Cyber Oregon https://cyberoregon.com Keeping Oregon Safe Online Mon, 21 Oct 2019 02:51:50 +0000 en-US hourly 1 https://wordpress.org/?v=5.2.4 Cyber Oregon Annual Cybersecurity Summit: November 8 https://cyberoregon.com/2019/10/21/cyber-oregon-annual-cybersecurity-summit-november-8/ Mon, 21 Oct 2019 14:00:35 +0000 https://cyberoregon.com/?p=6024 Cybersecurity threats are here, there, and everywhere – no organization is safe from threats, but there are prevention and defense strategies and best practices to implement. Whether your organization is an enterprise, small business, school, government, healthcare, or financial institution, you can learn from some of the great cybersecurity minds across the state, who will…

The post Cyber Oregon Annual Cybersecurity Summit: November 8 appeared first on Cyber Oregon.

]]>
Cybersecurity threats are here, there, and everywhere – no organization is safe from threats, but there are prevention and defense strategies and best practices to implement. Whether your organization is an enterprise, small business, school, government, healthcare, or financial institution, you can learn from some of the great cybersecurity minds across the state, who will share their insight and expertise to navigate today’s cyber challenges. The Cyber Oregon Annual Cybersecurity Summit, taking place November 8, 2019 in Bend. For more information and to register: http://www.techoregon.org/events/oregon-annual-cybersecurity-summit

TAO and Oregon Cybersecurity Advisory Council (OCAC) present this year’s Cyber Oregon Annual Cybersecurity Summit that will feature government leaders, CISOs from Oregon’s largest healthcare providers, and executives from regional community banks. The day will include a keynote and a lunch panel for all attendees focused on the global cyber landscape and the components of a cybersecurity plan that are often overlooked – including cyber insurance and crisis communication – in the event of a data breach.

There will be two tracks with multiple sessions: Technical Track for cyber practitioners and Business Track leaders to learn best practices. Who should attend? Corporate legal teams, data privacy professionals, business owners, C-Suite executives, and technology managers from all industries.

Here is the schedule:

9:00 a.m. – Opening Keynote

SCHEDULE

Phil R. Slinkard, Special Agent, Federal Bureau of Investigation, Cyber Division

10:30 a.m. – Track Sessions 1

TECHNICAL

Pragmatic Security Addressing INTERNAL Risks

Ryan Comingdeer, chief technology officer, Five Talent Software

BUSINESS

Healthcare and Privacy

MODERATOR: Leslie Golden, president, Instill Security LLC

PANEL

Ron Buchannan, CISO, St. Charles  

Brian Hole, cyber-security program manager and deputy CISO, Legacy Health        

Steve Person, CISO, Cambia Health Solutions

11:45 a.m. – Lunch Panel

Ancillary Services Critical to Your Cybersecurity Strategy

MODERATOR: Stephanie Hooper, senior account manager, 52 Limited

PANEL

Vic Martinez, commercial account executive, PayneWest              

Lora Haddock, founder & CEO, Lora DiCarlo            

Brian Ventura, information security architect, City of Portland

1:00 – Track Sessions 2

TECHNICAL

Pragmatic Security Addressing EXTERNAL Risks

Ryan Comingdeer, chief technology officer, Five Talent Software

BUSINESS

Best Privacy Practices by Community Banks

MODERATOR: Ben Gallo, president, Redhawk Network Security

PANEL

Nikki Hoffman, VP IT Manager, People’s Bank of Commerce          

Gary Propheter, COO, Bank of Eastern Oregon

 

The Cyber Oregon Cybersecurity Summit will take place at OSU-Cascades Graduate & Research Center, 650 SW Columbia Street, Room 209 and 110, in Bend, Oregon. Register today to secure your spot!

Sponsors for this Summit include Fortinet, McAfee, PayneWest, and PKI Solutions.

The post Cyber Oregon Annual Cybersecurity Summit: November 8 appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber tips for small businesses, employee cyber training, and ‘hacking back’ on the dark web https://cyberoregon.com/2019/10/18/cyber-news-roundup-cyber-tips-for-small-businesses-employee-cyber-training-and-hacking-back-on-the-dark-web/ Fri, 18 Oct 2019 14:00:01 +0000 https://cyberoregon.com/?p=6016 Own IT. Secure IT. Protect IT. That’s this year’s overarching message for National Cybersecurity Awareness Month (NCSAM), focusing on key areas including citizen privacy, consumer devices, and e-commerce security. The Department of Homeland Security in conjunction with the National Initiative for Cybersecurity Careers and Studies (NICCS) has extensive information for individuals, organizations, and businesses. Everything…

The post Cyber News Roundup: Cyber tips for small businesses, employee cyber training, and ‘hacking back’ on the dark web appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Own IT. Secure IT. Protect IT. That’s this year’s overarching message for National Cybersecurity Awareness Month (NCSAM), focusing on key areas including citizen privacy, consumer devices, and e-commerce security. The Department of Homeland Security in conjunction with the National Initiative for Cybersecurity Careers and Studies (NICCS) has extensive information for individuals, organizations, and businesses. Everything from social media tips, to keeping your work secure, to thefts and scams — available to all: https://niccs.us-cert.gov/national-cybersecurity-awareness-month-2019

We know that all businesses large and small are at risk for cyber-attack. As cybersecurity threats continue to escalate, 43% of cyber breaches claim small businesses, according to the Verizon 2019 Data Breach Investigations Report. It is time for small businesses to prioritize cybersecurity, according to Forbes author, Frank Sorrentino. In his article, small businesses are the lifeblood of our nation’s economy, making up nearly 44% of our national GDP. He contends that small businesses make the mistake of assuming it won’t happen to them, so they forget basic preventative measures and often fail to invest in reliable security solutions. According to the article, common mistakes small businesses make are:

