Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), expressed skepticism about the feasibility of a U.S. ban on ransomware payments during her appearance at the Oxford Cyber Forum. Despite efforts to reduce ransomware attacks, Easterly noted the difficulty in gauging success due to the lack of a baseline. She highlighted the new Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) as a tool to better understand the cyberattack ecosystem. Easterly also endorsed CISA’s pre-ransomware notification initiative and emphasized the need for a Secure-by-Design approach to effectively combat ransomware. Comparisons were made to similar regulatory efforts in the UK and Europe.

‘I don’t see it happening’: CISA chief dismisses ban on ransomware payments The Record

The UK Home Office was cautioned about a significant risk of ransomware attacks months prior to a major cyber-attack on the NHS by Kremlin-protected hackers, according to a report by the Joint Committee on National Security Strategy (JCNSS). Despite these warnings, the NHS's outdated IT infrastructure and insufficient security measures made it particularly vulnerable. The attack, linked to a Russian hacker group known as Qilin, resulted in canceled medical procedures and the public release of sensitive patient data. The Home Office's prioritization of other issues over cybersecurity was criticized, and a transfer of responsibility to the Cabinet Office was suggested. The attack indicated an escalation in Russia’s cyber warfare tactics, prompting calls for the UK to bolster its cybersecurity defenses and international cooperation to combat such threats. The government has committed to further investments and collaborations to improve resilience, amidst ongoing investigations into the incident.

Home Office was warned about NHS cyber hacks months before Kremlin-backed attack inews

The article discusses the efforts by major healthcare industry groups, including the College of Healthcare Information Management Executives (CHIME) and the American Medical Association (AMA), to urge the U.S. Department of Health and Human Services' Office for Civil Rights (HHS OCR) to provide clear guidance on breach notification responsibilities following a massive data breach at Change Healthcare. This breach impacted millions of patients and disrupted services for healthcare providers. While Change Healthcare has offered to handle the breach notifications, industry groups seek assurances that the regulatory burden will fall on Change Healthcare rather than the affected healthcare providers. Despite HHS OCR’s guidance allowing such delegation, covered entities remain ultimately responsible for ensuring notifications are made, prompting ongoing requests for further clarification.

Groups Ask HHS for Guidance on Massive Change Breach Reports bankinfosecurity

Microsoft has expanded its notification pool regarding the Midnight Blizzard hack, a cyber-attack attributed to the Russian government. The company is alerting more customers about stolen emails involving their accounts, facilitated by a secure portal for reviewing compromised data. Earlier reports from Microsoft identified Midnight Blizzard, also known as Nobelium or Cozy Bear, as being engaged in an ongoing attack, leveraging stolen emails for further cyber intrusions. Social media posts from affected customers highlight the widening impact of the breach. These revelations come as part of Microsoft's commitment to transparency and proactive customer assistance.

Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack - SecurityWeek SecurityWeek