Vulnerabilities & Cyber News

Cybersecurity In The News:

November 2021

Avoiding Student Aid Scams - Alert: A number of offers for financial aid or help (such as a “pandemic grant” or “Biden loan forgiveness”) have circulated during the coronavirus pandemic. Below, we’ll teach you how to avoid and report fraud.

September 2021

Federal Cyber Chiefs Back Mandatory Incident Reporting (GovTech) - Improving national cybersecurity means requiring organizations to report incidents — and giving these requirements enforcement teeth, said CISA Director .

Today’s cybersecurity challenges are truly unprecedented (AT&T) - Agencies everywhere—especially at the state and local level—are constantly bombarded by attempted hacks and other cyberthreats through ransomware and malware.

Register for CISA’s 4th Annual National Cybersecurity Summit - The Cybersecurity and Infrastructure Security Agency (CISA) is hosting the 4th Annual National Cybersecurity Summit. The virtual Cybersummit is free to attend and will bring together stakeholders from across the country. Each Wednesday throughout October, CISA will host a new theme focused on CISA’s mission to “Defend Today, Secure Tomorrow” with presentations from targeted leaders across government, academia, and industry. Please register to attend and receive links to the sessions. The Cybersummit is intended to be an inclusive event and will be particularly valuable for senior leaders, Chief Information Security Officers, general counsels, analysts, practitioners and policy experts at public and private sector organizations who have shown a commitment to advancing cybersecurity and risk management discussions.

CISA Issues Guides & Resources - CISA has issued several guides and resources over the past several weeks:

·  Launching the Joint Cyber Defense Collaborative, a collaboration between federal, state, local, tribal, and private-sector partners to develop and execute whole-nation cybersecurity plans. The coalition looks to create unified objectives and plans, share insights, implement preventative measures, and support joint exercises between all parties.

·  Communications and Cyber Resiliency Guide to support public safety agencies and others responsible for communications networks in evaluating and improving resiliency capabilities.

·  Cybersecurity Workforce Training Guide to assist future and current federal, state and local staff expand their cybersecurity skills and career options.

·  CISA’s Information and Communications (ICT) Supply Chain Risk Management Task Force has been extended until July 2023. Read more about the task force here and see the ICT Supply Chain Resource Library here

·  A fact sheet to address the rise in ransomware attacks and highlight measures to prevent attacks and protect sensitive and personal information if an attack does occur.

States Consider Banning Ransomware Payments - New York, Pennsylvania, and North Carolina are considering legislation that would ban state and local government agencies from paying ransom. While these actions possibly may deter future ransomware attacks, there is debate whether any such actions are overly punitive towards the victim instead of the attacker.

Rising Cost of Ransomware Affects Cyber Insurance Rates (CyberScoop) - C-Suite executives at both AIG and Chubb stated recently that their companies were charging members more based on the rising rate of ransomware attacks. Ransomware now accounts for 75% of all cyber insurance claims, and member premiums are unable to keep up with the increased cost. Impacts of the crisis may include even higher premiums, limited coverage, or even insurance providers exiting the market. 

K-12 Cyber Incidents Expected to Rise by 6% (Cyber Scoop) - The Center for Internet Security (CIS) predicts that attacks will rise by 86% over the next year based on data from academic institutions. 

There’s No Easy Fix to the Worsening Ransomware Epidemic - Criminals will keep using ransomware as long as its profitable, but outright banning all payments could be deeply painful for critical sectors and small businesses. The road ahead is full of policy hurdles.

White House, Private Firms Meet Over National Cybersecurity - Senior federal officials met with education, insurance, critical infrastructure and technology organizations to talk expanding the cybersecurity workforce, defending essential systems and designing more secure tech products. 

SIM Swapping Is a Growing Cyber Threat (Gov Tech) - From cryptocurrency thefts to hacking bank accounts, SIM swapping is a growing threat online. Here are relevant definitions, real-world examples and tips to help stop cyber criminals.

How Local Governments Can Get Ahead of Their Threat Opponents - Government entities are vulnerable to a multitude of attacks, including hacking, ransomware and distributed denial-of-service. Many agencies are simply unprepared to defend themselves against these assaults on their own.

Eliminating Alert Fatigue to Get to the Data That Matters: A New Approach to Threat Detection and Response - Now that state and local governments have adjusted operations to cope with the pandemic, it is clear that many changes made during this time will become permanent moving forward. 