  • Wire transfer issues. Small businesses have continually fallen victim to those requesting fraudulent wire transfers in recent years. This can be avoided easily by carefully reviewing all payments before they are sent and verifying payee details – specifically, location and account information. One incorrect number could result in that wire winding up in the wrong hands.
  • Overlooking admin account access. Small businesses often give too many employees access to vital services and hardware through admin accounts. These accounts can be easily hacked, however, and are favorite targets of many cyber criminals. Consider dialing back the number of admin accounts your company has and make sure only necessary people are granted access.
  • Smart phone vulnerabilities. Despite what employees may think, their work phone or tablet are high risk targets. Conducting business or making purchases while using public Wi-Fi could put an individual, and the business they work for, at risk. Malware threats also lurk in third-party app sites as cyber criminals find it easy to trick people into downloading spoof apps.
  • Ransomware attacks. In recent years, ransomware threats have skyrocketed by nearly 350 percent. These attacks often appear as emails or mobile notifications denying access to an employees’ computer. If you receive a foreign email, don’t be so eager to open it.

Oregon’s Small Business Development Center network can provide helpful cybersecurity tips to small business owners: https://bizcenter.org/cybersecurity/.

Investing in your employee cyber training

How well is your employee equipped against malicious hackers that aim to steal data? An Entrepreneur article states that with the current IT infrastructure, most hackers can easily manipulate systems and use social engineering to outsmart companies’ employees. Studies indicate that the majority of cyber-attacks are caused by human error – almost 90%, in fact – reinforcing the need for continuous employee education on cybersecurity. CISO and ethical hacker, Remesh Ramachandran, recommends covering these security awareness topics in organizations’ employee training:

  • Different forms of cybersecurity threats: To effectively identify and prevent potential security breaches, employees will need an elementary enlightenment of the various ways that a threat can present itself.
  • Importance of password security: Explain to your employees that passwords are the first line of protection to protect your sensitive and valuable information from hackers.
  • How to identify and report cybersecurity threats: Employees are the eyes and ears of an organization on the ground. Every device they use or emails they receive may contain clues about a lurking malware, virus, password hack or a phishing scam.
  • Email, internet and social media policies: Emailing and browsing habits of an employee can expose the company to attacks. Therefore, it is crucial to include policies and guidelines in your training for using email, Internet and social media platforms.

The main purpose of the training process, according to Ramachandran, is to create a sense of shared responsibility and accountability for cyber hygiene so that everyone can keep update on ever-evolving cyber threats.

Underground store selling stolen credit cards hacked

Your organization may be doing all the right things, when it comes to investing in cybersecurity. Even those who do illegal business on the Dark Web get hacked. BriansClub, one of the largest underground stores for buying stolen credit card data, was hacked, as reported by Brian Krebs. In his article, Krebs states that more than 26 million credit and debit card records taken from hacked retailers over the past few years – approximately $414 million worth of stolen credit cards for sale. The Justice Department estimates the losses to be upwards of $4 billion, figuring that each stolen card record is valued at $500 apiece. According to Allison Nixon, director of security research for Flashpoint, a security intelligence firm, breaches of criminal website databases often lead not just to prevented cybercrimes, but also to arrests and prosecutions.

“When people talk about ‘hacking back,’ they’re talking about stuff like this,” Nixon said. “As long as our government is hacking into all these foreign government resources, they should be hacking into these carding sites as well. There’s a lot of attention being paid to this data now and people are remediating and working on it.”

Does this mean an end to the bad guys? Not at all. “Since the demand for stolen credit cards is on the rise, other vendors will undoubtedly attempt to capitalize on the disappearance of the top player,” says Andrei Barysevich, co-founder and Co at Gemini Advisory, a New York-based company that works with financial institutions to monitor dozens of underground markets trafficking in stolen card data.

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cyber tips for small businesses, employee cyber training, and ‘hacking back’ on the dark web appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Risks in Our Elections, Our Work, Even Our Games https://cyberoregon.com/2019/10/04/cyber-oregon-news-roundup-cyber-risks-in-our-elections-our-work-even-our-games/ Fri, 04 Oct 2019 15:00:11 +0000 https://cyberoregon.com/?p=5997 October is National Cybersecurity Awareness Month (NCSAM), an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. Yet, every month should be cybersecurity awareness month, every day, even. Not a day goes by when we aren’t faced with cyber risks in our…

The post Cyber News Roundup: Cyber Risks in Our Elections, Our Work, Even Our Games appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

October is National Cybersecurity Awareness Month (NCSAM), an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. Yet, every month should be cybersecurity awareness month, every day, even. Not a day goes by when we aren’t faced with cyber risks in our daily lives – whether voting in the upcoming elections, playing Words with Friends, sending emails at work…and the future of technology holds greater vulnerabilities.

With elections around the corner, experts suggest that voting machines pose a greater threat to our elections than foreign agents. Recent findings indicate significant security flaws in our country’s voting equipment that increase the vulnerabilities of our elections. An article in The Hill asks the question “How did the security bar get set so low?” Senator Ron Wyden (D-Oregon) says “right now there are no mandatory federal cybersecurity standards for elections. It is perfectly legal for the biggest voting machine company in America…to sell a small county equipment that every cybersecurity expert in America knows is insecure.”

