Cybersecurity and Infrastructure Security Agency

January 17, 2025 | Jiwon Ma, Maria Riofrio

PowerSchool Breach Highlights Growing Cybersecurity Risks in America’s Schools

PowerSchool, a cloud-based software provider for K-12 schools, confirmed on January 7 that hackers breached its systems late last year, affecting thousands of school districts across the United States...

January 3, 2025 | Jack Burnham |

Chinese-Linked Hackers Accused of Infiltrating U.S. Treasury Department

China is accelerating its efforts to compromise U.S. government systems through cyberattacks. In a letter to Congress on December 30, the Treasury Department revealed that hackers linked to Beijing had...

January 2, 2025 | |

‘Sought to Divide the American People’: U.S. Sanctions Iranian and Russian Entities Pushing Disinformation

Russia and Iran Conducted Targeted Disinformation Campaigns: The U.S. Treasury imposed sanctions on two entities from Iran and Russia on December 31 for their attempts to influence...

December 10, 2024 | RADM (Ret.) Mark Montgomery, Jiwon Ma

Steady leadership prepares TSA to face evolving cyber threats

New presidents bring new policies. But amid rapidly expanding cyber threats, steady leadership at the federal agencies charged with securing critical infrastructure is, well, critical. David Pekoske,...

December 9, 2024 | Jack Burnham |

Federal Appeals Court Upholds TikTok Ban in Serious Setback for Chinese Influence Operations

A federal appeals court has upheld a law forcing the TikTok social media platform — a conduit for Chinese influence operations and information harvesting — to be sold by its Chinese parent company...

November 21, 2024 | Annie Fixler, Johanna Yang

Wanted: A Plan to Secure America’s Railroads Against Cyberattacks

The Transportation Security Administration (TSA) published a proposed cybersecurity rule on November 6 that would “require the establishment of pipeline and railroad cyber risk management...

November 12, 2024 | Johanna Yang |

Information Sharing Is the Answer for Improving Cybersecurity in the Food and Agriculture Industry

The Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) last week released its first annual Cyber Threat Report. The report, the first of its kind in this sector, represents...

October 16, 2024 | Jiwon Ma, Rohannah Shrestha 

Public-Private Cyber Collaboration Needs Enhanced Real-Time Data Sharing

A House committee last month passed a bill to codify in law the Joint Cyber Defense Collaborative (JCDC), a Cybersecurity and Infrastructure Security Agency (CISA) collaboration initiative. If signed into...

August 26, 2024 | |

Iranian Cyber-Spying Group Posed as Tech Support to Target U.S. Political Officials’ WhatsApp Accounts

Facebook, WhatsApp, and Instagram’s parent company, Meta, reported on August 23 that it blocked a small cluster of WhatsApp accounts used by Iranian cyber-attackers to target officials...

August 6, 2024 | |

Iranian Cyber Warfare Targeting Israel Seeks to Exploit Fears of Military Attack

A malicious email sent to Israeli citizens on August 4 purporting to contain “citizen safety” guidelines drawn up by the Israel Defense Forces (IDF) has highlighted attempts...

July 17, 2024 | Clifford D. May |

The war in cyberspace

America’s top spy is warning you

March 5, 2024 | RADM (Ret.) Mark Montgomery, Sophie McDowall

America’s Food Supply Has a Cyber Problem

Fine-tuned sensors let farmers know which fields need more water and which crops need more fertilizer. But today, a hacker halfway around the world, working as a criminal actor or paid by a foreign government,...

March 4, 2024 | Dr. Georgianna Shea |

The Power of SBOMs: Building Resilience in Our Critical Infrastructure

As a member of the PCAST Working Group on Cyber-Physical Resilience, I was involved in crafting the recent report outlining crucial steps to fortify the intricate systems that underpin our daily lives....

November 17, 2023 | Dr. Georgianna Shea |

Charting FDA’s Course: SBOM as the North Star in Cybersecurity

Supply chain security has undergone a profound transformation after pivotal events such as the SolarWinds compromise in 2020 and the subsequent Log4j incident.  Central to this evolution is the emergence...

November 2, 2023 | Annie Fixler, Gabrielle Christello

More Cyber Collaboration Between TSA and Industry Will Put Railroad Operators on the Right Track 

The Transportation Security Administration (TSA) announced updates to three security directives last week aimed at strengthening the cyber resilience of passenger and freight railroads. The new guidance...

November 2, 2023 | |

FBI Director Warns of Increased Risk of Iranian Cyberattacks 

Latest Developments  FBI Director Christopher Wray said on October 31 that Iran is likely to pose an increased cyber threat to U.S. critical infrastructure as the war between Israel and Hamas continues....

October 11, 2023 | |

Washington Provides Cyber Support to Israel

U.S. officials confirmed on October 10 that Washington is providing cyber support to Israel as Jerusalem battles Hamas terrorists on the ground and criminals in cyberspace. Anne...

May 18, 2023 | Logan Weber |

Treasury’s Sanctions Strike at Key Russian Ransomware Figure

The U.S. Department of the Treasury on Tuesday sanctioned Mikhail Matveev, a key figure in the Russian cybercrime world. In conjunction with a newly unsealed federal indictment of Mateev and a $10 million...

May 17, 2023 | Samantha Ravich, Suzanne Spaulding

The President Must Move Swiftly to Nominate New National Cyber Director

The Office of the National Cyber Director successfully led the development of the new National Cybersecurity Strategy. Now, the office is missing a key ingredient for implementing the strategy’s...

April 15, 2023 | RADM (Ret.) Mark Montgomery, Jiwon Ma

President’s cyber budget request is off to a good start; Congress should fill the gaps

The White House released the President’s Budget Request for Fiscal Year (FY) 2024 last month, just a few days after issuing the much-anticipated National Cybersecurity Strategy....