Description: US Immigration and Customs Enforcement accidentally exposed the names, birthdates, nationalities and locations of more than 6,000 immigrants who claimed to be fleeing torture and persecution to its website. The unprecedented data dump exposed the immigrants to retaliation from the very individuals, gangs and governments they fled, attorneys for people who have sought protection in the U.S

Description: FEMA stated that they mistakenly exposed the personal information, including addresses and bank account information, of 2.3 million disaster victims. The breach occurred because FEMA did not ensure a private contractor only received the information it required to perform its official duties. The victims affected include survivors of Hurricanes Harvey, Irma, and Maria and the 2017 California wildfires. The report found FEMA's failure to protect their data put them at risk of identity theft and fraud. According to the report, some of the data collected, such as addresses and Social Security numbers, were necessary to give aid. but other information, like electronic bank account information, was not considered necessary.

Description: In order to assist critical infrastructure organizations in thwarting ransomware gang attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new information detailing security flaws and configuration errors that ransomware gangs have exploited. This information was made public by CISA as part of the Ransomware Vulnerability Warning Pilot (RVWP) program, and said that it would notify critical infrastructure organizations of any ransomware-vulnerable devices found on its network. Since its launch, CISA's RVWP has found and exchanged information about more than 800 susceptible systems with internet-accessible flaws regularly targeted by various ransomware activities. The U.S. cybersecurity agency has also released a dedicated website, StopRansomware.gov, which acts as the focal point for CISA's initiative to give defenders all the information they need to anticipate and neutralize ransomware assaults.

Description: A Department of Justice employee's email account was compromised by a hacker, who took 200GB of data, including records of 20,000 FBI workers and 9,000 DHS employees. Delving deeper into the archive, one finds information about DHS security experts, programme analysts, IT, infosec, and security, as well as 100 individuals who hold the title of intelligence. Motherboard claims that a hacker gained access to a Department of Justice employee's email account. As evidence, the hacker used the hacked account to send the email directly to Motherboard contributor Joseph Cox. The apparent job titles, names, phone numbers, and email addresses of over 9,000 purported Department of Homeland Security (DHS) workers and over 20,000 purported FBI employees.

Description: DHS had a privacy incident that resulted in the exposure of information for 247,167 active and retired federal employees. The database utilised by the DHS Office of the Inspector General (OIG) and kept in the Department of Homeland Security OIG Case Management System was compromised by a data breach. Employee names, Social Security numbers, dates of birth, jobs, grades, and duty locations are among the data that has been made public. In addition to putting additional security measures in place to restrict access to this kind of information, the Department of Homeland Security notified those who were impacted through notification letters.

Description: CISA faces potential undermining from elements within the Heritage Foundation who seek to scale back its operations, especially concerning its role in mitigating misinformation online. This approach could significantly weaken the agency, impacting its principal cybersecurity functions and potentially affecting its efforts to combat foreign propaganda. If the 2024 election leads to an administration aligning with the Project 2025 playbook, CISA could experience reduced effectiveness or an existential crisis. Such a shift could have far-reaching consequences for national cybersecurity and the protection against online falsehoods that threaten societal stability.

Description: Amid rising cyber threats, the Heritage Foundation's Project 2025 proposes to significantly reduce the scope of CISA, which could undermine the agency's ability to protect against cyber attacks and misinformation. This move aligns with former President Trump's agenda and his critique of CISA's role in debunking electoral misinformation. If implemented, CISA's counter-misinformation efforts would be halted, its relationship with social media firms would change, and its cyber defense responsibilities could be redistributed to military and intelligence agencies. As a result, the United States could face an increased risk of cyber threats that can disrupt societal stability, influence elections, or compromise sensitive information.

Description: As a relatively new and essential cyber-security component of the DHS, CISA faces a significant potential setback. With changing political climates and Trump’s apparent intentions to reshape the agency, its core missions of protecting government systems and supporting private and nonprofit entities could be compromised. Employees fear that reduced corporate oversight and a possible dismantling or repurposing of the agency may impair its ability to safeguard against cyber threats, potentially weakening national cybersecurity infrastructure. There is a palpable fear among the staff of a decline in efficacy and a change in direction that could pose threats not just to the agency's mandate but also to the broader security landscape.

Description: The Cybersecurity and Infrastructure Security Agency (CISA), created in 2018, faces uncertain times as the return of former President Trump could significantly alter its function and direction. Trump's promises to reduce government spending and oversight have CISA staffers concerned about the potential dismantling of cybersecurity initiatives and a shift in focus toward immigration enforcement. The agency, which has a reputation for bipartisanship and was involved in election security and countering online misinformation, now finds itself at odds with Republican claims of censorship and surveillance. The fear of policy reversal and mission compromise looms among the employees, who remain dedicated to protecting national cyber infrastructure.

Description: The DHS memo highlighted the vulnerability of US cities to weaponized drones, with extremists potentially modifying drones to carry threats like explosives and chemicals. Despite observing nefarious drone activities, local authorities often lack the authority to intervene. To combat this, the DHS has recommended repositioning CCTV cameras, training police on handling hazardous drones, and deploying sensors for drone detection. The rising threat emphasizes the need for improved countermeasures and preparedness against unmanned aircraft systems.

Description: The DHS encountered growing threats from commercial drones being modified to carry hazardous payloads, impacting national security. Attempted mitigations include improved detection and response capabilities through local law enforcement training and technology deployment. These clandestine drone activities pose a significant risk, requiring urgent action and cooperation between federal and local agencies to ensure public safety and preserve critical infrastructure.

Description: The DHS has identified a growing threat from commercial drones being weaponized by violent extremists in the US. Although technological capabilities are advancing, state and local law enforcement lack the authority and means to effectively counter this new form of aerial menace. Despite efforts to enhance detection and response, including repositioning CCTV and training police to handle hazardous drones, the accessibility of advanced evasion technologies complicates tracking and neutralization efforts. Reports of uncorroborated drone sightings have increased public concern, prompting the DHS to seek expanded legislative counter-drone authorities.

Description: The Cybersecurity and Infrastructure Security Agency (CISA) faced a tumultuous period marked by significant breaches, including the Salt Typhoon espionage campaign linked to Beijing, which compromised American telecoms, collecting sensitive data such as call logs, recordings, and potential location information. The largest hack in US telecom history occurred under the leadership of Jen Easterly, who was not asked to stay post-Inauguration Day. Her departure coincided with demands for CISA to become 'smaller' and 'more nimble' and the dismissal of the Cyber Safety Review Board members who were investigating the breaches, potentially jeopardizing the agency’s future and national cybersecurity.

Description: Daniil Kasatkin, a 26-year-old Russian professional basketball player, was arrested at Charles de Gaulle Airport in Paris on June 21, 2023, for his alleged involvement in a ransomware gang that operated between 2020 and 2022. The gang is accused of targeting around 900 organizations, including two US federal agencies. Kasatkin is facing charges of 'conspiracy to commit computer fraud' and 'computer fraud conspiracy.' His lawyers deny the allegations, claiming he is not tech-savvy and was unaware of any unlawful activities. The US has not yet released any statements or evidence regarding the crimes.