagher (R., Wisc.), another co-chair, said getting recommendations enacted would have been even more difficult without Rep. Jim Langevin (D., R.I.), who is retiring this year.
“He is the chair of the cyber subcommittee on the Armed Services Committee, and because of both that position, as well as just his indefatigable efforts in this space, we were able to get a lot passed,” Mr. Gallagher said of Mr. Langevin. “I don't think it would have been possible without his help.”
— James Rundle
|
|
|
|
PHOTO: JEENAH MOON
/BLOOMBERG NEWS
|
|
|
New York to Install Security Cameras on Every Subway Car by 2025
Gov. Kathy Hochul, a Democrat, said she hoped the cameras would offer riders peace of mind, deter criminals and give law-enforcement agencies footage to solve crimes. (WSJ)
|
|
|
|
|
|
$584,000
|
Median compensation for a CISO in the U.S. this year, up nearly 15% from $509,000 last year, according to recruiter Heidrick & Struggles International Inc. in its annual Global Chief Information Security Officer Survey. This year’s study polled 327 CISOs worldwide. The median signing bonus in 2022 was $175,000 in cash, plus $400,000 in equity.
|
|
|
|
|
-
Razor’s Edge Management LLC, a venture-capital firm focused on investing in national-security startups, has closed a $340 million fund. Razor’s Edge said it targets startups developing tech including autonomous systems, space tech, cybersecurity, artificial intelligence and aerospace systems. Some of the companies it backs also can apply their technology to commercial markets such as energy, telecommunications and manufacturing. (WSJ Pro Venture Capital)
|
|
-
Austin, Texas-based CrowdStrike Holdings Inc. said it plans to buy Israel's Reposify Ltd., a startup focused on protecting attack surfaces. CrowdStrike also said it will buy a chunk of Salt Security, which specializes in securing software interfaces. Financial details of the transactions weren't disclosed. (SecurityWeek)
|
|
|
|
|
|