Researchers continue to find ongoing security issues with the voting machine industry, including poor internal company security. The article says that in 2017, the largest U.S. voting machine vendor exposed encrypted employee passwords online. What could happen? “Using those passwords, hackers could have planted malware on the company’s servers, and that malware could then be delivered to voting systems across the country with official updates.” Author Lulu Friesdat suggests that these insecure voting systems are actually leading to incorrect election results. She cites data that more than 100,000 votes could be missing from a Georgia election held last year. According to cyber risk analyst Chris Vickery, “This is the type of stuff that leads to a complete compromise.”

From voting to gaming, cyber risks continue to plague us every day. More than 200 million players of the popular mobile games Words with Friends and Draw Something had their login information stolen, according to a CBS News report. Zynga, the publisher of the games, announced there was a data breach on September 12, 2019. According to the article, the hack exposed users’ names, email addresses, login IDs, some Facebook IDs, some phone numbers and Zynga account IDs. A CNET article reports that the hacker that goes by the name Gnosticplayers accessed a database that included data from Android and iOS players who installed the game before September 2.

Emerging technologies: cyber friend or foe?

What’s on the horizon? When it comes to hacks and cyber risks, hackers are becoming increasingly innovative with the techniques they use to access sensitive data, according to the article, “Cybersecurity experts warn that these 7 emerging technologies could put your online security at risk,” in Business insider, stating that new technologies are boons to hackers, who capitalize on people’s lack of understanding of how those technologies work, as well as undiscovered holes in new systems’ security. Here’s a list of the emerging technologies that present both great opportunities and great risks – with experts raising concerns:

  • AI-generated “deepfake” audio and video can help hackers scam people. Cybersecurity experts worry that hackers could use the technology for phishing scams.
  • Quantum computing could easily crack encryption. Experts worry that the technology could threaten encrypted data sets that organizations, such as banks, protect for decades.
  • 5G networks will bring faster speeds, and new vulnerabilities. Security pundits warn that the increased speed could make 5G devices more susceptible to DDoS attacks.
  • The Internet of Things (IoT) creates new threats to security infrastructure. Hackers are increasingly finding vulnerabilities in IoT networks and using them to compromise companies’ operations.
  • Hackers are using artificial intelligence (AI) to outsmart cybersecurity systems. Hackers can use AI-driven programs to quickly scan networks to find weak points, or predictive text functions to impersonate insiders and trick targets into handing over sensitive information.
  • Outsourcing high-tech functions to third parties, supply-chain hacks proliferate. Third parties increase vulnerabilities.
  • More operational functions are moving online. This expands the “attack surface.”

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cyber Risks in Our Elections, Our Work, Even Our Games appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Threats Are Here, There, Everywhere – Including the Cloud https://cyberoregon.com/2019/09/20/cyber-news-roundup-cyber-threats-are-here-there-everywhere-including-the-cloud/ Fri, 20 Sep 2019 14:00:12 +0000 https://cyberoregon.com/?p=5960 It’s a big world. A world full of big cyber threats. Whether it’s a breach of every citizen in Ecuador, or millions of Americans’ medical images and data available on the Internet for all to see, or new hacking groups – the latest cyber threats are real and big, and happening everywhere. The latest news reports…

The post Cyber News Roundup: Cyber Threats Are Here, There, Everywhere – Including the Cloud appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

It’s a big world. A world full of big cyber threats. Whether it’s a breach of every citizen in Ecuador, or millions of Americans’ medical images and data available on the Internet for all to see, or new hacking groups – the latest cyber threats are real and big, and happening everywhere.

The latest news reports that personal data about almost every Ecuadorean citizen has been exposed online. According to an article on BBC, names, financial information, and civil data of about 20 million people was found on an unsecured cloud server, available for all to see. The exposed files include official government ID numbers, phone numbers, family records, marriage dates, education histories, work records – a wealth of personally identifiable information (PII). Reporter Catalin Cimpanu, a ZD Net reporter who broke the story, said the information is “as valuable as gold in the hands of criminal gangs.” The source of the data, a Novaestrat database, has since been secured.

Meanwhile, closer to home, millions of Americans’ medical images and data medical data – including more than 16 million scans, names, birthdates, and in some cases, Social Security numbers – are available on the Internet, for anyone to view. ProPublica reports that hundreds of computer servers worldwide that store patient X-rays and MRIs are so insecure that anyone with a web browser or a few lines of computer code can view patient records. According to the article, “the insecure servers add to a growing list of medical records systems that have been compromised in recent years. Unlike some of the more infamous recent security breaches, in which hackers circumvented a company’s cyber defenses, these records were often stored on servers that that lacked the security precautions that long ago became standard for business and government agencies.”

Under U.S. law, HIPAA, health care providers and their business associates are legally responsible and accountable for security the privacy of patient data. The consequences of unauthorized access to such information could be devastating. “Medical records are one of the most important areas for privacy because they’re so sensitive,” said Cooper Quintin, a security researcher and senior staff technologist with the Electronic Frontier Foundation, a digital-rights group.

“What we typically see in the health care industry is that there is Band-Aid upon Band-Aid applied” to legacy computer systems, said Jackie Singh, a cybersecurity expert. She contends that it’s a shared responsibility among manufacturers, standards makers, and hospitals to ensure computer servers are secured.

