Cyber Oregon https://cyberoregon.com Keeping Oregon Safe Online Fri, 24 Jan 2020 16:38:23 +0000 en-US hourly 1 https://wordpress.org/?v=5.3.2 Cyber News Roundup: Phishing, Malware, Foreign Cyber Threats https://cyberoregon.com/2020/01/24/cyber-news-roundup-phishing-malware-foreign-cyber-threats/ Fri, 24 Jan 2020 16:38:19 +0000 https://cyberoregon.com/?p=6171 “Lost ring” or “Add me to your LinkedIn network.” Those could be the email subject lines for a phishing campaign that could trick employees in clicking, according to a recent phishing report.  No doubt that 2019 was a big year for successful phishing attacks. In fact, the report states that 55 percent of organizations surveyed…

The post Cyber News Roundup: Phishing, Malware, Foreign Cyber Threats appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

“Lost ring” or “Add me to your LinkedIn network.” Those could be the email subject lines for a phishing campaign that could trick employees in clicking, according to a recent phishing report.  No doubt that 2019 was a big year for successful phishing attacks. In fact, the report states that 55 percent of organizations surveyed dealt with a phishing attack last year. An InfoSecurity Magazine article reports that infosecurity professionals reported a high frequency of social engineering attempts across a range of methods including spear-phishing attacks, business email compromise (BEC), and social media attacks. Joe Ferrara, senior vice president and general manager of security awareness training for Proofpoint recommends “taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognize and report attacks.” A Financial Post article says that “management has to build a culture of security, figure out who is being attacked and the types of attacks they face, and be ready to adapt if your threat climate changes.”

If it isn’t phishing, it’s malware

Security companies are seeing a resurgence in malware, specifically Emotet, a powerful email malware that is used to attack U.S. government and military targets, according to an article in TechRepublic,. How it works is “the malware attacks email accounts and spreads by infiltrating other contacts in the inbox and responding to threads with malicious links or attachments.” Researchers from Cisco Talos, a security intelligence and research group, say that Emotet has the ability to mimic email language, even adding previous email threads to a message, making it difficult for anti-spam systems to stop. According to the researchers’ blog post, “one of the most vivid illustrations…can be seen in Emotet’s relationship to the .mil (U.S. military) and .gov (U.S./state government) top-level domains (TLDs). Talos saw a rapid increase in the number of infectious Emotet messages directed at the .mil and .gov TLDs in December 2019.”

How to prepare your employees

With constant cybersecurity threats – including in your inbox – what can organizations do? Bob Bruns, chief information officer with Avanade, writes that there are two doors that malicious actors will use to gain entry to your environment and data. In his Forbes article, he says that door one is your technology and door two is your people. He recommends strengthening your technology. Sounds easy enough, but what specifically? Bruns outlines the importance of focusing on the foundational pillars of your cybersecurity program: multifactor authentication, information protection tools, and trust but verify as a mandate. As for employees, Bruns encourages a comprehensive and consistent training and education program. Here’s what he suggests to get started:

  • Understand your unique needs, strengths and weaknesses. You need to have input to build your program and focus your efforts. You can get this input through security behavior surveys or any other security metrics you may have. This valuable data can help you understand where you need to grow and build the program’s short- and long-term goals.
  • Create a culture of shared responsibility. This objective should be part of the goals of your employee cybersecurity program. The general idea is to develop an employee culture committed to protecting your company, clients, work, data and assets. Shared responsibility means the onus isn’t just on the company to protect against cyberattacks; it’s also on each employee.
  • Educate continuously. It’s vital to make good security behavior understandable and consumable. Make participation creative and fun, not tedious. Look at your efforts as an internal marketing campaign. Activities must be compelling and creative. Security quizzes or apps, mock phishing campaigns, incentive programs and ways to introduce a little friendly competition will motivate and engage your employees to be the best cybersecurity champions in their departments.
  • Integrate cybersecurity training with onboarding. This includes security behavior training to help employees build secure behaviors from day one. This could include 30-, 60- and 90-day check-ins to reinforce training and behavior further.

Government taps cybersecurity companies for information

As covered in the last Cyber Oregon News Roundup, the U.S. government is on high alert for global cyber threats and cyberattacks from foreign countries. The latest NPR piece covers the fact that private cybersecurity firms have often been the ones sounding the alarm and selling their services to the U.S. intelligence community. “The U.S. government says it welcomes help from tech companies,” says Shelby Pierson, who works for the acting director of national intelligence, Joseph Maguire. “FireEye and CrowdStrike, for example, have done really good work, where based on the analysis, expertise and information analysis that they do, those are products and services that they can sell to the U.S. government.”

Partner blog of interest: CrowdStrike: CrowdStrike Services Report Focuses on Trends Observed in 2019 and the Outlook for 2020

The post Cyber News Roundup: Phishing, Malware, Foreign Cyber Threats appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Threats on the Horizon https://cyberoregon.com/2020/01/10/cyber-news-roundup-cyber-threats-on-the-horizon/ Fri, 10 Jan 2020 19:35:20 +0000 https://cyberoregon.com/?p=6160 Welcome to 2020! Welcome to a new decade already rich in global cyber threats. The biggest news of the year has been the Iran-U.S. crisis. Though the two nations ratcheted back physical attacks, the FBI and Department of Homeland Security warn that Iran poses an ongoing cyber threat to the U.S. According to a CNN…

The post Cyber News Roundup: Cyber Threats on the Horizon appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Welcome to 2020! Welcome to a new decade already rich in global cyber threats. The biggest news of the year has been the Iran-U.S. crisis. Though the two nations ratcheted back physical attacks, the FBI and Department of Homeland Security warn that Iran poses an ongoing cyber threat to the U.S. According to a CNN report, the intelligence bulletin issued by the FBI and Department of Homeland Security outlines that Iran is continuing to prepare for cyberattacks against the U.S. and its allies that could cause “temporary disruptive effects.” CNN states that the Department of Homeland Security issued a separate alert to American cybersecurity teams, urging them to “enhance monitoring of network and email traffic,” including email phishing attempts.

