Pete Recommends – Weekly highlights on cyber security issues, April 4, 2021

Subject: New York Is First State With Vaccination Proof App
Source: USA Today via Newser
https://www.newser.com/story/304184/new-york-app-to-document-vaccinations.html

(Newser) – New Yorkers can now get an app that will display a code documenting that they can safely enter events. The Excelsior Pass, which also can be carried on a printout, will serve as proof that the bearer recently has tested negative for the coronavirus or has been vaccinated, USA Today reports. The code will be accepted at scores of arts and entertainment venues, including arenas. Gov. Andrew Cuomo has supported development of the app, and the state is making it available free. It’s possible that some places will ask to see a photo ID, as well. The venue will scan the customer’s QR code, producing a green check or a red X. It’s the first such statewide certification program in the nation.

Subject: Mitigating Insider Threats Within U.S. Critical Infrastructure
Source: Homeland Security Digital Library
https://www.hsdl.org/c/mitigating-insider-threats-within-u-s-critical-infrastructure/

The National Counterintelligence and Security Center of the Office of the Director of National Intelligence has released Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence PerspectiveThis document highlights the importance of mitigating insider threats within U.S. critical infrastructure entities to meet the expanding nature of threats from foreign state and non-state actors. The National Insider Threat Task Force (NITTF) has produced standards to assist organizations in building an effective insider threat program. The model is focused on human behaviors and seeks to identify irregular behavior before significant damage occurs to the organization. “Improving ways to mitigate such threats is in the national interest and in the interests of individual organizations.”…

For more information, check out Featured Topics on Cyber Crime & National Security and Cyber Infrastructure Protection. Please note an HSDL login is required to view some of these resources.


Subject: Five Tech Commandments to a Safer Digital Life
Source: NYT via beSpacific
https://www.bespacific.com/five-tech-commandments-to-a-safer-digital-life/
The New York Times – We can survive a world of ever-changing tech if we remember these principles. “…Vijay Balasubramaniyan, the chief executive of Pindrop, a security firm that develops technology to detect fraudulent phone calls, said we should always remember that any piece of our identity we post online could eventually be used by fraudsters to hijack our online accounts. “Your digital identity, which comprises all your pictures, videos and audio, is going to fundamentally allow hackers to create a complete persona of you that looks exactly like you, without you being in the picture,” he said. So here are some of the most important guidelines — like strengthening passwords and minimizing the data shared by your phone camera — to keep you and your loved ones safe for the foreseeable future. I refer to these as the five tech commandments in the hope that you will remember them as if they were gospel…”


Abstracted from beSpacific
from NYT


Subject: NIST framework focuses on election cybersecurity
Source: FCW
https://fcw.com/articles/2021/03/29/nist-election-cyber-frame.aspx

The National Institute of Standards and Technology on Monday published a draft framework to help local election officials prepare for and respond to cyber threats.The framework takes NIST’s pre-existing cybersecurity best practices and applies them to election infrastructure such as polling places, voter registration databases and voting machines.

“The guide can help these officials reduce the risk of disruptions to the major tasks they must perform in the process of an election,” according to NIST. “These range from the immediate concerns of an election day, such as vote processing or communicating the details of a problem or crisis, to longer-term efforts, like maintaining election and voter registration systems.”

The new draft framework is the first time NIST has combined election security and cybersecurity in one of its playbooks, according to one of the authors.

A declassified assessment of the 2020 elections by the intelligence community concluded that foreign adversaries for the most part did not attempt to meddle by hacking, but rather through influence campaigns.v


Subject: National Weather Service Digital Infrastructure Is a Disaster
Source: Gizmodo
https://earther.gizmodo.com/the-national-weather-service-s-digital-infrastructure-i-1846584558

The National Weather Service experienced multiple outages of major systems on Tuesday, taking its public-facing meteorological forecasts system (as well as storm warnings) offline and hindering access for its own weather experts.The NWS serves a critical public safety function, as it and its regional offices are the nation’s most authoritative sources on weather and other climate emergencies like the tornadoes and floods that have done damage across the South this spring. This mission couldn’t be more important in an era where a changing climate threatens to wreak havoc in ways that can’t be adequately anticipated or prepared for without the federal support NWS provides. It’s yet another warning that one of the nation’s most important pieces of infrastructure is being neglected.

The NWS central operations center issued a statement at around 5:11 a.m. ET saying service disruptions included downed websites, a malfunctioning agency chat service, and forecast office network outages “impacting product dissemination and data reception.” After the National Weather Prediction Service announced in the early hours of Tuesday morning it wasn’t able to back up rainfall forecasts, WHNT reported, the Storm Prediction Center attempted to take up the slack but was unable to do so due to its own technical problems.

The NWS has repeatedly promised to fix faltering digital infrastructure for years—although it apparently hasn’t. Four years of negligence under former President Donald Trump probably hasn’t helped, though the issues predate his arrival in the Oval Office by years.