Future-Proofing Cybersecurity for Government and Education - For small and mid-sized organizations, the new hybrid work environment poses significant challenges...Government and education IT officials consistently name cybersecurity as their No. 1 concern. Cybersecurity became a more urgent priority as the COVID-19 pandemic forced many employees to work from home. Even as the pandemic wanes, a large number of agencies and schools will likely keep at least some of their operations remote over the long term.

Information Campaigns and COVID-19 Vaccine Messaging: Applying Lessons Learned from the 2020 Election (NGA) - This memorandum explores different state tactics for countering election-related information campaigns to augment COVID-19 vaccine messaging efforts. It suggests doing so may build better public resilience to false information and restore trust in official sources of information.

August 2021

The Cybersecurity 202: The government’s facing a severe shortage of cyber workers when it needs them the most (Washington Post)

Expired Driver’s Licenses Open Lane for Cybercriminals (Pew Trusts) - After the COVID-19 pandemic hit last year, many states issued emergency declarations allowing driver’s licenses to remain valid past expiration dates. But those extensions mostly have ended, and drivers now need to make sure their licenses are renewed....and scammers are exploiting that shift, cybersecurity experts say.

Today’s cybersecurity challenges are truly unprecedented (AT&T) - Agencies everywhere—especially at the state and local level—are constantly bombarded by attempted hacks and other cyberthreats through ransomware and malware.

Cybersecurity and Infrastructure Security Agency (CISA) - releases a new fact sheet to help organizations protect sensitive and personal information from ransomware-caused attacks, and protect against and respond to ransomware-caused data breaches. In this fact sheet, CISA encourages organizations to adopt a heightened state of awareness and implement the recommendations to reduce their risk to ransomware and protect sensitive and personal information. Public and private sector partners will find information on preventing and responding to ransomware-caused data breaches.

White House, Private Firms Meet Over National Cybersecurity - Senior federal officials met with education, insurance, critical infrastructure and technology organizations to talk expanding the cybersecurity workforce, defending essential systems and designing more secure tech products.

RETAIL COMPANIES INCREASINGLY TARGETED BY CYBER CRIME - The retail industry has historically faced challenges dealing with crime – typically via shoplifters and insider threat. Within the cyber realm, this business sector has been hit hard by cyber extortion schemes – cybercriminals that infiltrate their company networks typically don’t encrypt their stored data, instead electing to inform the victim that they will leak the stolen company information online if the extortion monies aren’t paid.

UNSECURED CLOUD STORAGE “BUCKETS” BECOMING COMMONPLACE - Cloud-based storage has become a standard for many companies/organizations to store mass amounts of data – much of it being highly sensitive data – to reduce IT costs and enhance data sharing throughout their workforce. Unfortunately, these buckets are increasingly misconfigured and openly exposing that data to anyone that is looking for it. One security team’s analysis of unsecured buckets identified over 4000 of them (some were highly respected businesses and law firms) – and the problem is growing. 

HACKER WHO PULLED OFF $600 MILLION HEIST OFFERED A JOB - A cryptocurrency vendor made history as incurring the largest-ever cryptocurrency theft - $600 million. Shortly after the theft, the hacker agreed to return the stolen virtual cash (which did happen) – and in an even more bizarre twist, the cryptocurrency company offered the hacker a job as its “Chief Security Advisor” and paid the hacker $500k bounty to the individual to return the money.  

BEC SCAM HITS SMALL TOWN WITH A $2.3m LEARNING OPPORTUNITY - The town of Peterborough, NH (pop: 6284), fell victim to a Business Email Compromise (BEC) scam that resulted in a loss of $2.3 million. Scammers leveraged spoofed email accounts and convincingly falsified documents that were emailed to city employees that tricked them into transferring large amounts of money to criminal-owned bank accounts. The Secret Service determined the money was immediately laundered, converted to cryptocurrency and is irretrievable. $2.3 million accounts for nearly 15% of the small town’s annual operating budget.  

July 2021

COORDINATED ACTION CUTS OFF ACCESS TO VPN SERVICE USED BY RANSOMWARE GROUPS - Law enforcement and judicial authorities in Europe, the U.S., and Canada seized the web domains and server infrastructure of DoubleVPN. This is a virtual private network (VPN) service which provided a safe haven for cybercriminals to attack their victims. 