A Washington Post article reports that pro-Iranian hackers have launched a series of digital strikes including spreading misinformation through hacked Twitter accounts. Sen. Gary Peters (Mich.) remains “very concerned about possible retaliatory cyberattacks on the U.S.” He warns that “a major incident could severely disrupt our energy, financial, and telecommunications networks.” The New York Times writes that “cybersecurity experts and government officials are already monitoring an uptick of malicious activity by pro-Iranian hackers that they believe are harbingers of more serious computer attacks from Tehran, including possible efforts aimed at destroying government databases.” Warns Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, the Department of Homeland Security’s computer security arm, “You need to get in the head space that the next breach could be your last.”

Electric grid cybersecurity needed; bipartisan effort proposed

Public utilities remain vulnerable to foreign operatives and attacks on the U.S. electric grid could compromise the country’s electric supply. A recent report from the Ponemon Institute found the rate of cyberattacks is worsening. Fifty-six percent of those surveyed reported at least one shutdown or operational data loss per year, and 25% were impacted by a mega attack, reports Pittsburgh Business Times. The article states that regulators are already on high alert and “hardening cybersecurity defenses is an absolutely critical step utilities must take to protect themselves and the grid from being compromised by malicious actors.” Recently, the PROTECT Act, a bill passed by the Senate Energy Committee, will direct the Federal Energy Regulatory Commission (FERC) to give incentives to electric utilities to encourage them to boost their cybersecurity technology, states the article. The intention of the bill is to “stimulate the considerable investment in technology, human resources, and training needed to address this ever-evolving threat.”

2020: The year for small businesses to wake up

Big or small, we know that all businesses are a target for cyberattacks. According to a Forbes article, 2020 will be the year for small businesses to wake up to increased cyberattack by implementing much more stringent and disciplined cybersecurity defenses. The author, Paul Lipton, CEO of BullGuard, believes that ransomware will become more sophisticated and that there will be an increase of blackmail attacks and phishing scams by which attackers will use information as a “springboard for accessing supplier/client networks.” Lipton stresses the importance of religiously applying upgrades of antivirus software on endpoint devices, “critical to nullify zero-day threats, quarantine infected devices and proactively monitor for breaches.”

Partner blog of interest: PKI Solutions: A look back at conversations with the brightest minds in cybersecurity

The post Cyber News Roundup: Cyber Threats on the Horizon appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyberattacks of the Past Decade, Mobile Threats, Even Your New TV? https://cyberoregon.com/2019/12/09/cyber-news-roundup-cyberattacks-of-the-past-decade-mobile-threats-even-your-new-tv/ Mon, 09 Dec 2019 10:00:00 +0000 https://cyberoregon.com/?p=6136 Game-changing cyberattacks of the decade TechRepublic recounts the top cyberattacks of the past decade, not ranked by their size, but by their importance and impact. In his article, Jonathan Greig interviews Etay Maor, chief security officer at IntSights, who sums up the list, “For me, the largest hacks of the decade are not just the…

The post Cyber News Roundup: Cyberattacks of the Past Decade, Mobile Threats, Even Your New TV? appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Game-changing cyberattacks of the decade

TechRepublic recounts the top cyberattacks of the past decade, not ranked by their size, but by their importance and impact. In his article, Jonathan Greig interviews Etay Maor, chief security officer at IntSights, who sums up the list, “For me, the largest hacks of the decade are not just the ones that were the biggest, but the ones that were game-changers in how we approach security. If we had this talk 10 years ago, we would be blown away by the numbers, but now, the numbers don’t really affect us that much.” Here’s the list – read the article for a complete breakdown:

  • Yahoo, 2013
  • Equifax, 2017
  • Sony Pictures, 2014
  • Marriott Hotels, 2018
  • Ashley Madison, 2015
  • Target, 2013
  • Capital One, 2019
  • The United States Office of Personnel Management, 2015
  • First American Financial, 2019
  • Stuxnet, 2010

“All of a sudden, we’re in the age of career-ending or career-altering hack. Honestly in 2011, if you had a hack with over a million credentials, everyone would lose their mind,” Maor said. “Today, you probably won’t even read about hacks that happen with a couple million credentials stolen.”

Your newest TV is a threat

The FBI has warned that your newly-purchased TV could be a window into your home by crooks. According to Independent, the FBI says hackers can take control of your TV’s cameras and microphones. The Portland, Oregon-based FBI issued a statement cautioning consumers that stalkers could use your TV for bad and stalk consumers. Here are tips the FBI recommends to protect your family:

  • Know exactly what features your TV has and how to control those features. Do a basic Internet search with your model number and the words “microphone,” “camera,” and “privacy.”
  • Don’t depend on the default security settings. Change passwords if you can – and know how to turn off the microphones, cameras, and collection of personal information if possible. If you can’t turn them off, consider whether you are willing to take the risk of buying that model or using that service.
  • If you can’t turn off a camera but want to, a simple piece of black tape over the camera eye is a back-to-basics option.
  • Check the manufacturer’s ability to update your device with security patches. Can they do this? Have they done it in the past?
  • Check the privacy policy for the TV manufacturer and the streaming services you use. Confirm what data they collect, how they store that data, and what they do with it.

BYOD continues to pose security risks and privacy challenges for organizations

Organizations need a mobile threat defense strategy, according to an article in IT Web, that contends that mobile defense solutions are an essential component of cybersecurity strategies. “It is imperative for organizations to safeguard sensitive enterprise data from cyber threats that exploit mobile users, apps, and devices,” urges author MJ Strydom. He contends that bringing your own device presents potential leakage or disclosure of enterprise data. Gartner is also an advocate of mobile threat defense solutions and strategies. Gartner emphasizes that organizations’ focus should be on improving overall security hygiene, rather than countering malicious threats.

