{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
The Navy's concerns about DJI are anything but new. New Jersey's largest hospital system paid a ransom, while New Orleans is struggling with its own incident. And U.S. election officials prep for an election field trip. This is CyberScoop for Monday, December 16.

Diving deeper on DJI

The U.S. Navy issued an internal warning in 2017 about vulnerabilities in systems made by Chinese-based drone company DJI that could allow adversaries to siphon data from devices, according to a document obtained through the Freedom of Information Act. “Overall, the system should be considered highly vulnerable in the cyber security realm and employed accordingly,” the document, obtained by the George Washington University’s National Security Archive and shared with CyberScoop, reads. In the warning, the Navy pointed out issues with the way a DJI drone communicates and sends data to a ground station. Shannon Vavra has more.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

New Jersey’s largest hospital chain pays ransomware

Hackensack Meridian Health, based in Edison, New Jersey, said Dec. 13 it was working to restore its computer systems following a Dec. 2 ransomware attack that forced administrators to cancel roughly 100 elective medical procedures. The nonprofit, which operates 17 clinics and hospitals, cautioned that no patients were harmed as a result of the attack. It did not say how much it paid ransomware attackers to unlock medical systems. Jeff Stone has more details.

Meanwhile, in New Orleans...

A cyberattack last week against the New Orleans city government likely involved the ransomware known as Ryuk, based on affected files shared on the malware-analysis website VirusTotal. City officials acknowledged the attack late Friday, when they declared a state of emergency and shut down more than 4,000 computers and servers across the government. New Orleans’ official websites remained offline through this morning, and several more services were still affected. Municipal courthouses were closed Monday, and the city’s Healthcare for the Homeless service was unable to see patients because workers cannot access electronic health files, according to Mayor LaToya Cantrell’s office. Emergency services, including the city’s 911 line, were mostly unaffected, but some agencies have opened Gmail accounts to handle non-emergency requests while the city’s email server is offline. StateScoop's Benjamin Freed is on the case.

A different kind of pain at the pump

Cybercriminal groups are actively exploiting vulnerabilities at point-of-sale systems at gas stations to steal credit card information, Visa said in a December fraud alert. The scam, which seems only to impact cards that require a signature, rather than chip-and-PIN cards, exploits a lack of security around cards' magnetic stripes. Thieves appear to be intercepting that data, which is sent unencrypted, from payment machines to vendors' networks. There's not much customers can do about it other than read about the main suspect, which is a group called FIN8 that's been trying to steal cash for years. Here's the full advisory.

U.S. election officials are taking a field trip

A bipartisan group of secretaries of state is in Israel this week to discuss cybersecurity and election security with Israeli officials. The group of state officials, which includes Iowa's Paul Pate, president of the National Association of Secretaries of State, will meet with Israel’s National Cyber Directorate, the country’s main civilian cyberdefense agency. “My fellow secretaries and I are excited to partner with [American Jewish Committee’s] Project Interchange to not only relay our important work to the region, but also learn from their leaders and compare notes,” Pate said in a statement. Details here.

ICYMI: Senior DHS election official heads to Google

Jeanette Manfra, the Department of Homeland Security's most senior official focused exclusively on cybersecurity, is heading to Google’s cloud division in January, CyberScoop was first to report last week. Manfra will work as the global director of security and compliance as part of a new team looking to bolster security at Google Cloud customers. She will join multiple other former U.S. cybersecurity officials who are now at Google, including Kate Charlet, a former senior Pentagon cyber official, and Daniel Prieto, a former White House official in the Obama administration. Sean Lyngaas had the scoop.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}