Take precautions with cloud security

Mark B. Cooper, president and founder of PKI Solutions – and supporter of Cyber Oregon – says, “are we asking enough questions about cloud security for organizations to make informed risk management decisions?” More than 80% of organizations store their information in the public cloud, begging the question of cloud security. Cooper believes that organizations need to proceed with caution about what they store. He says, “A clear and strong identity management process and plan is critical in this turbulent time. As hybrid enterprise solutions evolve, including cloud and on-premises software, the need for stronger identity management and identity-as-a-service (IaaS) is a must.” Cooper will present the keynote “Cloud Insecurity: The Need for Stronger Identity Management,” at the Cloud Security 2.0 eSummit on October 17, 2019. For more information and to register: https://www.cyberriskalliance.com/cloud-security-2-0-esummit-thursday-october-17-2019/

Cyber Oregon sponsors, ZScaler and CrowdStrike, both cloud-based cybersecurity companies, announced a partnership that will provide businesses with real-time security protection across their computer networks. They will offer mutual customers always-on, zero-day, and ransomware protection with real-time, immediate protection against hackers, viruses and other virtual threats.

Here, There, Everywhere

The latest hacking group is targeting IT companies, attacking heavily in Saudi Arabia and the wider Middle East. The hacking group, dubbed TortoiseShell, uses custom and off-the-shell malware to gain domain admin level access to organizations, enabling them to gain access to all the machines on the network. According to a ZDNet article, a campaign that is focused on IT companies, is the first stage of a supply chain attack looking to compromise the IT suppliers as a stepping stone to their customers’ networks. “Compromising a web server, with a likely old exploit, can be a simpler approach than using e-mail. The alternative of using a phishing e-mail to compromise the victim generally required the attacker to have at least some knowledge of the email recipient in order to customize the email to that individual,” said Gavin O’Gorman, an investigator in the Symantec security response team.

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cyber Threats Are Here, There, Everywhere – Including the Cloud appeared first on Cyber Oregon.

]]>
Cyber News Roundup: 80% of Businesses Experienced a Cybersecurity Incident, What to Do https://cyberoregon.com/2019/09/06/cyber-news-roundup-80-of-businesses-experienced-a-cybersecurity-incident-what-to-do/ Fri, 06 Sep 2019 14:20:41 +0000 https://cyberoregon.com/?p=5926 If your organization has suffered a cybersecurity incident, you are not alone. In fact, 80% of businesses experienced a cybersecurity incident this past year, according to the latest report from Forrester Consulting. An article in Security Magazine, highlights the key – and very real – findings, including the fact that security incidents put customer privacy…

The post Cyber News Roundup: 80% of Businesses Experienced a Cybersecurity Incident, What to Do appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

If your organization has suffered a cybersecurity incident, you are not alone. In fact, 80% of businesses experienced a cybersecurity incident this past year, according to the latest report from Forrester Consulting. An article in Security Magazine, highlights the key – and very real – findings, including the fact that security incidents put customer privacy and safety at risk. With legal and compliance regulations hitting harder, the demands for cybersecurity reporting have intensified in recent years, and now, more than one-third of companies agree that they have lost business due to either a real or perceived lack of security. Increasingly C-level decision makers understand the value of effective security, and 82 % of decision makers agree that the way customers and partners perceive security is increasingly important to the way their firms make decisions.

Cybersecurity attacks can cripple small businesses that aren’t prepared. In a TechRepublic interview with security export Scott Logan, reporter Karen Roby outlines how cybersecurity is a big problem for small businesses who often don’t have adequate IT defense plans in place including infrastructure, services, solutions, and the right trained staff who can manage everything correctly. Logan outlines these inexpensive options for small companies to implement:

  • Invest in user training. A good social security awareness platform in place is key.
  • Disaster recovery plan in place. Logan says, “before [companies] start investing in a ton of security controls, make sure that you can recover from a threat. Make sure your backups are tested, and make sure that your disaster recovery policies and procedures are exercised so that you can recover.”
  • Understand your risks. Instituting a risk analysis program, including a risk assessment with a vulnerability assessment, will help you to understand where the weaknesses are.

What about your vendors?

Another level of cybersecurity organizations need to be concerned about – even small businesses — is your vendors. Do your vendors have a cybersecurity strategy in place? According to attorneys at Berman-Fink-Van Horn, an often-overlooked step in a company’s cybersecurity strategy is the failure to manage third party risks. In a Mondaq article, Jeffrey N. Berman recommends that a vendor’s cybersecurity strategy should address:

  • What steps does the vendor take to train its employees on cyber risks?
  • A description of its security program, including appropriate policies and procedures.
  • The administrative, physical and technical safeguards used and how they are maintained.
  • The vendor’s security breach procedures and incident response plan. For instance, how quickly will your company be notified of a data breach?
  • A representation that the vendor has cyber liability insurance.
  • A description of independent third-party assessments, audits or certifications.
  • Will the vendor subcontract any services or use other vendors? What data security steps will be taken?
  • Certification that the vendor complies with all applicable laws, regulations and industry standards.
  • Indemnification provisions in the event of a data breach.
  • An adequate definition of a security breach (this is often overlooked).

From small business, to enterprise, to government

Don’t take it personally. Every entity, whether it’s small business, large enterprise, or national government is at risk for cybersecurity incidents and attacks. With 4,000 ransomware attacks a day, “is certainly something that would be a key concern for the elections,” stated Anne Neuberger, director of the newly formed Cybersecurity Directorate at the national Security Agency (NSA), pointing to a key danger to the 2020 elections. In an article in The Hill, ransomware attacks have become a key issue over the past few months as various entities, including cities and school districts, have been hit by ransomware attacks, “in which the attacker encrypts an IT system and demands payment before allowing the user access again.

Neuberger emphasizes that the Cybersecurity Directorate will zero in on cyber and national security threats from countries including Russia, China, Iran, and North Korea. “We’re taking the same three-part approach: ensure there is threat intelligence, gain those insights, share that intelligence and be prepared to impose costs on an adversary when they attempt to influence our elections,” Neuberger said. 

