Cyber Week in Review: March 10, 2023

TSA announces new airport and aircraft cybersecurity standards

The U.S. Transportation Security Administration (TSA) announced new cybersecurity standards for airlines and airports on Wednesday. Previously, airlines and airports had been required to develop a cyber incident response plan, designate a cybersecurity coordinator, and report cyber intrusions to the Cybersecurity and Infrastructure Security Agency within twenty-four hours of the incident. The new rules require airports and airlines to segment operational technology (OT) and information technology (IT) systems such that they can operate independently of one another, improve access controls for critical systems, continuously monitor and react to threats to networks, and regularly update critical cyber systems. The TSA has released similar cybersecurity rules for the pipeline sector and rail companies in the last two years.

EPA releases cybersecurity guidance for water companies

The U.S. Environmental Protection Agency issued a memorandum outlining the need for better cybersecurity in the water industry on Friday. The regulation will require states to include cybersecurity as part of water agencies’ sanitary surveys, periodic on-site reviews of public water systems which assess their capability to provide safe drinking water. An association of water providers condemned [PDF] the new regulation, saying they are “ill-advised, impractical, and are not designed to meaningfully improve system resiliency.” A 2021 cyberattack on the city of Olsdmar, Florida, where hackers attempted to raise the level of sodium hydroxide in water to toxic levels, highlights [PDF] the need for improved cybersecurity in the industry.

Germany may ban Huawei and ZTE 5G equipment

The German government announced it will launch a review of the use of Huawei and ZTE equipment in its 5G communications network. The review will likely lead the government to ban Huawei and ZTE equipment from 5G networks, according to government sources, as well as requiring operators to remove Huawei and ZTE from existing networks. The Chinese Embassy in Berlin condemned the potential ban and said that nearly 60 percent of German’s 5G network used Huawei equipment. Chinese communications technology has been a difficult topic for European leaders, with the United Kingdom allowing Huawei to supply equipment for its 5G network in January 2020, before reversing course months later and rescinding the authorization.

Police arrest members of DoppelPaymer ransomware gang

German and Ukrainian police announced that they had arrested two core members of the DoppelPaymer ransomware gang and put out warrants for the arrest of three Russian members earlier this week, with assistance from Dutch police, the FBI, and Europol. One of the Russian members, Igor Turashev, is wanted by the FBI for his role in another established ransomware group, EvilCorp, which was sanctioned by the United States in 2019. Analysts have previously said that the gang is likely an offshoot of EvilCorp. DoppelPaymer is widely known for an attack on a hospital in Dusseldorf, Germany that forced the hospital to reroute patients and likely contributed to the death of a seventy eight year old patient.

China to establish National Data Administration

China will establish a National Data Administration as part of the reorganization of the country’s State Council, according to a proposal submitted Tuesday to the National People’s Congress. The new agency will be under the management of the National Development and Reform Commission, which broadly oversees China’s macroeconomic planning, and will be responsible for the “coordination and advancement of building the data factor system; overall planning of the integrated sharing and development and use of data resources; [and] overall planning of the advancement of Digital China, digital economy, and digital society plans and construction.” The formation of the new agency follows last week’s release of the “Digital China Construction Plan,” which calls for the construction of a “national data management system and mechanism” as part of the “opening up [of] the main arteries of [China’s] digital infrastructure.”