{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A big initiative from our sister publication tracks every ransomware attack against cities, governments and municipalities in the U.S. Russian hackers are piggybacking off Iran's hard work. And Facebook details a new IRA operation. This is CyberScoop for Tuesday, October 22.

You gotta see this ransomware map

Ransomware is one of the biggest threats to state and local governments, and there doesn't seem to be any slowdown in the frequency or scope of attacks. But at least we can try to understand it. <a href="https://preprod.statescoop.com/ransomware-attacks-map-state-local-government/">StateScoop’s new Ransomware Attacks Map</a> is a comprehensive look at the digital assaults that have haunted states, cities, counties and schools since 2013. Compiled from original reporting, aggregated news articles and publicly available research, the map — which will be updated regularly — is an interactive tool designed to give our readers a better view of the threat. Here it is.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Facebook tries to step up on election security

Facebook on Monday became the latest big tech company to try to do something to protect the integrity of the 2020 election. It just rolled out a security program that will offer monitoring for hacking attempts to candidates and election officials. “We will actually probably face more threats now than we faced in 2016 given that this has gotten so much attention,” CEO Mark Zuckerberg told reporters. Facebook also revealed the latest takedown of foreign disinformation campaigns, including an operation linked to Russia’s Internet Agency, the troll farm that wreaked havoc in 2016. Sean Lyngaas was on the conference call.

Don't mind if I do, thanks

Russian-linked hackers known as the Turla group have been re-using Iranian attackers’ tools and infrastructure for years now to run their own operations, according to a joint announcement Monday from the National Security Agency and the U.K.’s National Cyber Security Centre. A two-year investigation revealed that Turla, which has been linked to Russian intelligence, scanned for the presence of Iranian-built backdoors, then used them to try gaining a foothold in victim networks in at least 35 countries, largely in the Middle East, according to the NSA. The NSA and NCSC assess it is almost certain that the Iranian cyber-espionage group, OilRig, has been unaware of the Russians’ hijacking of their implants. Shannon Vavra explains.

Live from CyberScoop HQ: Patching is easier said than done.

Security updates in the world of gas and electric utilities, water treatment plants and other industrial control systems are scheduled months, sometimes years, in advance, said Selena Larson, an intelligence analyst from Dragos. Larson, speaking this morning at SNG Live, a CyberScoop event, reminded the audience that, while instant patching would be ideal in a perfect world, the process actually is cumbersome, and taking equipment offline might cost millions of dollars. She also urged the public to remember that not every emergency is the result of a cyberattack, despite the temptation to think that's the case. "The idea that people have about the Russians, or whoever, being able to flip a switch and plunge the East Coast into darkness for an inter determinate period of time is just not correct." You can watch her whole talk here.

Popular VPN discloses breach 19 months after the fact

Virtual private network provider NordVPN, which operates in more than 60 countries, was breached last year after an outsider infiltrated a Finnish data center, the firm said Monday. NordVPN said it learned in March 2018 about the intrusion, which occurred on a server that NordVPN rents from another company. The hacker leveraged an unprotected remote management system left exposed by the data center. Independent researchers on Twitter have suggested the hacker had full remote control over the affected server. "That's God mode folks," said Kenn White. Jeff Stone has the news.

Hackers go after CCleaner again

Czech software security firm Avast revealed Monday that one of its popular software-cleaning tools, CCleaner, had again been targeted by hackers. In 2017, CCleaner was backdoored by hackers allegedly working on behalf of the Chinese government in one of the more expansive supply-chain attacks in recent memory. This time, Avast says, it has taken extra measures to lock down its network after an unidentified attacker was able to gain domain-level privileges on the network.  The hackers went after CCleaner but the software was unaffected, according to Avast. The disclosure is a reminder that widely deployed software will continue to be in the crosshairs of hackers looking for bigger fish upstream. Sean explains why it's such a popular target.

Big vendors sign on to OT cybersecurity group

A group of technology vendors including ABB, Forescout, and Microsoft, have set up a consortium to build awareness of challenges in the cybersecurity of operational technology (OT), or the equipment that drives industrial processes. Industry alliances in IT security are a dime a dozen, but they are much rarer in the OT space. With a growing number of hacking groups targeting critical infrastructure, a more coordinated defense is needed, the group argued. The Operational Technology Cyber Security Alliance will focus on how to use standards to protect OT infrastructure from cyberthreats and on making the procurement and deployment of OT more secure. The goal is to develop “a technical and organizational framework – the who, what and how – for safe and secure OT,” it said. Vendor alliances in OT are even less common than in IT.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}