Cyber Daily: Social Media Needs Dedicated Regulator, New York Watchdog Says | Federal Auditor …

Twitter and other big socialmedia players should have to answer to a dedicated watchdog, according to New York’s top financial regulator. The New …

Other news: EU probe of a Twitter data breach disclosed in 2019 won’t be resolved this year; FAA must address cybersecurity deficits; hackers probed U.S. Census Bureau; and Miami tech firm does battle with ransomware attackers.

Social-Media Watchdog

New York regulator urges oversight for social-media giants. New York’s top financial watchdog said a dedicated regulator should oversee large social-media platforms, which should also be designated as systemically important, following a successful cyberattack on Twitter Inc. during the summer.

The New York State Department of Financial Services made the recommendations Wednesday as part of a 37-page report about the July 15 attack in which a number of prominent accounts, including those of former Vice President and Democratic Party presidential candidate Joe Biden and Tesla Inc. Chief Executive Elon Musk , were used to promote a cryptocurrency scam.

“Social-media platforms have quickly become the leading source of news and information, yet no regulator has adequate oversight of their cybersecurity. The fact that Twitter was vulnerable to an unsophisticated attack shows that self-regulation is not the answer,” said Superintendent of Financial Services Linda Lacewell in a statement accompanying the report.

Twitter cooperated with the DFS investigation and has since launched a number of initiatives dedicated to security and privacy, including training for employees, a company spokesperson said.

Big Number

< 3%

Amount of its total technology budget the average U.S. state allocates to cybersecurity, according to the 2020 annual survey from the National Association of State Chief Information Officers and Deloitte.

More Cyber News

Twitter data-breach case won’t be resolved before year’s end, Ireland’s regulator says. Eleven European privacy regulators objected to a draft ruling issued in May by Helen Dixon , head of Ireland’s Data Protection Commission, WSJ Pro reports. That kicked off a required dispute-resolution process and has led to the delay, Ms. Dixon said at The Wall Street Journal’s virtual CIO Network conference on Wednesday. She didn’t identify the regulators who objected to the decision, or say whether their complaints were over the substance of the ruling or the size of the fine. The contents of the draft decision haven’t been disclosed. Twitter declined to comment.

FAA protection of aviation systems needs work, watchdog charges. The Federal Aviation Administration must improve its cybersecurity practices for aircraft control systems, including better training for inspectors, according to the Government Accountability Office. In a new report, the GAO said that the FAA hasn’t adequately address cyber risks, Federal Computer Week reports.

Among the GAO’s recommendations:

Improve training of FAA inspectors who assess cybersecurity measures used by aircraft and parts makers.

Develop plans for testing the cybersecurity of new airplane designs.

Prioritize and coordinate cyber assessments with manufacturers and other federal agencies.

Hackers probed U.S. Census Bureau. “Unidentified cyber actors” have conducted vulnerability scans and attempted to access the Census Bureau in the last year, the Department of Homeland Security revealed in its 2020 Homeland Threat Assessment. The report doesn’t attribute the activity to a particular nation but notes that Russian actors have shown interest in discrediting the 2020 Census and undermining trust in government organizations.

Miami tech services firm hit in ransomware attack. Files that appear to belong to Intcomex, which provides technology and services to customers in Latin America and the Caribbean, were found on a Russian-language online forum, CyberNews reports. Exposed information includes credit-card and passport data. Intcomex said it has taken steps to protect its systems and investigate the incident.

Securing the Future of Connected and Autonomous Car Technology: A new analysis from WSJ Pro Cybersecurity’s research group looks at how auto makers, companies operating large vehicle fleets and suppliers see the role of security for public safety and trust.