Employee privacy and data protection in a mobile world

In the Dark Reading article, “Employee Privacy in a Mobile Workplace,” there is discussion about the way businesses handle the personal data of their own people. It discusses the use of personal smartphones in the workplace, and how this presents a challenge to both safeguard information, while also protecting employees’ privacy. BOYO is certainly nothing new. The article states the challenge that there is bound to be some crossover between personal and business data. “When businesses collect and monitor employee data, how can they approach this crossover in a responsible way that does not infringe on personal privacy or compromise any security measures,” writes author Michael J. Covington, Ph.D. He suggests that organizations use a four-pillar framework to implement best practices for how they should collect store and use their employees’ personal information. The pillars are: user identity, user activity, policy, and transparency.

Partner blog of interest: Splunk: A Look at 2020: Where Data Packs Its Biggest Punch

The post Cyber News Roundup: Cyberattacks of the Past Decade, Mobile Threats, Even Your New TV? appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Give the Gift of Encryption and Two-Factor Authentication https://cyberoregon.com/2019/11/22/cyber-news-roundup-give-the-gift-of-encryption-and-two-factor-authentication/ Fri, 22 Nov 2019 15:00:13 +0000 https://cyberoregon.com/?p=6110 ‘Tis the season for shopping. Alas, ‘tis the season for cybercriminals. In his Dark Reading article, Jai Vijayan writes that criminals have begun ramping up their efforts to divert dollars their way via malicious domains, coupons, gift card scams, and counterfeit goods. “Domain-based attacks top the list of threat that retailers face this shopping season,”…

The post Cyber News Roundup: Give the Gift of Encryption and Two-Factor Authentication appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

‘Tis the season for shopping. Alas, ‘tis the season for cybercriminals. In his Dark Reading article, Jai Vijayan writes that criminals have begun ramping up their efforts to divert dollars their way via malicious domains, coupons, gift card scams, and counterfeit goods. “Domain-based attacks top the list of threat that retailers face this shopping season,” writes Vijayan. Brand impersonation is another big issue, often used to promote phishing campaigns to direct users to sites that download malware, according to Ashlee Benge, a threat researcher at ZeroFox.

As we are headed into the holiday shopping blitz, it’s not all baubles and glitz. Major retailer, Macy’s, has already experienced a data breach, exposing customer credit card information. According to the TechRepublic article, hackers injected malicious card-skimming code into Macy’s website, resulting in criminals accessing thousands of customer names, credit card information, and addresses. Criminals may have used the information themselves or sold it on the dark web, according to the article. “These types of attacks, called Magecart, are becoming increasingly common as more people open small online businesses and fail to encrypt their sites while recording customer information,” writes reporter Jonathan Greig.

What’s the one thing that retailers can do? Encrypt. Says Charity Wright, cyber threat intelligence advisor, “So many retailers don’t have their point-of-sale processors encrypted and they’re storing credit card data unencrypted, which we can guarantee is the source of most of these breaches.” The article cites experts’ tips for retailers to protect themselves from data breaches:

  1. Widespread encryption
  2. Have an SSL certificate installed to protect consumers
  3. Do frequent audits of their security systems, websites, content management systems, and software
  4. Establish policies and procedures to verify that Internet-facing infrastructure is securely configured
  5. Restrict third-party vendors’ access to sensitive data

Retailers, banks, even Disney

If it’s not retailers, it’s banks. In the CSO article, “How a bank got hacked (a study in how not to secure your networks), reporter J.M. Porup covers the vigilante hacker Phineas Phisher and the intrusion of Cayman National Bank. The article is a study in how vulnerable our financial institutions are to attackers. Phisher boasts, “Give a person an exploit and they’ll have access for a day, teach them to phish and they’ll have access the rest of their lives.” The heist involved hacking tools – off-the-shelf penetration testing tools, in fact – phishing, malware, and a malicious email. It turns out that Phisher was in the bank’s networks for five months, without being discovered.

Just as soon as Disney Plus, the new streaming service, was rolled out, hackers were busy hacking. Thousands of Disney Plus accounts were hacked and sold online for as little as $3, reports Washington Post. “It’s no surprise that cybercriminals jump on the same bandwagon as everyone else when there’s a big consumer launch,” says Niels Schweisshelm, technical program manager at HackerOne. The article states that other streaming services including Amazon Prime, Hulu, and Netflix have faced similar struggles with hackers. “One thing Disney+ could do to help users would be to roll out support for multi-factor authentication, a simple solution that would prevent attacks relying on password reuse,” states Catalin Cimpanu in his ZDNet article.

Cyber Oregon in the news

In Cyber Oregon-related news, the Oregon State University Security Club (OSUSEC) completed in the U.S. Department of Energy (DOE)’s CyberForce Competition. The team, which includes Zander Work, placed first regionally for the third time in a row — and sixth nationwide.

In other news, Peggy Miller, CEO of PacStar, a cybersecurity pioneer with the company’s advanced communications solutions for the U.S. Department of Defense and a Cyber Oregon sponsor, wins Gold Stevie Award for Executive of the Year. News release here.

Cyber Oregon partner news of interest and a special shoutout to Charlie Kawasaki, Oregon Cybersecurity Advisory Council leader, who is the first inventor of this new cybersecurity patent: PacStar Awarded Patent for IQ-Core Crypto Manager Encryption Management and Setup Software

The post Cyber News Roundup: Give the Gift of Encryption and Two-Factor Authentication appeared first on Cyber Oregon.

