The US Department of Homeland Security (DHS) has allocated $374.9 million in funding to state, local, and territorial governments to support their cybersecurity efforts, according to the National Law Review. The funding is part of the 2023 State and Local Cybersecurity Grant Program (SLCGP), aimed at helping local governments strengthen their cyber defenses and reduce systemic risks. This initiative comes in response to the Biden administration’s National Cybersecurity Strategy, which highlighted the reliance on local governments for US cybersecurity.
The SLCGP focuses on protecting information systems owned or operated by local governments, recognizing the crucial role they play in defending critical infrastructure. The program will provide financial support for cybersecurity planning and exercising, hiring cyber personnel, and improving critical cyber infrastructure. In order to be considered for support, applicants must submit a cybersecurity strategy aligned with the program’s principles, including a Cybersecurity Planning Committee membership list and a Cybersecurity Charter that must be approved by the Cybersecurity and Infrastructure Security Agency.
The deadline for applications is October 6, with award announcements expected in December. This funding will enable state, local, and territorial governments to enhance their cybersecurity capabilities and better protect against cyber threats.
In another significant development, a multinational operation led by the US FBI successfully took down the Qakbot botnet. Participating countries included France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom. The operation involved obtaining lawful access to the botnet’s infrastructure and redirecting traffic to servers controlled by the FBI. Computers redirected to these servers received an uninstaller file that removed the Qakbot malware.
Qakbot, also known as “Qbot” and “Pinkslipbot,” is controlled by a cybercriminal organization and is used to target critical industries worldwide. The malware primarily spreads through spam email messages containing malicious attachments or hyperlinks. Once a computer is infected, Qakbot can deliver additional malware, including ransomware, to the compromised system. Several ransomware groups, such as Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta, have utilized Qakbot as an initial means of infection before launching their extortion campaigns.
The takedown of the Qakbot botnet, dubbed Operation Duck Hunt, marks a significant blow to cybercriminals who rely on this malware to carry out their nefarious activities. It disrupts their ability to compromise systems and launch ransomware attacks, protecting organizations and individuals from potential harm.
This operation highlights the importance of international collaboration in tackling cyber threats. By joining forces, law enforcement agencies from multiple countries can pool their expertise and resources to dismantle cybercriminal infrastructure and neutralize significant threats. The success of Operation Duck Hunt demonstrates the effectiveness of such joint efforts in combating cybercrime on a global scale.
Both the funding program for state and local governments and the multinational operation against Qakbot represent positive steps in the ongoing battle against cyber threats. As cybersecurity risks continue to evolve and become increasingly sophisticated, it is crucial for governments, law enforcement agencies, and organizations to work together to enhance their defenses and protect against cyberattacks. These initiatives reflect a growing recognition of the need for comprehensive and coordinated cybersecurity measures to safeguard both public and private sector systems.