Cyber Oregon partner blog of interest

The post Cyber News Roundup: 80% of Businesses Experienced a Cybersecurity Incident, What to Do appeared first on Cyber Oregon.

]]>
Cyber Oregon Expert Offers Insight on PPS Fraud Attempt https://cyberoregon.com/2019/08/21/cyber-oregon-expert-offers-insight-on-pps-fraud-attempt/ Wed, 21 Aug 2019 20:01:45 +0000 https://cyberoregon.com/?p=5785 In yet another example of the impact cyber criminals can have on our lives, Portland Public Schools nearly transferred $2.9 million to the account of a scammer posing as a legitimate contractor. This incident had a fortunate ending when the fraudulent transaction was discovered by Wells Fargo and the money returned to PPS. In reporting…

The post Cyber Oregon Expert Offers Insight on PPS Fraud Attempt appeared first on Cyber Oregon.

]]>
In yet another example of the impact cyber criminals can have on our lives, Portland Public Schools nearly transferred $2.9 million to the account of a scammer posing as a legitimate contractor. This incident had a fortunate ending when the fraudulent transaction was discovered by Wells Fargo and the money returned to PPS.

In reporting on the incident, KOIN 6 News tapped Charlie Kawasaki, CTO of PacStar and vice chair of the Oregon Cybersecurity Advisory Council to lend his insights into what happened, and how organizations can prepare themselves to avert such incidents.

Here’s what he had to say to the news organization:

“There are the more sophisticated scams which are really just fraud using computers, where a criminal organization might do a bit of research and send you an email that looks like it’s coming from your boss to an accounting department. It can say ‘Hey, can you very quickly perform a wire transfer for us? We forgot to pay our bill’ and so someone in a hurry in the middle of the day or the middle of the week might then fall for that when it looks like it’s coming from your boss.”

Watch the full news report below, or head over to KOIN 6 here.

The post Cyber Oregon Expert Offers Insight on PPS Fraud Attempt appeared first on Cyber Oregon.

]]>
DEF CON 27 Was Hacking Airplanes, Voting Machines, Cameras, Schools https://cyberoregon.com/2019/08/13/def-con-27-was-hacking-airplanes-voting-machines-cameras-schools/ Tue, 13 Aug 2019 15:00:15 +0000 https://cyberoregon.com/?p=5747 After a full week invading Las Vegas, top security conferences Black Hat USA 2019 and DEF CON 27 have come to an end…or is just the beginning? What a week it was! The conferences proved that nearly everything is hackable: Airplanes. This year marked the first-ever aviation village at DEF CON. According to an article…

The post DEF CON 27 Was Hacking Airplanes, Voting Machines, Cameras, Schools appeared first on Cyber Oregon.

]]>
After a full week invading Las Vegas, top security conferences Black Hat USA 2019 and DEF CON 27 have come to an end…or is just the beginning? What a week it was! The conferences proved that nearly everything is hackable:

  • Airplanes. This year marked the first-ever aviation village at DEF CON. According to an article in Cyber Scoop, “when it comes to cybersecurity, the mission is never-ending for the military.” Recently, government audits found flaws in weapons systems. Shannon Vavra writes that the Department of Homeland Security issued an alert that a vulnerability in small airplanes could allow hackers to alter flight data, such as engine readings, altitude, or airspeed.
  • Voting machines. The Washington Post article is saying, ‘Please break things’: Hackers lay siege to voting systems to spot weaknesses in security. Sen. Ron Wyden (D-Ore.) toured the Voting Village to see hackers working to expose weaknesses that could be exploited by attackers trying to interfere with elections. Most machines that are still used in elections across the country have well-known vulnerabilities.
  • DSLR cameras. Multiple vulnerabilities in Canon’s DSLR camera firmware could allow an attacker to plant malware on devices and ransom images from users, according to a ThreatPost recap
  • High schools. Eighteen-year-old hacker, Bill Demirkapi, presented his findings from his after-school hacking. Over the years, he has found serious bugs that would allow a hacker to gain deep access to student data, according to a Wired article.
  • Wi-Fi. We know Wi-Fi networks can be hacked, but security researcher, Mike Spicer, has been actively collecting and monitoring network traffic and web activity onsite at DEF CON for the last three years. He roams the halls with “Wi-Fi Cactus” hardware strapped to his backpack, made up of 25 Hak5 Pineapples, devices made to monitor, intercept, and manipulate network traffic. A complete write up is in C/NET’s article. It’s no wonder attendees tend to bring burner phones and leave their laptops in their hotel rooms!
  • Microsoft Azure? Microsoft is pushing for enhanced security for the Azure cloud computing service with the launch of increased bug bounty rewards, according to a ZDNet article. Financial rewards of up to $300,000 are available for Azure security challenges offered by Microsoft. In fact, Microsoft has awarded over $4.4 million in bug bounty rewards over the past 12 months. In other news, Apple has a huge bug bounty program, that will include rewards of up to $1 Million for a zero-click, full-chain kernel-code-execution attack. According to an InfoSecurity Magazine article, some security experts are concerned that these types of bounty programs could produce new exploits. Luta Security CEO Katie Moussouris says, “There is a logical limit which defensive prices cannot exceed because if you exceed them you start to see perverse incentives emerge. I think the offense market, also known as the black market, will very quickly adjust.”
It was a flurry of activity at Black Hat USA 2019.

Cyber Oregon supporters infiltrated Black Hat and DEF CON

Cyber Oregon supporters — including Crowdstrike, Eclypsium, Fidelis Cybersecurity, Fortinet, McAfee, Palo Alto Networks, PKI Solutions, Splunk, Symantec — had a strong presence at this year’s Black Hat USA, including several featured speakers and sessions, booths, and surprises. Eclypsium, Fidelis Cybersecurity, PKI Solutions, and Symantec, also had a big presence at this year’s DEF CON 27, including presentations and live-hacking demos.