]]>
Cyber Oregon News Roundup: Scariest hacks, tips to manage phishing, extending cybersecurity to vendors https://cyberoregon.com/2019/11/01/cyber-oregon-news-roundup-scariest-hacks-tips-to-manage-phishing-extending-cybersecurity-to-vendors/ Fri, 01 Nov 2019 14:00:44 +0000 https://cyberoregon.com/?p=6082 What are some of the top hacks and vulnerabilities in 2019? Taking a look back at cybersecurity this year – eek! It has been a banner year for cybersecurity threats and hacks with exploits, backdoor hacks, and data breaches affecting users, companies, and governments around the world. There have been supply-chain attacks, corporate ransomware, and…

The post Cyber Oregon News Roundup: Scariest hacks, tips to manage phishing, extending cybersecurity to vendors appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

What are some of the top hacks and vulnerabilities in 2019? Taking a look back at cybersecurity this year – eek! It has been a banner year for cybersecurity threats and hacks with exploits, backdoor hacks, and data breaches affecting users, companies, and governments around the world. There have been supply-chain attacks, corporate ransomware, and high-profile government hacks, as well as hacks and malware on our devices, in our applications, at our gas station, on our planes. In his ZDNet article, The Scariest Hacks and Vulnerabilities of 2019, reporter Catalin Cimpanu gives a complete rundown of the past 10 months of security disasters that would scare anyone. Cyber threats abound. Here’s a snapshot:

  • Severe vulnerabilities in Apple FaceTime
  • Hackers steal data from South Korea’s Defense Ministry
  • Oklahoma data leak exposes FBI investigation records
  • Iranian hackers suspected in worldwide DNS hijacking campaign
  • Websites can steal browser data via extensions APIs
  • Malware found preinstalled on Android devices
  • New malware can make ATMs spit out cash
  • Hiding malware using the CPU
  • Hackers take tornado sirens offline before major storm
  • Chrome zero-day under active attacks
  • Hacks at French gas stations
  • Smartphone unlocking
  • United Airlines covers up seat cameras
  • Tens of thousands of cars left exposed to thieves
  • The Weather Channel goes off the air for 90 minutes after ransomware infection
  • Facebook admits to storing plaintext passwords for millions of Instagram users
  • Indian government agency left details of millions of pregnant women exposed online
  • Unsecured server exposes data for 85% of all Panama citizens
  • Google replaces faulty Titan security keys
  • London Underground to begin tracking passengers through Wi-Fi hotspots
  • Hackers breached 10 telecom providers
  • NASA hacked because of unauthorized Raspberry Pi connected to its network
  • Hackers put patient data for sale online
  • Vulnerabilities found in GE anesthesia machines
  • Louisiana governor declares state emergency after local ransomware outbreak
  • Employees connect nuclear plant to the internet so they can mine cryptocurrency
  • Moscow’s blockchain voting system cracked a month before election
  • U.S. military purchased $32.8M worth of electronics with known security risks
  • Database leaks data on most of Ecuador’s citizens
  • Massive wave of account hijacks hits YouTube creators
  • Ransomware incident to cost company a whopping $95 million
  • Alexa and Google Home devices leveraged to phish and eavesdrop on users

Phishing attacks on the rise; how to protect your business

One attack method that continues to gain momentum is phishing. Nearly one third of all data breaches involve phishing, according to Verizon’s 2019 Data Breach Investigations Report. And phishing is not just hitting companies. Research indicates that phishing was present in 78% of cyber espionage incidents and the installation and use of backdoors. Lance Whitney explains in his TechRepublic article that cybercriminals who employ phishing as their attack method use various tricks and techniques to lure their victims into divulging private information. He says, “Cybercriminals are leveraging some of the world’s largest tech companies to trap users.” A recent report, Akamai 2019 State of the Internet/Security Phishing: Bating the Hook, states that criminals are exploiting top global brands and their users through highly organized and sophisticated phishing operations, with users of Microsoft, PayPal, DHL, and Dropbox as the biggest targets for phishing attacks. Akamai offers these tips for businesses to protect themselves against phishing attacks:

  1. Awareness training. You can and should train your employees to spot and report basic and generic phishing attacks. Cybercriminals have learned to adapt to basic awareness training models. In fact, targeting the natural workflow of an intended victim is how phishers have been able to launch more business email compromise attacks.
  2. Phishing simulations. A good defense requires a good offense. As such, phishing simulations can help organizations better protect themselves and decrease the odds of a security incident. However, such simulations should be customized to the individual or business unit. For example, a phishing simulation sent to people in human resources could spoof resumes for a recent job posting. A simulation sent to sales employees could spoof lead generation responses following a recent event.
  3. Endpoint protection. Beyond training and simulations, protecting your endpoints is another way for you to stay ahead of the phishing game.

What about your vendors’ cybersecurity practices?

While you have been focused on implement cybersecurity practices within your organization, have you considered your third parties that you do business with? Any organization outside of your company that provides a product or service and has access to your system could put you at risk: cloud providers, professional services, payment processor, payroll, etc. If cybersecurity incidents occur as a result of these third-party relationships, it’s the companies themselves that are on the hook for regulatory fines, penalties, and reputation, according to ZDNet article, Extending cybersecurity awareness of the third-party ecosystem. Alla Valente, an analyst at Forrester, recommends that organizations:

  1. Create and maintain a central repository for third-party relationships.You can’t manage what you can’t measure and won’t be able to thoroughly assess the risk of each relationship if you don’t know how many third-parties you have or who those third-parties are. More than half of all organizations don’t keep an active catalog of third-parties.
  2. Think beyond outdated nomenclature that limits your scope and creates blind spots.Third-parties go by many names: vendor, supplier, IT service provider, affiliate, associate, consultant, etc. Don’t limit cybersecurity assessment to software vendors alone. With digital transformation and IoT, almost every single third-party relationship involves storing, processing, or transmitting sensitive data.  Think of every relationship as a link along the value chain, including your HVAC repair technician.
  3. Take cybersecurity precautions at the end of the relationship.For many organizations, one critical step is missing from their third-party cybersecurity process. Very often, they overlook or forget to terminate the third-parties access to critical systems when a contract is completed. The offboarding process is essential for mitigating downstream risks. Create a process whereby the owner of the third-party relationship notifies the proper channels before announcing contract termination, this way, security can monitor for irregular access – in case the third-party wants to take any souvenirs at your expense — and ensure access has been terminated at the end of the contractual period.

