Individuals and organizations – be it public or private constantly strive towards security. As technology encompasses a significant chunk of our lives – from leisure, business, finances, productivity, and so much more, cybersecurity is deemed critical as physical security is. Pertinent data, information, and intelligence are traveling at lightning speeds from one device to another, another server to another, and someone is on the lookout to access this. Cybercriminals are opportunistic individuals or groups that try to get past the loopholes, challenging the security of existing systems and infrastructure for their gains.
Everyone goes through government agencies for certificates, licenses, taxes that can be accessed to get into more critical and classified information as bank details. This is the reason why the threat to government agencies’ cybersecurity is much greater. Instead of retrieving separate information and details from individuals, infiltrating government agencies grants access to databases of hundreds, thousands, millions of people.
To combat this threat, MS-ISAC and its Senior Intelligence Program Manager, Stacey Wright joins Justice Clearing House in this webinar. Stacey's impressive resume includes working for FBI's Cyber Intelligence, teaching graduate programs on cybersecurity, and being a national keynote speaker on Cybercrime.
She provided an overview of the nature of cyber threats, the tactics employed by cyber criminals and what government agencies can do to prevent and respond to such threats, and how to recover and protect their organizations from these.
Specific subjects covered in the discussion today include:
- What Information Sharing and Analysis Centers (ISACs) are.
- What the Multi-State Information Sharing and Analysis Center (MS-ISAC) is, and their function as designated by the Department of Homeland Security.
- The various agencies that are MS-ISAC members, the terms of MS-ISAC membership, and the benefits of being one.
- Why state, local, tribal, and territorial (SLTT) governments are critical targets of cyber attacks.
- The reason why cybercriminals are targeting you.
- Malware trends and the common types of malware that attack government agencies.
- How MC-ISAC performs network monitoring.
- The top 10 malwares detected by MC-ISAC for the month of September, and how these access devices and systems.
- What ransomware is, what it does, and how cybercriminals benefit from these.
- Methods employed to get these into our computers via malicious spam and malicious advertising.
- MC-ISAC’s recommendations on how to deal with ransomware through effective planning and preventive measures.
- The Business Email Compromise (BEC) Scam scheme and the variants utilized to infiltrate SLTT governments.
- What a BEC scam looks like, the common techniques and targets.
- Recommendations laid out by MC-ISAC when dealing with BEC scam through leadership planning, preventive tools, proper response and reaction, and educating all stakeholders.
- Data breach and hoax extortion schemes, how these are done, actual incidents and the common targets.
- How high profile events are being capitalized by cybercriminals to register domains that host cyber threats, and cases of website defacement.
- Recent Binding Operational Directives released.
- The BOD 17-01 on Kaspersky which was made in caution to keep American intelligence out of Russia, as Kaspersky founder was found to have ties with Soviet Military Intelligence Operations.
- The BOD 18-01 on email and web security that ensures security on emails to prevent spoofing and encrypts government federal websites.
- The Key Reinstallation Attacks (KRACK) that targets WiFi connection security
- The ROCA attack that makes encryption unsecured, which can have identity implications
- Measures that can easily be implemented by SLTT governments to secure their agencies that stress the importance of awareness and education, SOPs on updates/patches, back-up, and password creation, and the benefits of getting your own domain.
- The services that MS-ISAC can provide to heighten government agencies' cybersecurity.
- Quick poll questions gauged the attendee’s familiarity with cybersecurity and the topics they would be interested to deep dive on in the future.
- Questions tackled how emergency response agencies can operate if a cyber-attack shuts down their systems and the vulnerability of conference calls systems.