A majority of our lives are now online whether we sign up for it or not. Public records for one, are now available digitally or stored digitally by the public agencies at least. All of these information are at risk of getting at the hands of cyber attackers who would take any opportunity to inconvenience others for their benefit.
Back for the Spring 2019 edition of the Cyber Threat Landscape Update is Stacey A. Wright. Stacey is no stranger to the Justice Clearinghouse having delivered these regular updates and other cyber-awareness courses. Stacey is currently the Director of Partnerships at the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure ISAC (EI-ISAC), which are part of the non-profit Center for Internet Security (CIS).
On this webinar, Stacey provides updates discussing threats and solutions around the most common cyber-attacks encountered by state, local, tribal and territorial governments in the most recent months. Some of the things included in this update are:
- An overview of MS-ISAC and EI-ISAC, their roles and the membership.
- A month on month look at the top malware trends since 2017 and how the trends help determine the type of support and protection to employ for the SLTT governments.
- A look into the top malwares, malware notifications, and malware initiation vectors so far for 2019.
- Top malware notifications of outdated software reported and how these unpatched softwares provide attackers an easy way into computers and systems.
- Top malware initiation vectors
- Dropped malware has increased as seen in Emotet.
- Malvertisements came back to the list from dormancy since early 2018.
- Multiple, malspam and network still seen trying to get into networks.
- The modular, polymorphic and persistent characteristics of Emotet that makes it one of the most destructive pieces of malware that have been proven in past experiences to be highly infectious, difficult and costly to combat.
- The keylogger Zeus that records keystrokes often going for banking/finance information.
- Trickbot, a modular banking trojan similar to Emotet that drops other malwares and goes after financial information through redirection attack or server side injection.
- Ransomware that blocks access to a system, device or file until a ransom is paid.
- The different types of ransomware.
- Zeroing-in on WannaCry – the top malware for Q1 2019, assessing the damage and losses it inflicts on government entities.
- The importance of maintaining frequent and complete backup, and if possible, offline and offsite backups as well.
- Identified data breaches including those caused by misconfigured servers.
- Business Email Compromise (BEC) scams that target an institution’s HR, purchasing department, executives, and vendors to take advantage of for potential financial gains.
- The use of fraudulent software licenses that makes the system or device vulnerable due to missing patches.
- Doxing law enforcement officers involved in controversial cases.
- Guidelines to prevent and recover from cyber-attacks plus services and privileges offered by CIS.
- Stacey clarified the concerns raised by the attendees concerning:
- How a Virtual Private Network (VPN) provides security.
- Not allowing browsers to remember passwords.
- What defensive software is and their types.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is the focal point for cyber threat prevention, protection, response and recovery for the nation’s state, local, tribal, and territorial (SLTT) governments. MS-ISAC membership is free for all SLTT governments as the MS-ISAC is funded by the U.S. Department of Homeland Security (DHS). To join MS-ISAC please fill out the application and mention you heard about them through the Justice Clearinghouse.
- “I was amazed at the top 10 malware entities. I had only heard of 1 or 2. It is so scary. Good reminder of how to help protect one’s self with Patching and use of defensive software; thanks, Stacey!” — Pam
- “[The webinar covered] various cyber threats and increases. Never knew they could attack handheld radios!” — Kathleen
- “The update is always informative about what is the current highest risk issues. I am interested in becoming more technically knowledgeable, although the foot-work is likely to be handled by others.” — Michelle