Cyber Oregon partner blog of interest

The post Cyber Oregon News Roundup: Scariest hacks, tips to manage phishing, extending cybersecurity to vendors appeared first on Cyber Oregon.

]]>
Cyber Oregon Annual Cybersecurity Summit: November 8 https://cyberoregon.com/2019/10/21/cyber-oregon-annual-cybersecurity-summit-november-8/ Mon, 21 Oct 2019 14:00:35 +0000 https://cyberoregon.com/?p=6024 Cybersecurity threats are here, there, and everywhere – no organization is safe from threats, but there are prevention and defense strategies and best practices to implement. Whether your organization is an enterprise, small business, school, government, healthcare, or financial institution, you can learn from some of the great cybersecurity minds across the state, who will…

The post Cyber Oregon Annual Cybersecurity Summit: November 8 appeared first on Cyber Oregon.

]]>
Cybersecurity threats are here, there, and everywhere – no organization is safe from threats, but there are prevention and defense strategies and best practices to implement. Whether your organization is an enterprise, small business, school, government, healthcare, or financial institution, you can learn from some of the great cybersecurity minds across the state, who will share their insight and expertise to navigate today’s cyber challenges. The Cyber Oregon Annual Cybersecurity Summit, taking place November 8, 2019 in Bend. For more information and to register: http://www.techoregon.org/events/oregon-annual-cybersecurity-summit

TAO and Oregon Cybersecurity Advisory Council (OCAC) present this year’s Cyber Oregon Annual Cybersecurity Summit that will feature government leaders, CISOs from Oregon’s largest healthcare providers, and executives from regional community banks. The day will include a keynote and a lunch panel for all attendees focused on the global cyber landscape and the components of a cybersecurity plan that are often overlooked – including cyber insurance and crisis communication – in the event of a data breach.

There will be two tracks with multiple sessions: Technical Track for cyber practitioners and Business Track leaders to learn best practices. Who should attend? Corporate legal teams, data privacy professionals, business owners, C-Suite executives, and technology managers from all industries.

Here is the schedule:

9:00 a.m. – Opening Keynote

SCHEDULE

Phil R. Slinkard, Special Agent, Federal Bureau of Investigation, Cyber Division

10:30 a.m. – Track Sessions 1

TECHNICAL

Pragmatic Security Addressing INTERNAL Risks

Ryan Comingdeer, chief technology officer, Five Talent Software

BUSINESS

Healthcare and Privacy

MODERATOR: Leslie Golden, president, Instill Security LLC

PANEL

Ron Buchannan, CISO, St. Charles  

Brian Hole, cyber-security program manager and deputy CISO, Legacy Health        

Steve Person, CISO, Cambia Health Solutions

11:45 a.m. – Lunch Panel

Ancillary Services Critical to Your Cybersecurity Strategy

MODERATOR: Stephanie Hooper, senior account manager, 52 Limited

PANEL

Vic Martinez, commercial account executive, PayneWest              

Lora Haddock, founder & CEO, Lora DiCarlo            

Brian Ventura, information security architect, City of Portland

1:00 – Track Sessions 2

TECHNICAL

Pragmatic Security Addressing EXTERNAL Risks

Ryan Comingdeer, chief technology officer, Five Talent Software

BUSINESS

Best Privacy Practices by Community Banks

MODERATOR: Ben Gallo, president, Redhawk Network Security

PANEL

Nikki Hoffman, VP IT Manager, People’s Bank of Commerce          

Gary Propheter, COO, Bank of Eastern Oregon

 

The Cyber Oregon Cybersecurity Summit will take place at OSU-Cascades Graduate & Research Center, 650 SW Columbia Street, Room 209 and 110, in Bend, Oregon. Register today to secure your spot!

Sponsors for this Summit include Fortinet, McAfee, PayneWest, and PKI Solutions.

The post Cyber Oregon Annual Cybersecurity Summit: November 8 appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber tips for small businesses, employee cyber training, and ‘hacking back’ on the dark web https://cyberoregon.com/2019/10/18/cyber-news-roundup-cyber-tips-for-small-businesses-employee-cyber-training-and-hacking-back-on-the-dark-web/ Fri, 18 Oct 2019 14:00:01 +0000 https://cyberoregon.com/?p=6016 Own IT. Secure IT. Protect IT. That’s this year’s overarching message for National Cybersecurity Awareness Month (NCSAM), focusing on key areas including citizen privacy, consumer devices, and e-commerce security. The Department of Homeland Security in conjunction with the National Initiative for Cybersecurity Careers and Studies (NICCS) has extensive information for individuals, organizations, and businesses. Everything…

The post Cyber News Roundup: Cyber tips for small businesses, employee cyber training, and ‘hacking back’ on the dark web appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Own IT. Secure IT. Protect IT. That’s this year’s overarching message for National Cybersecurity Awareness Month (NCSAM), focusing on key areas including citizen privacy, consumer devices, and e-commerce security. The Department of Homeland Security in conjunction with the National Initiative for Cybersecurity Careers and Studies (NICCS) has extensive information for individuals, organizations, and businesses. Everything from social media tips, to keeping your work secure, to thefts and scams — available to all: https://niccs.us-cert.gov/national-cybersecurity-awareness-month-2019

