The Biden administration has taken a major step in protecting Americans’ sensitive personal data by issuing an executive order that restricts data brokers from selling such information to countries of concern like China and Russia. The order, which focuses on various types of personal data including genomic, biometric, health, financial, geolocation, and personally identifiable information, aims to prevent potential privacy breaches, counterintelligence threats, blackmail risks, and other national security concerns.
According to the White House, the sale of Americans’ data poses significant risks, especially for those in the military or national security community. Countries of concern can use this data to gather information on individuals such as activists, academics, journalists, dissidents, political figures, and members of marginalized communities, with the intention of intimidating opponents, stifling dissent, and restricting freedom of expression and civil liberties. By implementing this executive order, the Biden administration is taking proactive measures to safeguard the sensitive personal information of Americans and protect their privacy rights.
In a related development, the healthcare industry is facing a wave of ransomware attacks, with the ALPHV/Blackcat ransomware-as-a-service operation targeting healthcare organizations. A joint advisory issued by the US FBI, CISA, and the Department of Health and Human Services warns that since mid-December 2023, the healthcare sector has been the primary target of these ransomware attacks. The recent cyberattack against Optum’s Change Healthcare prescription processing platform, attributed to the ALPHV/Blackcat gang, has disrupted the company’s systems, leading to widespread operational disruptions. UnitedHealth Group VP Tyler Mason reported that the majority of pharmacies using the impacted platform have shifted to alternative electronic claim processes to mitigate the impact of the attack.
Furthermore, security agencies have issued a joint advisory raising concerns about Russia’s APT28 threat actor, also known as Fancy Bear, utilizing compromised Ubiquiti EdgeRouters for various malicious activities. These activities include harvesting credentials, collecting network traffic, hosting spear-phishing landing pages, and deploying custom tools globally. APT28 has been conducting covert cyber operations against governments, militaries, and organizations worldwide since at least 2022, targeting industries such as Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. The threat actor has specifically targeted countries like Ukraine, Czech Republic, Italy, Lithuania, Jordan, Montenegro, Poland, Slovakia, Turkey, the United Arab Emirates, and the US, highlighting the global reach and impact of their operations.
In response to these escalating cybersecurity threats, government agencies, security experts, and industry stakeholders are working together to enhance defenses, raise awareness, and strengthen cybersecurity measures to safeguard critical infrastructure, protect sensitive data, and mitigate the risks posed by cyber threats. By collaborating on threat intelligence sharing, incident response coordination, and cybersecurity best practices, the public and private sectors can collectively combat cyber threats and safeguard the digital landscape from malicious actors seeking to exploit vulnerabilities and undermine security.