GovCon & Cyber Weekly Debrief (3/23–27)
This week's Weekly Debrief covers COVID-19, the $2T stimulus package, and cyber issues.
"At a whopping 57 million, self-employed people make up a huge piece of the country’s economic puzzle. But during a global pandemic, when business starts drying up, those who work for themselves are among the most vulnerable."
"The Senate approved a massive package aimed at supporting the U.S. economy and workers through the coronavirus outbreak on Wednesday evening, sending the bill to the House where it is expected to pass."
"Some highlights of a $2.2 trillion package to help businesses, workers and a health care system staggered by the coronavirus pandemic. The bipartisan compromise was approved by the Senate Wednesday night, and House leaders predict final congressional approval Friday."
"The Defense Department officially entered into an agreement with the nonprofit corporation that will serve as the accreditation body for its Cybersecurity Maturity Model Certification program, the chief information security officer for the department’s acquisition office confirmed."
"The federal government continues to refine its teleworking policies in the wake of the coronavirus pandemic, even acting over the weekend to issue guidelines designed to make it easier for federal workers and contractors to perform their jobs from remote locations. And while many private businesses have allowed significant portions of their workforce to telecommute for years, governments have been slow to follow suit, especially at the federal level."
"As the COVID-19 pandemic wreaks havoc around the globe, cybercriminals appear to be reaching new lows in their latest efforts to exploit personal fears to launch phishing attacks."
"The nation’s largest ever spending bill will hold $10.5 billion for the Defense Department to keep the National Guard staffed and protected, insulate key companies from the economic downturn and find treatments for the coronavirus. The $2 trillion bill, which bails out industries affected by COVID-19 and provides a one-time stipend for some Americans, puts more than $4.9 billion into the Pentagon’s health operations."
"Defense industry executives are being forced to choose between risking employees’ health by sending them into factories amid the coronavirus outbreak, or missing the delivery deadlines in their Pentagon contracts."
"WASHINGTON — A former senior defense official expressed hopes Thursday that the ongoing coronavirus pandemic could lead to a broadening of how America defines national security.
This week's Weekly Debrief covers COVID-19 issues, Chinese cyber espionage, targeted attack with malicious USB dongles, facial recognition, and data transparency in the age of privacy.
"Security researchers have come across an attack where an USB dongle designed to surreptitiously behave like a keyboard was mailed to a company under the guise of a Best Buy gift card. This technique has been used by security professionals during physical penetration testing engagements in the past, but it has very rarely been observed in the wild. This time it's a known sophisticated cybercriminal group who is likely behind it."
"Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one advanced persistent threat group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye."
"Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now."
"The novel coronavirus is challenging organizations on all fronts. Leaders must contend not only with cyberattackers leveraging COVID-19, but also employee, customer and partner concerns, and business continuity and risk management planning. Visit this page for ongoing updates to coverage from SC Media and other CyberRisk Alliance affiliates — including news analysis, business guidance and insights cyber risk professionals and leaders can use now."
"In the midst of the ongoing coronavirus pandemic, facial recognition technology is being adopted globally as a way to track the virus’ spread.But privacy experts worry that, in the rush to implement COVID-19 tracking capabilities, important and deep rooted issues around data collection and storage, user consent, and surveillance will be brushed under the rug.
"As data volumes explode, consumers have become increasingly worried about privacy and are hesitant to entrust their data to just anyone. At the same time, they've also come to expect highly personalized brand interactions, for which some data is essential.
. . .