We know that all businesses large and small are at risk for cyber-attack. As cybersecurity threats continue to escalate, 43% of cyber breaches claim small businesses, according to the Verizon 2019 Data Breach Investigations Report. It is time for small businesses to prioritize cybersecurity, according to Forbes author, Frank Sorrentino. In his article, small businesses are the lifeblood of our nation’s economy, making up nearly 44% of our national GDP. He contends that small businesses make the mistake of assuming it won’t happen to them, so they forget basic preventative measures and often fail to invest in reliable security solutions. According to the article, common mistakes small businesses make are:

  • Wire transfer issues. Small businesses have continually fallen victim to those requesting fraudulent wire transfers in recent years. This can be avoided easily by carefully reviewing all payments before they are sent and verifying payee details – specifically, location and account information. One incorrect number could result in that wire winding up in the wrong hands.
  • Overlooking admin account access. Small businesses often give too many employees access to vital services and hardware through admin accounts. These accounts can be easily hacked, however, and are favorite targets of many cyber criminals. Consider dialing back the number of admin accounts your company has and make sure only necessary people are granted access.
  • Smart phone vulnerabilities. Despite what employees may think, their work phone or tablet are high risk targets. Conducting business or making purchases while using public Wi-Fi could put an individual, and the business they work for, at risk. Malware threats also lurk in third-party app sites as cyber criminals find it easy to trick people into downloading spoof apps.
  • Ransomware attacks. In recent years, ransomware threats have skyrocketed by nearly 350 percent. These attacks often appear as emails or mobile notifications denying access to an employees’ computer. If you receive a foreign email, don’t be so eager to open it.

Oregon’s Small Business Development Center network can provide helpful cybersecurity tips to small business owners: https://bizcenter.org/cybersecurity/.

Investing in your employee cyber training

How well is your employee equipped against malicious hackers that aim to steal data? An Entrepreneur article states that with the current IT infrastructure, most hackers can easily manipulate systems and use social engineering to outsmart companies’ employees. Studies indicate that the majority of cyber-attacks are caused by human error – almost 90%, in fact – reinforcing the need for continuous employee education on cybersecurity. CISO and ethical hacker, Remesh Ramachandran, recommends covering these security awareness topics in organizations’ employee training:

  • Different forms of cybersecurity threats: To effectively identify and prevent potential security breaches, employees will need an elementary enlightenment of the various ways that a threat can present itself.
  • Importance of password security: Explain to your employees that passwords are the first line of protection to protect your sensitive and valuable information from hackers.
  • How to identify and report cybersecurity threats: Employees are the eyes and ears of an organization on the ground. Every device they use or emails they receive may contain clues about a lurking malware, virus, password hack or a phishing scam.
  • Email, internet and social media policies: Emailing and browsing habits of an employee can expose the company to attacks. Therefore, it is crucial to include policies and guidelines in your training for using email, Internet and social media platforms.

The main purpose of the training process, according to Ramachandran, is to create a sense of shared responsibility and accountability for cyber hygiene so that everyone can keep update on ever-evolving cyber threats.

Underground store selling stolen credit cards hacked

Your organization may be doing all the right things, when it comes to investing in cybersecurity. Even those who do illegal business on the Dark Web get hacked. BriansClub, one of the largest underground stores for buying stolen credit card data, was hacked, as reported by Brian Krebs. In his article, Krebs states that more than 26 million credit and debit card records taken from hacked retailers over the past few years – approximately $414 million worth of stolen credit cards for sale. The Justice Department estimates the losses to be upwards of $4 billion, figuring that each stolen card record is valued at $500 apiece. According to Allison Nixon, director of security research for Flashpoint, a security intelligence firm, breaches of criminal website databases often lead not just to prevented cybercrimes, but also to arrests and prosecutions.

“When people talk about ‘hacking back,’ they’re talking about stuff like this,” Nixon said. “As long as our government is hacking into all these foreign government resources, they should be hacking into these carding sites as well. There’s a lot of attention being paid to this data now and people are remediating and working on it.”

Does this mean an end to the bad guys? Not at all. “Since the demand for stolen credit cards is on the rise, other vendors will undoubtedly attempt to capitalize on the disappearance of the top player,” says Andrei Barysevich, co-founder and Co at Gemini Advisory, a New York-based company that works with financial institutions to monitor dozens of underground markets trafficking in stolen card data.

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cyber tips for small businesses, employee cyber training, and ‘hacking back’ on the dark web appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Risks in Our Elections, Our Work, Even Our Games https://cyberoregon.com/2019/10/04/cyber-oregon-news-roundup-cyber-risks-in-our-elections-our-work-even-our-games/ Fri, 04 Oct 2019 15:00:11 +0000 https://cyberoregon.com/?p=5997 October is National Cybersecurity Awareness Month (NCSAM), an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. Yet, every month should be cybersecurity awareness month, every day, even. Not a day goes by when we aren’t faced with cyber risks in our…

The post Cyber News Roundup: Cyber Risks in Our Elections, Our Work, Even Our Games appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

October is National Cybersecurity Awareness Month (NCSAM), an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. Yet, every month should be cybersecurity awareness month, every day, even. Not a day goes by when we aren’t faced with cyber risks in our daily lives – whether voting in the upcoming elections, playing Words with Friends, sending emails at work…and the future of technology holds greater vulnerabilities.

With elections around the corner, experts suggest that voting machines pose a greater threat to our elections than foreign agents. Recent findings indicate significant security flaws in our country’s voting equipment that increase the vulnerabilities of our elections. An article in The Hill asks the question “How did the security bar get set so low?” Senator Ron Wyden (D-Oregon) says “right now there are no mandatory federal cybersecurity standards for elections. It is perfectly legal for the biggest voting machine company in America…to sell a small county equipment that every cybersecurity expert in America knows is insecure.”