STATEMENT FROM CISA ACTING DIRECTOR WALES ON EXECUTIVE ORDER TO IMPROVE THE NATION’S CYBERSECURITY AND PROTECT FEDERAL NETWORKS - After President Biden signed an executive order to improve the nation’s cybersecurity and protect federal government networks, Brandon Wales, Acting Director if the Cybersecurity and Infrastructure Security Agency (CISA) released a statement about the importance of this step forward after the recent ransomware attacks on the Colonial Pipeline.

CISA AND CYBER.ORG PARTNER TO DELIVER CYBER SAFETY VIDEO SERIES - The Cybersecurity and Infrastructure Security Agency (CISA) and CYBER.ORG jointly announce a cyber safety video series to help those learning or working online take proactive steps to protect themselves and their business. The video series currently includes five videos that provide easy to understand cybersecurity concepts which include tips to avoid becoming a victim of a ransomware attack.

CISA LAUNCHES CAMPAIGN TO REDUCE THE RISK OF RANSOMWARE - The Cybersecurity and Infrastructure Security Agency (CISA) announces the Reduce the Risk of Ransomware Campaign, a focused, coordinated, and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.

CISA AND MS-ISAC RELEASE JOINT RANSOMWARE GUIDE - The Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing a joint Ransomware Guide meant to be a one-stop resource for stakeholders on how to be proactive and prevent these attacks from happening and also a detailed approach on how to respond to an attack and best resolve the cyber incident.

Chief Information Security Officer Dennis Leber Honored by National Security Leaders (UTHSC) - Dennis E. Leber, PhD, assistant vice chancellor and chief information security officer for Information Technology Services at UTHSC, has been named to the inaugural Top 100 CISOs (C100) listing by CISO Connect. Honorees were selected among distinguished security leaders across the U.S. by the CISO Board of Judges. “This award means a lot to me,” Dr. Leber said. “The selection committee comprises peer CISOs from top organizations and being recognized by your peers holds tremendous merit. It is a true honor, and I feel like I stand among giants.”

Homeland Security orders pipeline operators to strengthen cybersecurity to protect fuel supply chains (Illinois News Today) - On Tuesday, the Department of Homeland Security (DHS) issued new cybersecurity requirements to fuel pipeline owners and operators in response to a ransomware attack on the colonial pipeline. In a statement on June 20, the DHS said, “Implementing a number of urgently needed protections against cyber intrusions for owners and operators of key TSA-designated pipelines that transport dangerous liquids and natural gas. Announced the issuance of a security directive requesting.” Pipeline cybersecurity has gained a lot of attention after the May ransomware attack, which shut down the Colonial pipeline for a few days. The pipeline supplies about 45% of the fuel to the east coast, Gas station fuel shortage It has been reported in many states, including Virginia, North Carolina, Florida, South Carolina, Tennessee, and Alabama.

Rural site in Meigs County taking shape as TVA's new power center (Chattanooga Times-Free Press) - On a rolling meadow next to a forest of trees in the southern tip of Meigs County, America's biggest public power utility is building the brains for what it is calling the electricity grid for tomorrow. The Tennessee Valley Authority is spending $300 million to build a new and bigger power control center at this rural location to replace its system operations facility now housed in the basement of TVA's Missionary Ridge building in downtown Chattanooga.

Tennessee Guard joins national cybersecurity exercise (Air Force Cyber) NASHVILLE, Tenn. – Members of the Tennessee National Guard are participating in the nationwide cybersecurity exercise, Cyber Shield, July 10-24 at Joint Force Headquarters in Nashville. The annual exercise is designed to increase response capabilities and preparedness by simulating cyberattacks on infrastructure elements in the United States. Tennessee’s Defense Cyber Operations Element, 119th Cyber Operations Squadron, and Detachment 2, 175th Cyber Protection Team, are testing themselves as a team during the two-week exercise. “Participating in a training event like this is a real benefit to all of us,” said Maj. Ryan Henry, deputy chief of the Defense Cyber Operations Element. “Over the course of these two weeks, we will be graded and we will get a real idea of where we stand so that we can prepare our strategic training plan going forward.”

