The Cybersecurity and Infrastructure Security Agency (CISA) has released a document to help organizations secure operational technology and control systems from ransomware threats. 

CISA said Wednesday that it advises organizations to develop manual controls that can maintain critical processes and industrial control systems amid ransomware risks.

The agency also recommends the implementation of regular backup procedures and a robust divide between information technology and OT networks.

The document also noted that backup procedures must be isolated from networks and that organizations must conduct continuous monitoring efforts.

CISA issued this guidance in response to recent incidents where cyber disruptions in IT networks also affected operational processes. The agency also advises organizations to report ransomware cases to law enforcement entities such as the FBI.

The National Cybersecurity Center of Excellence (NCCoE) has issued a draft report made to help organizations manage risks related to ransomware attacks.

NCCoE's Cybersecurity Framework Profile for Ransomware Risk Management draft defines security objectives to help parties prevent, address and recover from ransomware attacks, the National Institute of Standards and Technology (NIST) said Thursday.

Ransomware refers to encryption-based cyberattacks that block user access to information until an amount of money is paid. These attacks encrypt and potentially steal critical information, then propose to not leak the stolen data if the sum is paid.

NIST asks the public to comment and provide input on the draft. Interested parties may submit responses through July 9th.

Mike White, the principal director of hypersonics within the Office of the Undersecretary of Defense for Research and Engineering, said the technology he is in charge of is an important part of the military's modernization, DOD News reported Wednesday.

He said hypersonic weapons have the potential to strike high-priority targets and can sustain high-altitude flight at speeds near Mach 5. White said these characteristics make hypersonic missiles effective against long-range targets.

The Department of Defense (DOD) is working on hypersonic weapons applicable for launch from air, maritime and land domains. The three service branches corresponding to these domains, as well as the Missile Defense Agency (MDA), the Defense Advanced Research Projects Agency (DARPA) and other organizations, are working on various hypersonic technology projects.

The Department of Energy (DOE) will award $54 million worth of federal funding to 235 small businesses to support 266 research and development projects focused on advanced grid technologies, artificial intelligence, carbon capture and storage, solar and hydrogen power, electric vehicle batteries and other technological products that could help DOE record net-zero emissions by 2050.

DOE said Wednesday the awards are made through the Small Business Innovation Research and Small Business Technology Transfer (SBIR/STTR) programs that aim to boost commercialization of private sector-made technologies.

Secretary of Energy Jennifer Granholm considers small businesses as the backbone of the U.S. economy, "driving America’s leadership in energy efficiency, sustainable transportation and renewable power."

Some of the selected projects are on grid-smart building controls and workforce development and experiential bioenergy learning tools. Voss Scientific, one of the awardees, seeks to address thermal stress by working on high average-power laser amplifiers.

“With this round of federal funding, we’re going one step further to tap this homegrown resource to help bring the next generation of clean energy innovation to market while creating good-paying jobs across the private sector,” said Granholm.

Of the 235 awardees across 42 states, 29 are women-owned businesses.

The Government Accountability Office (GAO) has called on the Department of Homeland Security (DHS to fully implement risk management best practices with regard to its Homeland Advanced Recognition Technology (HART) program that seeks to replace its biometric identity management system. 

GAO assessed the HART program’s implementation of seven risk management practices and found that the program had fully implemented four of those best practices, according to a report published Tuesday.

Those practices are determining risk sources and categories, defining parameters to analyze and categorize risks, identifying and documenting risks and evaluating and categorizing each identified risk using defined risk categories.

Monitoring the status of each risk and developing a risk mitigation plan in accordance with the risk management strategy was among the practices partially implemented by DHS with regard to the HART program.

“While DHS has plans underway to fully implement two of the partially implemented practices until it fully implements the remaining practice its efforts to effectively monitor the status of risks and mitigation plans may be hampered,” the GAO report reads.

The congressional watchdog has recommended that DHS update its policy to reflect its revised process for assessing information technology programs.

According to the report, DHS plans to field the first increment of the potential $4.3 billion HART program in Dec. to replace the existing platform’s functionality. Succeeding increments are expected to be implemented in 2022 and 2024.

The Senate voted 68-32 to pass bipartisan legislation that would authorize nearly $250 billion for scientific research, technology development and manufacturing efforts meant to increase U.S.’ global competitive position, NBC News reported Tuesday.

The U.S. Innovation and Competition Act calls for domestic investments in artificial intelligence, quantum computing, chip technology and space exploration as the federal government works to address rising competition from China.

“This legislation addresses key elements that were included in my American Jobs Plan, and I am encouraged by this bipartisan effort to advance those elements separately through this bill,” President Biden said.

“As other countries continue to invest in their own research and development, we cannot risk falling behind.  America must maintain its position as the most innovative and productive nation on Earth.”

The bill would allocate a five-year. $29 billion budget to establish a technology and innovation directorate within the National Science Foundation (NSF) and another $52.7 billion to incentivize domestic semiconductor manufacturing work.

House lawmakers will take up their version of the legislation following the Senate approval.

The Biden administration will form a supply chain disruptions task force to help address short-term supply chain challenges and address near-term mismatches between supply and demand in areas such as semiconductors, construction and agriculture.

The establishment of the new task force is one of the recommendations outlined in the 100-day supply chain review reports released in accordance with an executive order signed by President Biden in Feb. 2021, the White House said Tuesday.

The compilation of four reviews submitted to the president contains recommendations that are divided into six categories, including rebuilding production and innovation capabilities, supporting the development of markets that invest in workers, value sustainability and drive quality and leveraging the government’s role as a purchaser of and investor in critical goods.

The White House outlined some of the initiatives it has started to address vulnerabilities in U.S. supply chains. These include collaboration with semiconductor companies to identify improvement in supply chain management practices, the administration’s efforts to address cyber threats to U.S. supply chains and critical infrastructure and the Department of Defense’s announcement to invest in a rare earth element processing company.

The administration also cited specific actions federal agencies will carry out to help secure the domestic supply chain for advanced batteries, support domestic production of critical medicines, address semiconductor shortages and support U.S. workers and innovation.

The FBI employed a mobile communications platform and collaborated with foreign law enforcement agencies in a global sting operation that led to more than 800 arrests of crime network members across 16 countries.

The bureau and its international partners monitored transnational criminal activity using the encrypted Anom messaging system as part of Operation Trojan Shield, with participation from Europol’s Operational Task Force, the Department of Justice said Tuesday.

Authorities covertly tracked approximately 27 million messages from more than 12,000 Anom devices sold to alleged crime syndicates who were not aware of the investigative work and communicated illegal activities with the technology.

“This was an unprecedented operation in terms of its massive scale, innovative strategy and technological and investigative achievement,” said Randy Grossman, acting U.S. attorney for the Southern District of California.

“We aim to shatter any confidence in the hardened encrypted device industry with our indictment and announcement that this platform was run by the FBI.”

The Anom-based investigation began in 2018 after the FBI lawfully shuttered Phantom Secure, a Canadian encrypted device vendor found guilty of helping criminal users secretly communicate to evade law enforcement detection.

A federal grand jury in San Diego indicted 17 foreign nationals Tuesday for the distribution of communication devices to suspected criminal syndicates following a two-day global takedown.

Police forces in Australia, Sweden, Lithuania and the Netherlands took part in the effort.