Researchers continue to find ongoing security issues with the voting machine industry, including poor internal company security. The article says that in 2017, the largest U.S. voting machine vendor exposed encrypted employee passwords online. What could happen? “Using those passwords, hackers could have planted malware on the company’s servers, and that malware could then be delivered to voting systems across the country with official updates.” Author Lulu Friesdat suggests that these insecure voting systems are actually leading to incorrect election results. She cites data that more than 100,000 votes could be missing from a Georgia election held last year. According to cyber risk analyst Chris Vickery, “This is the type of stuff that leads to a complete compromise.”

From voting to gaming, cyber risks continue to plague us every day. More than 200 million players of the popular mobile games Words with Friends and Draw Something had their login information stolen, according to a CBS News report. Zynga, the publisher of the games, announced there was a data breach on September 12, 2019. According to the article, the hack exposed users’ names, email addresses, login IDs, some Facebook IDs, some phone numbers and Zynga account IDs. A CNET article reports that the hacker that goes by the name Gnosticplayers accessed a database that included data from Android and iOS players who installed the game before September 2.

Emerging technologies: cyber friend or foe?

What’s on the horizon? When it comes to hacks and cyber risks, hackers are becoming increasingly innovative with the techniques they use to access sensitive data, according to the article, “Cybersecurity experts warn that these 7 emerging technologies could put your online security at risk,” in Business insider, stating that new technologies are boons to hackers, who capitalize on people’s lack of understanding of how those technologies work, as well as undiscovered holes in new systems’ security. Here’s a list of the emerging technologies that present both great opportunities and great risks – with experts raising concerns:

  • AI-generated “deepfake” audio and video can help hackers scam people. Cybersecurity experts worry that hackers could use the technology for phishing scams.
  • Quantum computing could easily crack encryption. Experts worry that the technology could threaten encrypted data sets that organizations, such as banks, protect for decades.
  • 5G networks will bring faster speeds, and new vulnerabilities. Security pundits warn that the increased speed could make 5G devices more susceptible to DDoS attacks.
  • The Internet of Things (IoT) creates new threats to security infrastructure. Hackers are increasingly finding vulnerabilities in IoT networks and using them to compromise companies’ operations.
  • Hackers are using artificial intelligence (AI) to outsmart cybersecurity systems. Hackers can use AI-driven programs to quickly scan networks to find weak points, or predictive text functions to impersonate insiders and trick targets into handing over sensitive information.
  • Outsourcing high-tech functions to third parties, supply-chain hacks proliferate. Third parties increase vulnerabilities.
  • More operational functions are moving online. This expands the “attack surface.”

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cyber Risks in Our Elections, Our Work, Even Our Games appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Threats Are Here, There, Everywhere – Including the Cloud https://cyberoregon.com/2019/09/20/cyber-news-roundup-cyber-threats-are-here-there-everywhere-including-the-cloud/ Fri, 20 Sep 2019 14:00:12 +0000 https://cyberoregon.com/?p=5960 It’s a big world. A world full of big cyber threats. Whether it’s a breach of every citizen in Ecuador, or millions of Americans’ medical images and data available on the Internet for all to see, or new hacking groups – the latest cyber threats are real and big, and happening everywhere. The latest news reports…

The post Cyber News Roundup: Cyber Threats Are Here, There, Everywhere – Including the Cloud appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

It’s a big world. A world full of big cyber threats. Whether it’s a breach of every citizen in Ecuador, or millions of Americans’ medical images and data available on the Internet for all to see, or new hacking groups – the latest cyber threats are real and big, and happening everywhere.

The latest news reports that personal data about almost every Ecuadorean citizen has been exposed online. According to an article on BBC, names, financial information, and civil data of about 20 million people was found on an unsecured cloud server, available for all to see. The exposed files include official government ID numbers, phone numbers, family records, marriage dates, education histories, work records – a wealth of personally identifiable information (PII). Reporter Catalin Cimpanu, a ZD Net reporter who broke the story, said the information is “as valuable as gold in the hands of criminal gangs.” The source of the data, a Novaestrat database, has since been secured.

Meanwhile, closer to home, millions of Americans’ medical images and data medical data – including more than 16 million scans, names, birthdates, and in some cases, Social Security numbers – are available on the Internet, for anyone to view. ProPublica reports that hundreds of computer servers worldwide that store patient X-rays and MRIs are so insecure that anyone with a web browser or a few lines of computer code can view patient records. According to the article, “the insecure servers add to a growing list of medical records systems that have been compromised in recent years. Unlike some of the more infamous recent security breaches, in which hackers circumvented a company’s cyber defenses, these records were often stored on servers that that lacked the security precautions that long ago became standard for business and government agencies.”

Under U.S. law, HIPAA, health care providers and their business associates are legally responsible and accountable for security the privacy of patient data. The consequences of unauthorized access to such information could be devastating. “Medical records are one of the most important areas for privacy because they’re so sensitive,” said Cooper Quintin, a security researcher and senior staff technologist with the Electronic Frontier Foundation, a digital-rights group.

“What we typically see in the health care industry is that there is Band-Aid upon Band-Aid applied” to legacy computer systems, said Jackie Singh, a cybersecurity expert. She contends that it’s a shared responsibility among manufacturers, standards makers, and hospitals to ensure computer servers are secured.