Cyber Oregon sponsor, Eclypsium, saw lots of booth traffic at Black Hat USA 2019.

Cyber Oregon supporter, PKI Solutions enjoyed a lively presence onsite. Mark B. Cooper, president and founder of the company, spoke to a large crowd at DEF CON 27’s Crypto & Privacy Village, “How PKI and SHAKEN/STIR Will Fix the Global Robocall Problem.” In an effort to put an end to the robocall problem, the Federal Communications Commission (FCC) and major telecommunications companies including Comcast, AT&T, and T-Mobile are behind a new global standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using ToKENs and Secure Telephony Identity Revisited) to combat robocalls and caller ID spoofing. Public key infrastructure (PKI) is the backbone of SHAKEN/STIR, using digital certificates based on common public key cryptography techniques to ensure the calling number of a telephone call has not been spoofed.

Mark B. Cooper of PKI Solutions (left) with a fellow attendee wear #hiptoencrypt sunglasses, a fun giveaway by PKI Solutions.

Beyond hacks: the new culture of cybersecurity

Exploiting vulnerabilities, discussions around the latest threats, and hacking everything were core themes, security transformation in organizations was also a hot and important topic, as outlined by Square’s head of security, Dino Dai Zovi’s DEF CON 27 keynote, “Every Security Team is a Software Team Now.” According to an article in Security Boulevard, the new culture of cybersecurity can be put into practice in these three ways:

1. Work Backward from the Job

This involves identifying the actual job that Dev or Ops (or whoever) is trying to do, and finding out how Security can align itself. It involves listening, cooperation, and integration, and as such it makes security an enabler that can collaborate with other groups on the achievement of shared goals.

2. Seek and Apply Leverage

Zovi’s next principle directly addresses two powerful techniques for making security work:

  • Leveraging Automation: In a world where security talent is scarce and where rapid delivery and release are priority #1, leveraging automation builds in speed, standardization, and the ability to scale securely.
  • Leveraging Feedback Loops: Using feedback loops proactively builds in observability and enables continuous, incremental improvements. Reliability is important, but without observability, its value is greatly diminished. Securing your environments without continuous monitoring is counterintuitive and counterproductive.

3. Understand That Culture > Strategy > Tactics 

Dai Zovi’s third principle emphasizes that “Culture is way more powerful than strategy, which is way more powerful than tactics.” If organizations get the culture part right, productive strategies and tactics will almost naturally follow suit. Dai Zovi advocates for a culture where security is pervasive and is distributed throughout the organization. This way risk and responsibility are owned by everyone in the organization and are not just the purview of security. If you give your people responsibility, you empower them to make a full commitment to security and quality. You’re also taking advantage of a major opportunity to create teamwork among everyone in the organization and to create a reality where everyone is working towards shared goals. 

Cyber Oregon partner blog of interest:

The post DEF CON 27 Was Hacking Airplanes, Voting Machines, Cameras, Schools appeared first on Cyber Oregon.

]]>
Cyber News Roundup: What to Expect at Black Hat and DEF CON https://cyberoregon.com/2019/08/02/cyber-news-roundup-what-to-expect-at-black-hat-and-def-con/ Fri, 02 Aug 2019 18:52:08 +0000 https://cyberoregon.com/?p=5721 Your phone is leaking your personally identifiable information (PII). Learn how to break modern encryption and hack into a car. Explore ways to hack physical security, including disabling alarm systems and cameras. Hear lessons learned from running a national penetration testing competition. These are just some of many topics that will be explored – and…

The post Cyber News Roundup: What to Expect at Black Hat and DEF CON appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Your phone is leaking your personally identifiable information (PII). Learn how to break modern encryption and hack into a car. Explore ways to hack physical security, including disabling alarm systems and cameras. Hear lessons learned from running a national penetration testing competition. These are just some of many topics that will be explored – and exploited – next week. As Las Vegas sizzles at 100 degrees plus, hot security technologies and cybersecurity findings will also be sizzling at this year’s Black Hat USA 2019 and DEF Con 27 conferences. Black Hat USA, one of the world’s leading information security events, paired with DEF CON, the world’s largest hacking conference, bring together top cybersecurity professionals who will discuss top trends, top threats, vulnerabilities, research – and the latest reverse engineering, attacks, and hacks. Welcome to Vegas, Baby!

Hot topics this year include:

  • New attack surfaces
  • Wireless 
  • Mobile
  • Auto and aircraft hacking
  • Social media manipulation driven by malware
  • Artificial intelligence
  • Biohacking

What are the biggest cybersecurity concerns?

A recent poll reveals that Black Hat attendees are most concerned about vulnerability management, ransomware, container security, and compliance. In his article, Black Hat 2019 Braving the Heat and Chaos in Search of Peace of Mind, Tony Bradley states that what businesses and cybersecurity professionals really want is peace of mind and less stress in their lives. With two back-to-back conferences exposing the dark side of security, there’s a lot to be worried about – and a lot to learn. Do you want to learn how to exploit rare technologies? Do you want a deep dive into the world of Linux containers? How about how to perform how to efficiently assess internal networks? Or how to attack and defend the Microsoft Cloud? Black Hat USA will offer ample technical trainings including cryptography, forensics, IoT, malware, social engineering, and pen testing.

The keynote at Black Hat, “Every Security Team is a Software Team Now,” sums everything up: how security teams are becoming increasingly focused on the software side of things, and how everything has to be secure by design from the start. According to an article in ThreatPost, does every software team have to have a security component? Security and how it fits into everything is the new normal.

