Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.
Welcome September, time for a litmus test! Our students are back to school, we are on the brink of a presidential election, and our small businesses continue to struggle. Add in cyber risks, hackers, malicious attacks, ransomware, and COVID-19 scams and it’s clear that we continue to face disruption in all sectors.
With remote learning in full force across the state and country, as students “return” to school, cybersecurity threats are more prevalent. Just as criminals preyed on the increase of remote workers, students are also a target. Beth Anne Steele, spokesperson for the FBI Portland office, said that students remain a target for criminals because of their identities, according to KATU. “[Criminals] will take over their Social Security number and take a bunch of credit out in their child’s name, and then that destroys the child’s credit history before they’re at an age where they would even think of those things,” said Steele.
The FBI has a list of do’s and don’ts for parents to help protect their children:
- Closely monitor children’s use of edtech and online services.
- Research edtech service user agreements about data breach notifications, marketing, and/or selling of user data, data retention practices, and whether users and/or parents can elect to have student data deleted by request.
- Conduct regular internet searches of children’s information to monitor the exposure and spread of their information on the internet.
- Consider credit or identity theft monitoring to check for any fraudulent use of their child’s identity.
- Research parent coalition and information-sharing organizations available online for those looking for support and additional resources.
- Research school-related, edtech, and other related vendor cyber breaches, which can further inform families of student data and security vulnerabilities.
- Provide exact information on children when creating user profiles (e.g., use initials instead of full names, avoid using exact dates of birth, avoid including photos, etc.)
Malicious activity directed at presidential campaign; ransomware could be major threat
As we lead up to the Nov. 3 election, it’s no surprise that hackers are once again “injecting chaos,” targeting political parties, advocacy groups, and consultants, according to Microsoft in The Washington Post. Russia, China, and Iran are attempting to penetrate the Microsoft email accounts of those affiliated with the political campaigns.
“We think Russian military intelligence poses the greatest foreign threat to the elections,” said John Hultquist, director of intelligence analysis for the cybersecurity firm FireEye. “It’s concerning to find them targeting organizations associated with campaigns again.”
Hacking into campaigns is not new. “Moscow and Beijing have long sought to compromise the networks of presidential campaigns to glean insights into the plans and policies of the potential next president,” according to the article. Since the hacker troubles around the 2016 presidential election, there is more awareness now of the threat and coordination with federal cybersecurity agencies has increased.
Ransomware could also pose a significant threat to the U.S. election, according to Infosecurity Magazine, due to aging software and vulnerable voting machines. Editor Dan Raywood writes, “Ransomware could be deployed and lay in wait to be activated on election day, or once voting machines are activated, and could pose a significant threat to voting processes and procedures, potentially bringing voting operations to a halt.”
What are the threats to pre-election activities?
- Attacks of voter registration information could involve tampering with or deleting voter registration details so that the potential voter is unregistered and thus unable to vote
- Malware planted on a voter registration system could compromise the integrity of that data
- Voters’ data could be mined for personal identifying information and held for ransom, or it could be sold for criminal profit on the dark web
New COVID-19 scams targeting small businesses
Ransomware attacks are increasingly targeting smaller businesses, according to Insurance Business. “Small businesses often times don’t have incident response plans, so if their employees are working remotely and an employee has been breached, it’s very difficult for them to respond, in terms of what policies, procedures, and incident response plans that they should follow,” said Robert Pizarro, vice president of commercial specialty at AmTrust Financial Services.
Business News Daily warns that fraud schemes targeting small businesses is also surging. It highlights four popular scams to watch out for:
1. Unemployment scam
With the pandemic shutting down businesses across America, the federal government stepped in to help with added unemployment benefits. That enhancement was too much for the scammers to ignore, and they are now filing fake unemployment insurance claims.
In this scheme, the scammer gets a hold of names, Social Security numbers and other personal information and then files claims for benefits. The person being defrauded only learns of this when they receive a letter from the unemployment office in their state or the employer is notified of the claim.
2. SBA spoofing
Scammers hoping to capitalize on COVID-19 relief loans are tricking borrowers by sending emails purporting to be from the SBA. The emails include a link to a spoofed SBA website, which is used to steal the credentials of unsuspecting borrowers.
3. SBA loan scams
In one SBA loan scam, fraudsters claim that business owners must pay an upfront fee if they want their SBA loan approved quickly. The unscrupulous callers may even offer a bridge loan with a high interest rate while the business owner awaits federal aid.
4. Scam donation sites
Everyone wants to do their part to help others survive the pandemic, including small Scammers prey on that generosity by creating fake charities. They reach out to business owners and get them to donate to what they think is a pandemic-related cause, but really all the business owner is doing is lining the scammers’ pockets.
What SMBs — and others — can do to take action:
- Check the email source
- Maintain good records
- Avoid untraceable payment methods
- Secure your computer systems and devices
- Train your staff to spot scams
“You just have to be hypervigilant,” said Andrea McGrew, chief compliance and legal officer at USA Financial. “Most people are good and want to believe the other person has good intentions, but that’s not always the case. You have to be really cautious in who you let into your life at this time.”
Rising exposure of passwords
Passwords are a source of debate and contention, as we wrote last month. They continue to be a source of risk, facing a greater risk of being exposed, according to the latest report. Fox News cites that the average person uses 191 services that require them to enter passwords or other credentials. “More than 15 billion credentials are in circulation, up 300% since 2018.”
Warns Digital Shadows, the issuer of the report, “Credential lists are widely sold and traded on cybercriminal forums and marketplace, and full accounts for various services can be bought for even a few dollars.” Account takeover has never been easier for cybercriminals. The most sought-after credentials are:
- Access to organizations’ key systems
- Bank and other financial accounts
- Account accesses for antivirus programs
- Accounts for media streaming, social media, file sharing, virtual private networks (VPNs) and adult-content sites
Partner blog of interest: Zscaler: Working from Home: Greater Efficiency Brings Productivity