In a detailed exposé at Def Con, cybersecurity researcher Jon DiMaggio revealed his undercover efforts to infiltrate and unmask the notorious ransomware gang LockBit. Earlier this year, international law enforcement agencies had temporarily disrupted LockBit’s operations, seizing their dark web site. After the gang quickly rebounded, DiMaggio shared his two-year effort to unearth the identity of LockBit’s administrator, who he identified as Dmitry Khoroshev. Employing sockpuppet accounts and gaining the trust of LockBit’s leader, DiMaggio infiltrated the group’s operations. This culminated in a coordinated reveal by DiMaggio and the U.S. Department of Justice, putting a spotlight on Khoroshev and marking a significant milestone in cybercrime investigations. DiMaggio’s work emphasizes the risks and intricacies involved in cybercrime research and the potential consequences for those who infiltrate criminal networks.

How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang TechCrunch

In August 2024, Micky Tripathi and Lisa Molyneux provided an update on the U.S. Department of Health and Human Services (HHS) Health IT Alignment Policy, initially announced in 2022. The policy aims to establish departmental-wide standards to promote interoperability in health IT investments. The recent publication of a proposed rule in the Federal Register seeks to amend the HHS Acquisition Regulation (HHSAR), setting requirements for health IT contracts to align with these standards. Efforts by the Assistant Secretary for Technology Policy (ASTP) and other HHS entities have identified significant investments impacted by this policy and are providing technical support to ensure consistent implementation. Public comments on the proposed rule are open until October 8, 2024.

HHS Making Progress on Department-wide Alignment of Health IT Investments healthit.gov

The National Institute of Standards and Technology (NIST) has finalized and released three new encryption standards aimed at strengthening cryptographic defenses against potential cyber threats posed by quantum computers. These standards, which took about eight years to develop, are designed for general encryption and digital signatures, and address future risks where quantum computing could compromise current encryption methods. The standards utilize algorithms selected in a 2022 competition, including CRYSTALS-Kyber for encryption and CRYSTALS-Dilithium and Sphincs+ for digital signatures. Organizations are encouraged to begin integrating these standards promptly to safeguard long-term data security against future quantum threats. Further draft standards and evaluations for additional algorithms are also underway.

NIST releases three encryption standards to prepare for future quantum attacks fedscoop

Cybersecurity threats from external actors like Russia, China, North Korea, and Iran are significant, but insider threats, which involve individuals within the organization or third-party partners with authorized access, require equal attention. While tools such as Data Loss Prevention and email sanitization, alongside AI innovations, are valuable, the most crucial defense against insider threats is cultivating a positive organizational culture. Insider threats can be intentional, driven by motives like personal vendetta or financial gain, or unintentional, often stemming from employee negligence. A strong security culture, supported by leadership setting positive examples, transparent communication, team-oriented approaches, and clear policies, can empower employees to take ownership of their role in protecting the organization. Emphasizing ethical behavior and a collective mission fosters a resilient defense against insider threats.

The best defense against insider threats – culture paulconnelly