The folks at McAfee weigh in on what attendees should keep an eye out for at this year’s Black Hat, offering perspectives on topics and the latest cyber concerns. Read the Q&A here.

Cyber Oregon Supporters Flood Vegas

Cyber Oregon supporters will have a big presence at this year’s Black Hat USA, including several featured speakers and sessions, booths, and surprises:

Following Black Hat USA 2019: DEF CON 27

DEF CON 27 won’t disappoint. Whether it’s exploiting Windows, embedded hacking, hacking a small aircraft, or breaking Google Home, speakers will share their latest thoughts and research and attendees will get the chance to live hack.

What does ThreatPost anticipate at DEF CON? In a podcast, editor Tom Springs outlines, “Your sort of bread and butter hardware hacking sessions, software hacking, cloud hacking stuff…stuff that you would definitely anticipate really looking forward to. And they’ve got a lot of good stuff on breaking Google Home and…doing a lot of really interesting things with a lot of the Windows cloud configurations…some really fun quirky stuff.” Quirky stuff including hacking a Roomba. Tara Seals of ThreatPost says that a hacked Roomba could use that data to map out the floor plan, to plan a physical robbery. #scary

Firmware vulnerability issues continue to be an issue. Eclypsium, enterprise firmware security company and Cyber Oregon supporter, recently issued a baseboard management controllers (BMC) vulnerabilities report finding critical vulnerabilities and weaknesses in the firmware of popular computer servers, according to a Cyberscoop article. The data has forced manufacturers to take action and mitigate the security flaws.

“Most hardware vendors do not write their own firmware and instead rely on their supply chain partners,” Eclypsium said in recently-published research. “Firmware is quite commonly licensed from a third party and used with little modification, allowing vulnerabilities to extend to many different brands and products.”

Cyber Oregon supporters will penetrate DEF CON 27 with presentations with subject matter experts and live-hacking demos:

On Friday, August 9 a DEF CON 27, cybersecurity expert Mark Cooper, president and founder of PKI Solutions and Cyber Oregon supporter, will present “How PKI and SHAKEN/STIR Will Fix the Global Robocall Problem.” More than 48 billion robocalls were placed in 2018 and the Federal Communications Commission (FCC) estimates robocalls will constitute more than half of all phone calls placed in the U.S. this year. In an effort to put an end to this, the FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile are behind a new global standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using ToKENs and Secure Telephony Identity Revisited) to combat robocalls and caller ID spoofing. Public key infrastructure (PKI) is the backbone of SHAKEN/STIR, using digital certificates based on common public key cryptography techniques to ensure the calling number of a telephone call has not been spoofed.

Cyber Oregon partner blog of interest

The post Cyber News Roundup: What to Expect at Black Hat and DEF CON appeared first on Cyber Oregon.

]]>
Oregon Cybersecurity Leader Charlie Kawasaki Featured on KGW https://cyberoregon.com/2019/07/14/oregon-cybersecurity-leader-charlie-kawasaki-featured-on-kgw/ Mon, 15 Jul 2019 05:16:40 +0000 https://cyberoregon.com/?p=5640 While many people understand the need to build a larger cybersecurity workforce with trained cybersecurity experts, it takes dedicated cybersecurity leaders to push this initiative forward. One standout in this effort is Charlie Kawasaki, vice chair of the Oregon Cybersecurity Advisory Council (OCAC), CTO of PacStar, and co-founder of NW Cyber Camp – which kicks…

The post Oregon Cybersecurity Leader Charlie Kawasaki Featured on KGW appeared first on Cyber Oregon.

]]>
While many people understand the need to build a larger cybersecurity workforce with trained cybersecurity experts, it takes dedicated cybersecurity leaders to push this initiative forward. One standout in this effort is Charlie Kawasaki, vice chair of the Oregon Cybersecurity Advisory Council (OCAC), CTO of PacStar, and co-founder of NW Cyber Camp – which kicks off today and goes through the week.

Last Thursday, Kawasaki was featured on KGW-TV’s 6:00 p.m. newscast in a nearly 10-minute interview for the segment “Those Who Serve: Struggle and Success.” Reporter Pat Dooris details Kawasaki’s good work with Cyber Oregon, OCAC, NW Cyber Camp, PacStar, the Technology Association of Oregon, and Oregon State University, among other organizations. Kawasaki’s family had struggles while he was growing up, which is a foundational element for his commitment to give back to the next generation. He now spends hundreds of hours volunteering – it is his passion. With his work with NW Cyber Camp, Kawasaki says, “It’s the geek Dad equivalent of coaching your daughter’s soccer team but also inventing the league and running the league all at the same time.”

If you didn’t catch the segment, you can watch it and read about it here.

KGW’s Pat Dooris interviews Charlie Kawasaki.

“I’ve worked with Charlie for many years and he is incredibly inspirational. The Cyber Oregon team and the Oregon Cybersecurity Advisory Council have known for a long time just how energetic and impactful Charlie has been for making important initiatives happen and now even more people will know just what a force of nature and great guy that he is thanks to this well-reported story on KGW-TV,” said Megan McKenzie, founder and CEO of McKenzie Worldwide and OCAC secretary. 

In the interview with Dooris, Kawasaki says he gives back because he understands through experience how much a helping hand can make a difference.

NW Cyber Camp 2019 takes place July 15 through July 19, 2019.