Make sure you browse https://www.nco.ncep.noaa.gov/status/messages/


Subject: Biometric Technologies and Global Security
Source: CRS In Focus via beSpacific
https://www.bespacific.com/crs-biometric-technologies-and-global-security/

CRS In Focus – Biometric Technologies and Global Security March 30, 2021: “Biometric technologies use unique biological or behavioral attributes—such as DNA, fingerprints, cardiac signatures, voice or gait patterns, and facial or ocular measurements—to authenticate an individual’s identity. Although biometric technologies have been in use for decades, recent advances in artificial intelligence (AI) and Big Data analytics have expanded their application. As these technologies continue to mature and proliferate, largely driven by advances in the commercial sector, they will likely hold growing implications for congressional oversight, civil liberties, U.S. defense authorizations and appropriations, military and intelligence concepts of operations, and the future of war…”

Subject: University Data Leaked in Accellion Hack
Source: Gizmodo
https://gizmodo.com/universities-across-the-country-are-being-swept-up-in-a-1846602529

A number of prominent U.S. colleges have become the newest, unlucky recipients of a cybersecurity migraine currently affecting dozens of organizations all over the world.You may have heard something about Accellion—the global cloud provider whose secure-file transfer product (called FTA) was beset by a hacking campaign back in December. If you haven’t heard about it, you can read a recent run-down of the whole trainwreck here. All you really need to know, though, is that a lot of organizations previously used Accellion’s FTA product to store and share data, it had big security flaws, and a pitiless hacker gang decided to exploit those flaws to steal data from dozens of organizations, including—apparently—schools.

Yes, about half a dozen universities recently announced that they had been swept up in the hack. Now, those schools also appear to have had some of their data leaked online by the hackers—in an apparent bid to get them to pay the criminals’ ransom.

On the hacker’s leak site, Gizmodo can confirm that data allegedly stolen from a number of the schools has been posted and is publicly visible. In some cases, it includes what appears to be student or employee names, social security numbers, phone numbers and addresses, and even a transcript, in one case.


Subject: Supreme Court Sides With Facebook Over Unwanted Automated Texts
Source: Consumer Reports
https://www.consumerreports.org/robocalls/supreme-court-sides-with-facebook-over-unwanted-automated-texts/

Facebook had argued that the Telephone Consumer Protection Act of 1991 was never intended to stop automated calls and texts from being sent unless the phone numbers were either chosen randomly or were sent in numerical sequence. Facebook says the ruling will allow it to continue sending targeted security notifications to protect user accounts.

But consumer advocates say the case is about more than security notifications. They argue that if robocallers are not covered under the law, there would be nothing to stop them from sending out a potentially unlimited stream of automated recorded calls and texts to consumers’ cell phones.

Oddly, in the end, the ruling came down to grammar more than anything.


Subject: Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach
Source: CNNPolitics
https://www.cnn.com/2021/04/02/politics/russian-hackers-target-us-cyber-hunters-solarwinds/index.html

Washington (CNN) – After infiltrating US government computer networks early last year as part of the SolarWinds data breach, Russian hackers then turned their attention to the very people whose job was to track them down.
Over the course of a few months, as US officials remained unaware of the breach, hackers identified a handful of key cyber security officials and analysts who would be among the first to respond once the hack was detected, so-called ‘threat hunters,’ and attempted to access their email accounts, according to two sources familiar with the matter.
While it is unclear if any of those accounts were compromised, sources say the fact that the hackers knew which working-level cybersecurity analysts at the Department of Homeland Security to go after suggests they were able to develop a much deeper understanding of US cyberdefenses than was previously known.

“It appears as if the Russian SolarWinds hackers possess granular information on personnel and who among them is likely to be involved in investigating the SolarWinds hack,” said Cedric Leighton, a former NSA official and CNN military analyst. “This could mean that networks have been penetrated to a degree we’ve not known before. If that’s true, we need a complete housecleaning of all our defensive cyberoperations.”

After the hack, senior staff at DHS headquarters received new phones, a former department official told CNN, indicating the impact was significant at DHS.

Subject: Electric Cars, Smart Refrigerators Pose Cyber Risk To US Utilities, GAO Finds
Source: Nextgov
https://www.nextgov.com/cybersecurity/2021/04/electric-cars-smart-refrigerators-pose-cyber-risk-us-utilities-gao-finds/173108/

The risks aren’t well understood by researchers, in part because of local and state control of electrical utilities.Electric vehicles and internet-connected home appliances are making the electrical grid more vulnerable to cyber attacks — and even the Department of Energy doesn’t know how bad the problem is, according to a March report from the Government Accountability Office, or GAO.

While cybersecurity researchers have for years warned of insecurity in internet-of-things devices, GAO says these devices could threaten energy distribution systems: the portions of the electrical grid that deliver electricity to homes and businesses. These systems are usually managed by states or local governments while the devices are controlled by consumers. Therein lies part of the problem.

But the vulnerabilities of local utilities may threaten entire state or regional grids. “Officials from another national laboratory said the extent to which the bulk power system is susceptible to disruption from attacks on distribution systems is unclear. For instance, they told us that the scale of potential impacts on the bulk power system from a cyberattack on the grid’s distribution systems is not well understood,” the report said.

filed

Posted in: AI, Congress, CRS Reports, Cybercrime, Cybersecurity, Education, Government Resources, Healthcare, Legislative, Privacy, Social Media, Spyware, Technology Trends, United States Law