Cyber Connections News Roundup: April 7

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

April 7, 2020

Cybersecurity and the Coronavirus: Is there a Silver Lining?

In a recent opinion piece on www.stripes.com, Jesse Varsalone, associate professor of Computer Networks and Cybersecurity at University of Maryland Global Campus, asks whether today’s pandemic might offer us an opportunity to take steps toward a larger solution to the nation’s cybersecurity challenges. “We now know we must always be on the offensive to prepare for and protect against the next crisis,” he said. “Hospitals will plan for greater capacity. Schools at all levels — K-12 through university — now understand that they must be able to “go virtual” overnight so that learning is not disrupted. And companies will be ready for an increase in telework with security controls already in place.” Read more.

Spread of Coronavirus Raises Data Privacy Concerns

A recent article on www.fedscoop.com highlights the privacy concerns that the response to the coronavirus pandemic has raised. The outbreak has put tech and telecom companies in a position where they can disclose, without individuals’ consent, large amounts of data about them to the federal government. The Stored Communications Act, for example, includes emergency exceptions permitting companies’ release of personal data for government experimentation. The spread of the coronavirus could see data shared at an unprecedented scale. Read more.

More States to Expand Mobile Voting Against Cybersecurity Concerns

According to an article on www.washingtonpost.com, a number of states are planning to dramatically expand their use of mobile voting in response to the coronavirus pandemic – even as cybersecurity experts warn such systems are unproven and too vulnerable to hacking. West Virginia became the first to try statewide mobile voting for military and overseas voters in 2018 and has already announced it will expand to voters with disabilities during its upcoming primary June 9. Cybersecurity experts have warned that mobile voting lacks basic protections to ensure votes haven’t been manipulated by hackers. Read more.

Zoom Takes Front and Center During Move to Online Learning

Some school districts around the country have started to ban the use of Zoom for online learning from home during the coronavirus crisis because of growing concerns about security, according to a recent report on www.washingtonpost.com. But in addition to the widely reported security issues, the FBI has issued a warning to the public about the “hijacking” of online classrooms and teleconferences, according to an article on www.edscoop.com. “Zoombombing” doesn’t exploit software vulnerabilities in the Zoom platform, but instead takes advantage of faculty’s inexperience with the tool by taking control of calls using Zoom’s screen-sharing function. Read more.

Women Make Gains in Cybersecurity Workforce but Lag in Leadership Positions

An article on http://securityboulevard.com, citing the 2019 Women in Cybersecurity Study, reports that women now represent 24% of the total cybersecurity workforce, up from 11% in 2017. However, when it comes to holding leadership positions in cybersecurity, the number is significantly smaller, according to several female executives interviewed for the article. Lisa Plaggemier, chief strategist at MediaPRO, suggested, “It’s because we don’t raise our hands. We wait until we’re 100% ready to take a leadership role before we apply or make our desires known.” Read more.

Cyber Connections News Roundup: March 24

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

March 24, 2020

Bipartisan Committee Delivers Cybersecurity Roadmap

According to a recent report on www.securityboulevard.com, on March 11 the Cybersecurity Solarium Commission, a bipartisan committee, released a new U.S. strategy that outlines steps to reshape the U.S.’s approach to cybersecurity and prepare for resiliency and response before a major cyber incident occurs. The report focuses on action, featuring numerous recommendations addressing organizational, policy, and technical issues. A concluding appendix features draft bills that Congress can rapidly act upon to put these ideas into practice and make America more secure. Read more.

Cybersecurity Risks Increase as More Employees and Students Go Online

A recent article on www.theatlantavoice.com highlights how the dramatic expansion of teleworking by U.S. schools, businesses and government agencies in response to the Coronavirus is raising questions about the capacity and security of the tools many Americans use to connect to vital workplace systems and data. As citizens increasingly log on from home, they are melding their personal technology with professional tools at unprecedented scale. Employers, already concerned about capacity, must now also address the issue of people introducing new potential vulnerabilities into their routines. Read more.