NW Cyber Camp 2019

NW Cyber Camp 2019 kicks off this week – July 15 through July 19, 2019 – in three locations throughout Oregon (Wilsonville, Gresham, Corvallis). It’s a week-long intensive summer camp for high school students that offers hands-on cybersecurity training. Students will learn how to defend computer systems and networks from cyberattacks, breaches, and malware.

On Thursday, July 18, local cybersecurity experts will present at the Cyber Oregon Cybersecurity Summit: The Cyber Workforce, taking place at Mentor Graphics, 8005 Boeckman Rd, Wilsonville, OR 97070, from 3:00 p.m. to 5:00 p.m.

The post Oregon Cybersecurity Leader Charlie Kawasaki Featured on KGW appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cybersecurity is the Biggest Threat to the Global Economy https://cyberoregon.com/2019/07/12/cyber-news-roundup-cybersecurity-is-the-biggest-threat-to-the-global-economy/ Fri, 12 Jul 2019 15:00:33 +0000 https://cyberoregon.com/?p=5618 “CEOs see cybersecurity as the number one threat to the global economy over the next five to 10 years,” according to the latest EY report, the 2019 CEO Imperative Study, that surveyed global CEOs among Forbes Global 2000 and Forbes Largest Private Companies. Top global concerns among CEOs are climate change, geopolitical instability and conflict,…

The post Cyber News Roundup: Cybersecurity is the Biggest Threat to the Global Economy appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

“CEOs see cybersecurity as the number one threat to the global economy over the next five to 10 years,” according to the latest EY report, the 2019 CEO Imperative Study, that surveyed global CEOs among Forbes Global 2000 and Forbes Largest Private Companies. Top global concerns among CEOs are climate change, geopolitical instability and conflict, youth unemployment, lack of education, digitalization, and inequality, according to the report. Yet, despite these big issues, cybersecurity is the biggest threat to the global economy.

“Future corporate growth depends on trust, whether between corporations and customers, people and technology, or management and employees. The increasing risk of cyberattacks and the failure to find the right balance of digital and human in the workplace damages trust in all these critical dimensions,” explains Gil Forer, EY Global Markets’ digital and business disruption lead partner.

Cyber Incidents at All Levels

Whether you’re facing a business email compromise (BEC) or you’re using a photo editing app on your Android phone, cyber incidents occur at all levels with criminals constantly finding new ways to infiltrate your data. More than two million cyber incidents occurred in 2018, resulting in over $45 billion in losses, according to the Internet Society’s Online Trust Alliance’s (OTA) 2018 Cyber Incident & Breach Trends Report. The report finds that the financial impact of ransomware rose by 60%, while losses from BEC attacks doubled. Meanwhile, cryptojacking attacks more than tripled over the past year. According to a TechRepublic article, the actual financial impact of cyberattacks is likely higher than $45 billion, as many incidents go unreported. 

OTA believes that a whopping 95% of these breaches could have been avoided through simple approaches. OTA offers these 12 actions for organizations to improve their cybersecurity practices:

  1. Complete risk assessments for executive review, operational process and third-party vendors
  2. Review security best practices and validate your organization’s adoption or rationale for not adopting
  3. Audit your data and review your data stewardship practices, including data lifecycle management
  4. Complete a review of insurance needs including exclusions and pre-approval of coverage for any third-party services (such as cyber forensics, remediation provider, PR firm, etc.)
  5. Establish and regularly test an end-to-end incident response plan including empowering 24/7 first responders
  6. Establish/confirm relationships with data protection authorities, law enforcement and incident service providers
  7. Review and establish forensic capabilities, procedures and resources (internal and third-party providers)
  8. Develop communication strategies and tactics tailored by audience (e.g., messages to employees vs. messaging to media vs. notifications to customers)
  9. Review remediation programs, alternatives and service providers
  10. Implement ongoing employee training for incident response
  11. Establish employee data security awareness and ongoing education on privacy, incident avoidance (password practices, how to recognize social engineering, etc.) and incident response
  12. Understand the regulatory requirements, including relevant international requirements

Latest malware to hit Android

Have you heard of “Agent Smith” malware? If you’re one of the 25 million people with an infected device, you have. It’s a new string of Android malware that replaces portions of applications with its own code. The malware is called Agent Smith — named by the researchers at Check Point who discovered it – because of the methods it uses to attack a device and avoid detection. The way it works, according to an article in The Verge, is it hacks apps and forces them to display more ads so the malware’s operator can profit from the fraudulent views. According to Check Point, the malware has made its way to the U.S., where more than 300,000 devices have been affected. Article author Jacob Kastrenakes writes that the “malware would be hidden inside ‘barely functioning photo utility, games, or sex-related apps.”

Oregon Taking Action

Next week, two events are taking place that are a step forward in building the cybersecurity workforce. NW Cyber Camp 2019 kicks off Monday, July 15 through Friday, July 19, 2019 in three locations throughout Oregon (Wilsonville, Gresham, Corvallis). NW Cyber Camp is a week-long intensive summer camp for high school students that offers hands-on cybersecurity training. Students will learn how to defend computer systems and networks from cyberattacks, breaches, and malware.

In addition, the Cyber Oregon Cybersecurity Summit: The Cyber Workforce, takes place on Thursday, July 18, from 3:00 p.m. to 5:00 p.m., focusing on how to train the next generation workforce. Local cybersecurity experts will present, including:

Teresa Hess, Senior Director, Global Benefits & People First Office, McAfee

  • Teresa Hess, Senior Director, Global Benefits & People First Office, McAfee
  • Luke Goble, Chief Innovation Officer, sourceU
  • John Jacobs, Vice President, Systems Engineering, Fortinet

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cybersecurity is the Biggest Threat to the Global Economy appeared first on Cyber Oregon.

]]>