Take precautions with cloud security

Mark B. Cooper, president and founder of PKI Solutions – and supporter of Cyber Oregon – says, “are we asking enough questions about cloud security for organizations to make informed risk management decisions?” More than 80% of organizations store their information in the public cloud, begging the question of cloud security. Cooper believes that organizations need to proceed with caution about what they store. He says, “A clear and strong identity management process and plan is critical in this turbulent time. As hybrid enterprise solutions evolve, including cloud and on-premises software, the need for stronger identity management and identity-as-a-service (IaaS) is a must.” Cooper will present the keynote “Cloud Insecurity: The Need for Stronger Identity Management,” at the Cloud Security 2.0 eSummit on October 17, 2019. For more information and to register: https://www.cyberriskalliance.com/cloud-security-2-0-esummit-thursday-october-17-2019/

Cyber Oregon sponsors, ZScaler and CrowdStrike, both cloud-based cybersecurity companies, announced a partnership that will provide businesses with real-time security protection across their computer networks. They will offer mutual customers always-on, zero-day, and ransomware protection with real-time, immediate protection against hackers, viruses and other virtual threats.

Here, There, Everywhere

The latest hacking group is targeting IT companies, attacking heavily in Saudi Arabia and the wider Middle East. The hacking group, dubbed TortoiseShell, uses custom and off-the-shell malware to gain domain admin level access to organizations, enabling them to gain access to all the machines on the network. According to a ZDNet article, a campaign that is focused on IT companies, is the first stage of a supply chain attack looking to compromise the IT suppliers as a stepping stone to their customers’ networks. “Compromising a web server, with a likely old exploit, can be a simpler approach than using e-mail. The alternative of using a phishing e-mail to compromise the victim generally required the attacker to have at least some knowledge of the email recipient in order to customize the email to that individual,” said Gavin O’Gorman, an investigator in the Symantec security response team.

Cyber Oregon partner blog of interest

The post Cyber News Roundup: Cyber Threats Are Here, There, Everywhere – Including the Cloud appeared first on Cyber Oregon.

]]>
Cyber News Roundup: 80% of Businesses Experienced a Cybersecurity Incident, What to Do https://cyberoregon.com/2019/09/06/cyber-news-roundup-80-of-businesses-experienced-a-cybersecurity-incident-what-to-do/ Fri, 06 Sep 2019 14:20:41 +0000 https://cyberoregon.com/?p=5926 If your organization has suffered a cybersecurity incident, you are not alone. In fact, 80% of businesses experienced a cybersecurity incident this past year, according to the latest report from Forrester Consulting. An article in Security Magazine, highlights the key – and very real – findings, including the fact that security incidents put customer privacy…

The post Cyber News Roundup: 80% of Businesses Experienced a Cybersecurity Incident, What to Do appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

If your organization has suffered a cybersecurity incident, you are not alone. In fact, 80% of businesses experienced a cybersecurity incident this past year, according to the latest report from Forrester Consulting. An article in Security Magazine, highlights the key – and very real – findings, including the fact that security incidents put customer privacy and safety at risk. With legal and compliance regulations hitting harder, the demands for cybersecurity reporting have intensified in recent years, and now, more than one-third of companies agree that they have lost business due to either a real or perceived lack of security. Increasingly C-level decision makers understand the value of effective security, and 82 % of decision makers agree that the way customers and partners perceive security is increasingly important to the way their firms make decisions.

Cybersecurity attacks can cripple small businesses that aren’t prepared. In a TechRepublic interview with security export Scott Logan, reporter Karen Roby outlines how cybersecurity is a big problem for small businesses who often don’t have adequate IT defense plans in place including infrastructure, services, solutions, and the right trained staff who can manage everything correctly. Logan outlines these inexpensive options for small companies to implement:

  • Invest in user training. A good social security awareness platform in place is key.
  • Disaster recovery plan in place. Logan says, “before [companies] start investing in a ton of security controls, make sure that you can recover from a threat. Make sure your backups are tested, and make sure that your disaster recovery policies and procedures are exercised so that you can recover.”
  • Understand your risks. Instituting a risk analysis program, including a risk assessment with a vulnerability assessment, will help you to understand where the weaknesses are.

What about your vendors?

Another level of cybersecurity organizations need to be concerned about – even small businesses — is your vendors. Do your vendors have a cybersecurity strategy in place? According to attorneys at Berman-Fink-Van Horn, an often-overlooked step in a company’s cybersecurity strategy is the failure to manage third party risks. In a Mondaq article, Jeffrey N. Berman recommends that a vendor’s cybersecurity strategy should address:

  • What steps does the vendor take to train its employees on cyber risks?
  • A description of its security program, including appropriate policies and procedures.
  • The administrative, physical and technical safeguards used and how they are maintained.
  • The vendor’s security breach procedures and incident response plan. For instance, how quickly will your company be notified of a data breach?
  • A representation that the vendor has cyber liability insurance.
  • A description of independent third-party assessments, audits or certifications.
  • Will the vendor subcontract any services or use other vendors? What data security steps will be taken?
  • Certification that the vendor complies with all applicable laws, regulations and industry standards.
  • Indemnification provisions in the event of a data breach.
  • An adequate definition of a security breach (this is often overlooked).

From small business, to enterprise, to government

Don’t take it personally. Every entity, whether it’s small business, large enterprise, or national government is at risk for cybersecurity incidents and attacks. With 4,000 ransomware attacks a day, “is certainly something that would be a key concern for the elections,” stated Anne Neuberger, director of the newly formed Cybersecurity Directorate at the national Security Agency (NSA), pointing to a key danger to the 2020 elections. In an article in The Hill, ransomware attacks have become a key issue over the past few months as various entities, including cities and school districts, have been hit by ransomware attacks, “in which the attacker encrypts an IT system and demands payment before allowing the user access again.

Neuberger emphasizes that the Cybersecurity Directorate will zero in on cyber and national security threats from countries including Russia, China, Iran, and North Korea. “We’re taking the same three-part approach: ensure there is threat intelligence, gain those insights, share that intelligence and be prepared to impose costs on an adversary when they attempt to influence our elections,” Neuberger said. 

Cyber Oregon partner blog of interest

The post Cyber News Roundup: 80% of Businesses Experienced a Cybersecurity Incident, What to Do appeared first on Cyber Oregon.

]]>