Short Takes – 8-31-23

Microsoft joins a growing chorus of organizations criticizing a UN cybercrime treaty. CyberScoop.com article. Pull quote: ““We need to ensure that ethical hackers who use their skills to identify vulnerabilities, simulate cyberattacks, and test system defenses are protected,” Amy Hogan-Burney, associate general counsel for cybersecurity policy and protection at Microsoft, wrote in a LinkedIn Post. “Key criminalization provisions are too vague and do not include a reference to ‘criminal intent,’ which would ensure activities like penetration testing remain lawful.””

Hicks takes direct oversight of Pentagon’s UAP office; new reporting website to be launched. DefenseScoop.com article. Pull quote: “The Pentagon’s second-in-charge [D eputy Defense Secretary Kathleen Hicks] took action late last month, partly to help speed up AARO’s development and launch of a congressionally mandated public website where the organization will be expected to disclose its unclassified work and findings and offer a secure mechanism via which users can submit their own reports of possible UAP observances.”

US water infrastructure ‘unsustainable’ amid rapidly evolving crisis, report warns. NextGov.com article. Pull quote: “The report attributes inadequate conditions across the water and wastewater industries to "decades of chronic underfunding and underinvestment" in the U.S. and makes several recommendations to increase water supply sustainability, from aquifer recharges to developing highly integrated water management systems.”

Ensuring safe transportation of anhydrous ammonia: A shared responsibility. Agri-Pulse.com commentary. Pull quote: “The [2019] Beach Park incident serves as a reminder of the dangers of transporting anhydrous ammonia. It proves that failure with even small equipment can have major consequences. To address these safety concerns, PHMSA has undertaken comprehensive, data-driven research on nurse tank fatigue to identify risks and reduce nurse tank failures. In addition, PHMSA has conducted extensive outreach with farmers and the agricultural industry to inform about the safety regulations for transporting anhydrous ammonia.”

CISA Warns of Hurricane-Related Scams. CISA.gov alert. Pull quote: “Social engineering TTPs include phishing, in which threat actors pose as trustworthy persons/organizations—such as disaster-relief charities—to solicit personal information via email or malicious websites. CISA recommends exercising caution in handling emails with disaster-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas and texts messages related to severe weather events.”

CISA faces ‘significant concerns’ over losing chemical security staff during reauthorization stalemate. FederalNewsNetwork.com article. Pull quote: ““If we have the same level of appropriations, but no authorization, or if our appropriations did go down, I do have significant concerns that we will lose team members during this uncertainty as this lapse continues and certainly if it continues past the fiscal year,” Murray said during the summit. “But until we see what the numbers are for appropriations or authorizations, I couldn’t answer any specifics.””