Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.
Welcome to 2020! Welcome to a new decade already rich in global cyber threats. The biggest news of the year has been the Iran-U.S. crisis. Though the two nations ratcheted back physical attacks, the FBI and Department of Homeland Security warn that Iran poses an ongoing cyber threat to the U.S. According to a CNN report, the intelligence bulletin issued by the FBI and Department of Homeland Security outlines that Iran is continuing to prepare for cyberattacks against the U.S. and its allies that could cause “temporary disruptive effects.” CNN states that the Department of Homeland Security issued a separate alert to American cybersecurity teams, urging them to “enhance monitoring of network and email traffic,” including email phishing attempts.
A Washington Post article reports that pro-Iranian hackers have launched a series of digital strikes including spreading misinformation through hacked Twitter accounts. Sen. Gary Peters (Mich.) remains “very concerned about possible retaliatory cyberattacks on the U.S.” He warns that “a major incident could severely disrupt our energy, financial, and telecommunications networks.” The New York Times writes that “cybersecurity experts and government officials are already monitoring an uptick of malicious activity by pro-Iranian hackers that they believe are harbingers of more serious computer attacks from Tehran, including possible efforts aimed at destroying government databases.” Warns Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, the Department of Homeland Security’s computer security arm, “You need to get in the head space that the next breach could be your last.”
Electric grid cybersecurity needed; bipartisan effort proposed
Public utilities remain vulnerable to foreign operatives and attacks on the U.S. electric grid could compromise the country’s electric supply. A recent report from the Ponemon Institute found the rate of cyberattacks is worsening. Fifty-six percent of those surveyed reported at least one shutdown or operational data loss per year, and 25% were impacted by a mega attack, reports Pittsburgh Business Times. The article states that regulators are already on high alert and “hardening cybersecurity defenses is an absolutely critical step utilities must take to protect themselves and the grid from being compromised by malicious actors.” Recently, the PROTECT Act, a bill passed by the Senate Energy Committee, will direct the Federal Energy Regulatory Commission (FERC) to give incentives to electric utilities to encourage them to boost their cybersecurity technology, states the article. The intention of the bill is to “stimulate the considerable investment in technology, human resources, and training needed to address this ever-evolving threat.”
2020: The year for small businesses to wake up
Big or small, we know that all businesses are a target for cyberattacks. According to a Forbes article, 2020 will be the year for small businesses to wake up to increased cyberattack by implementing much more stringent and disciplined cybersecurity defenses. The author, Paul Lipton, CEO of BullGuard, believes that ransomware will become more sophisticated and that there will be an increase of blackmail attacks and phishing scams by which attackers will use information as a “springboard for accessing supplier/client networks.” Lipton stresses the importance of religiously applying upgrades of antivirus software on endpoint devices, “critical to nullify zero-day threats, quarantine infected devices and proactively monitor for breaches.”
Partner blog of interest: PKI Solutions: A look back at conversations with the brightest minds in cybersecurity