Popular cybersecurity summer camp underway in Decatur (WAFF Huntsville, AL) - Dozens of students from the Tennessee Valley are spending time this week at Calhoun Community College in Decatur. They’re participating in the school’s first week-long cybersecurity summer camp. Monday kicked off two weeklong summer camps at Calhoun Community College in Decatur. WAFF got to check it out and learn about why it is so successful and why so many kids have signed up. The camp has been booked for several weeks. “Really, the primary goal of this camp is to expose kids who might not have a lot of exposure to it otherwise. For a lot of kids, they are not aware of these opportunities,” said Dean of Business and Communications Systems James Payne.

Connecticut Offers Incentives for Businesses, MSSPs to Install Cybersecurity Controls (MSSP Alert) - Connecticut has signed into law a new bill that bars state courts from penalizing businesses hit by a data breach if the organization has previously implemented certain cybersecurity controls. The Connecticut measure, aptly named “An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses,” aims to reward companies for creating and maintaining a written cybersecurity program with administrative, technical and physical safeguards to protect both personal information and the businesses’ confidential data. This is the latest in a growing list of state- and national-level legislation that may impact how MSSPs safeguard customer data. At the national level, the big item to watch is President Biden’s executive order on cybersecurity, which specifically mentions IT service providers more than a dozen times.

Microsoft Exchange hack caused by China, US and allies say (AP) - The Biden administration and Western allies formally blamed China on Monday for a massive hack of Microsoft Exchange email server software and accused Beijing of working with criminal hackers in ransomware attacks and other cyber operations. The announcements, though not accompanied by sanctions against the Chinese government, were intended as a forceful condemnation of activities a senior Biden administration official described as part of a “pattern of irresponsible behavior in cyberspace.” They highlighted the ongoing threat from Chinese government hackers even as the administration remains consumed with trying to curb ransomware attacks from Russia-based syndicates that have targeted critical infrastructure.

US, allies accuse China of global cyber hacking campaign (Reuters) - The United States and a coalition of allies accused China on Monday of a global cyber hacking campaign that employed contract hackers, specifically attributing a large Microsoft attack disclosed earlier this year to actors working on Beijing's behalf. Opening a new area of tensions with China, the United States is joined by NATO, the European Union, Britain, Australia, Japan, New Zealand and Canada to level the allegations. "The United States and countries around the world are holding the People’s Republic of China accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security," U.S. Secretary of State Anthony Blinken said in a statement on Monday.

Biden Administration Blames Hackers Tied to China for Microsoft Cyberattack Spree (WSJ) - The Biden administration Monday publicly blamed hackers affiliated with China’s main intelligence service for a far-reaching cyberattack on Microsoft Corp. email software this year, part of a global effort to condemn Beijing’s malicious cyber activities. In addition, four Chinese nationals, including three intelligence officers, were indicted over separate hacking activity. The U.S. government has “high confidence” that hackers tied to the Ministry of State Security, or MSS, carried out the unusually indiscriminate hack of Microsoft Exchange Server software that emerged in March, senior officials said.

Tennessee firms hit hard by surge in cyber-crime during pandemic digital upheaval - Leading teledentistry startup SmileDirectClub was ramping up post-pandemic business and moving forward with worldwide expansion plans when a sudden attack shut down its computer systems.

StopRansomware.gov a new website was launched to help organizations reduce their risk of ransomware, and is the new ransomware homepage for federal government agencies to pool resources that can give businesses and organizations of all sizes the opportunity to better protect their networks. The website will also highlight the latest ransomware-related alerts from these agencies.

Harmonizing Government IT Will Take More Than Money - A U.S. House hearing last week heard testimony from experts who underlined the disconnect between federal, state and local IT as well as how leadership can stall efforts to improve digital user experience and cybersecurity. READ MORE

NIST Defines ‘Critical Software,’ Implications to Follow - The National Institute of Standards and Technology broke with tradition to define critical software based on what it does, not how it’s used by agencies. The vendor community should take notes. READ MORE

Cybersecurity Game Aims to Train 25K Specialists by 2025 - The National Cyber Scholarship Foundation is aggressively expanding its CyberStart game initiatives to entice undiscovered talent toward cybersecurity positions and address top-tier skill gaps. READ MORE

NIST Proposal Aims to Reduce Bias in Artificial Intelligence - The National Institute of Standards and Technology recently released a proposal regarding the risk of bias in the use of artificial intelligence to help reduce it. The agency is seeking comments from the tech community. READ MORE