top of page
Donald E. Hester

Cyber Risk Update 21 APR 2023

RSA Conference Next week.


Tring out a new tool for cyber risk information sharing

Don't miss out on links not included in my weekly update. Join our Discord server to have access to items that don't make the cut and be able to quickly search by topic. Join the Local Government Cyber Watch discord server with this link https://discord.gg/fGVdJZFS (Link expires in 7 days)

  • Check out the #fun channel for cybersecurity memes!


Awareness

Data Breaches

  • Cyberattack Cost Ontario Town Around $1 Million. A cyberattack in July 2022 on St. Marys, a town in Ontario, cost around $974,000, or $1.3 million in Canadian dollars, including a ransom payment to hackers, the London Free Press reports. The town hired Deloitte to handle the payment. Hackers didn’t publish personal data stolen from the town after receiving the ransom, mayor Al Strathdee said. https://lfpress.com/news/local-news/cyberattack-cost-local-town-1-3m-including-290k-in-bitcoin-ransom

  • This is another form level of extortion. A patient suing a Pennsylvania-based hospital network over a data breach has asked a judge to force the organization to pay a ransom fee to hackers in a bid to have stolen photos of naked patients taken off the internet. People sue frequently after data beaches but it's unusual for a victim to try to compel a company to pay a ransom. A cancer patient filed the lawsuit against Lehigh Valley Health Network after learning that photos of her naked during her treatment were online. Jane Doe lawsuit asks judge to compel Lehigh Valley Health Network to pay hackers more than $5 million in a bid to have stolen photos removed from the internet. https://www.wsj.com/articles/patient-seeks-to-force-hospital-network-to-pay-hackers-ransom-to-remove-naked-photos-online-46ee754

Cybersecurity Leadership

Nation States

AI as a Threat

Critical Infrastructure

  • Cyber measures for water facilities challenged: Attorneys general in Arkansas, Iowa and Missouri are suing the U.S. government to overturn cybersecurity rules for drinking-water utilities outlined by the Environmental Protection Agency in March. The AGs said the EPA bypassed state authorities to attach cyber requirements to a federal law that otherwise isn't related to cybersecurity. https://www.cnn.com/2023/04/19/politics/water-facility-cybersecurity-regulations/index.html

Tools

  • Microsoft Teams Emergency Operations Center (TEOC) Facilitate accelerated deployment of collaboration, communication, and task management capabilities for emergency response operations through our open-source app template in Microsoft Teams. Use the services you have today to better respond tomorrow. The Microsoft Teams Emergency Operations Center solution template leverages the power of the Microsoft 365 platform to centralize incident response, information sharing and field communications using powerful services like Microsoft Lists, SharePoint, and more. An open-source solution supported by Microsoft, it provides core functionality out of the box or can be extended to meet specific agency requirements. https://adoption.microsoft.com/en-us/microsoft-teams/app-templates/emergency-operations-center/

  • “Independent Tests of Anti-Virus Software. AV-Comparatives evaluated the security efficacy of leading SASE solutions designed to address the needs of today's hybrid workforces. Palo Alto Networks Prisma Access, Cisco Umbrella and Zscaler Internet Access were each evaluated over a 6 month period. Read this detailed report to see how the solutions compare.” https://www.databreachtoday.com/whitepapers/independent-tests-anti-virus-software-w-11639

Guidance for Third-Party & Supply Chain Risk

  • VENDOR SUPPLY CHAIN RISK MANAGEMENT (SCRM) TEMPLATE “The following document is the result of a collaborative effort produced by the Cybersecurity and Infrastructure Security Agency (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force, Working Group 4 (hereinafter WG4), aimed at creating a standardized template of questions as a means to communicate ICT supply chain risk posture in a consistent way among public and private organizations of all sizes. The purpose of this assessment template is to normalize a set of questions regarding an ICT Supplier/Provider implementation and application of industry standards and best practices. This will enable both vendors and customers to communicate in a way that is more consistently understood, predictable, and actionable. These questions provide enhanced visibility and transparency into entity trust and assurance practices and assist in informed decision-making about acceptable risk exposure.” https://www.cisa.gov/sites/default/files/publications/ICTSCRMTF_Vendor-SCRM-Template_508.pdf

  • Risk Considerations for Managed Service Provider Customers. “To aid organizations in making informed Information Technology (IT) service decisions, the National Risk Management Center (NRMC) at the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) developed this set of risk considerations for Managed Service Provider customers. This framework compiles information from CISA and IT and Communications Sector partners to provide organizations with a resource to make risk-informed decisions as they determine the best solution for their unique needs. Specifically, the framework provides organizations with considerations to incorporate into their IT management planning and best practices as well as tools to reduce overall risk.” https://www.cisa.gov/sites/default/files/publications/cisa-insights_risk-considerations-for-msp-customers_508.pdf

Elections Security

  • U.S. Election Assistance Commission. Best Practices for Election Technology. The EAC published a guide prescribing effective controls for specific categories of election technology, and for all phases of the elections process. The cybersecurity of elections has never been more salient in the minds of election officials and voters. To ensure the integrity of the voting process, election officials develop procedures to monitor, detect, and recover from cyber-security incidents. There is no "one size fits all" for election security. However, election officials often use the following general best practices to enhance the overall security of election and voting system computers and electronic devices. https://www.eac.gov/sites/default/files/electionofficials/security/Best_Practices_for_Election_Technology_508.pdf

  • Each election jurisdiction is responsible for procuring, maintaining, and using their own election technology. Most jurisdictions rely on some form of paper ballot for voting, but the method used by election officials to tabulate ballots ranges from a hand count of paper ballots to the use of fully electronic systems that record a vote directly on the device. For more information about election security preparedness, see: https://www.eac.gov/election-officials/election-security-preparedness

  • Election Technology Security Measures by Equipment Type https://www.eac.gov/election-officials/election-technology-security

  • Provides cybersecurity recommendations to political campaigns, companies, and individuals to mitigate the risk of foreign influence operations targeting US elections. Cyber-attacks against political campaigns and government infrastructure. Secret funding or influence operations to help or harm a person or cause. Disinformation campaigns on social media platforms that confuse, trick, or upset the public. https://www.fbi.gov/investigate/counterintelligence/foreign-influence/protected-voices

Related Posts

See All

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
Featured Posts
Recent Posts
Posts By Category
Follow Me
  • Facebook Basic Square
  • LinkedIn Social Icon
  • Twitter Basic Square
  • YouTube Social  Icon
  • SlideShare
bottom of page