Cybersecurity Experts Band Together to Protect Hospitals

According to an article on www.cyberscoop.com, a recent attack on a hospital inspired experts in the infosec community to get involved. After a cyber attack on a Czech hospital last week, cybersecurity professionals from companies in Israel, Europe and North America banded together in their spare time to send threat data to medical organizations to protect them from hackers trying to exploit the COVID-19 crisis. “If anyone is sick enough to use this global crisis to conduct cyber attacks, we need to try to stop them,” said Ohad Zaidenberg, an Israel-based cyber threat researcher. Zaidenberg assembled the ad-hoc group of around 70 malware hunters to gather data on COVID-19-related hacking. Read more.

Can AI Bridge the Cybersecurity Skills Gap?

A recent article on https://analyticsindiamag.com considers artificial intelligence can be the cure to our cybersecurity challenges, or will it make the skills gap even worse with the changing landscape? The 2019/2020 Official Annual Cybersecurity Jobs Report sponsored by Herjavec Group estimates that there will be 3.5 million unfilled cybersecurity jobs globally by the year 2021. AI could serve as an effective way to streamline the identification, analysis, investigation, and prioritization of security alerts. Through the use of AI and analytics techniques, businesses can also create supervised learning, graph analytics, and reasoning processes, along with leveraging the power of AI to automate the data-mining process. Read more.

HHS Adopts a “People Centric” Approach to Cybersecurity

According to a recent article on https://federalnewsnetwork.com, the National Institutes of Health is taking a “people-centric approach” to protecting one of the largest government bureaucracies. Through its Optimize IT Security effort, one of eight programs launched throughout Department of Health and Human Services to increase the efficiency and effectiveness of its operations, NIH aims to empower employees with the information they need to identify suspicious behavior, such as phishing emails, and make employees feel comfortable reporting these anomalous activities to cyber personnel. NIH has identified 13 different user groups across the enterprise with access its networks, and is tailoring cyber-awareness approaches to positions such as clinicians, researchers, scientists and emergency management personnel. Read more.

Cyber Connections News Roundup: March 10

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

March 10, 2020

UMGC Faculty Weigh in on the Challenge of Protecting Health Data Privacy

In a recent article on www.medicaltechnologyschools.com, faculty experts from University of Maryland Global Campus (UMGC) offered their insights into the relationship between health data and privacy, namely that with further IoT integration, the problem may be exacerbated. According to Dr. Mohammad Bajwa, program chair of the health informatics administration program at UMGC, “The security question is baked into the tech itself, as each individual device in the IoT becomes a potential point of vulnerability.” James Robertson, program director of Cyber DevOps at UMGC added, “With the right design and implementation, IoT can mitigate data interoperability and data privacy issues.” Read more.

FDA Warns of Potential Cybersecurity Risk in Certain Medical Devices

According to a March 3 news release from the Food and Drug Administration, a new set of cybersecurity vulnerabilities, referred to as “SweynTooth,” may pose a risk to certain medical devices using the wireless communication technology known as Bluetooth Low Energy (BLE). BLE allows two devices to “pair” and exchange information to perform their intended functions while preserving battery life and can be found in medical devices as well as other devices, such as consumer wearables and Internet of Things (IoT) devices. These cybersecurity vulnerabilities may allow an unauthorized user to wirelessly crash the device, stop it from working, or access device functions normally only available to the authorized user. Read more.

Experts Sound the Alarm On 5G Security

A recent article on www.techtarget.com argues that regulation and strong proactive measures are necessary to protect 5G networks from cyber attacks, and that the responsibility falls on businesses and governments. As manufacturers such as Nokia, Samsung, and Cisco continue to develop, or plan to develop, 5G enterprise solutions, devices in the workplace already operating on a 5G network, and using IoT devices without a private 5G network or adequate technical knowledge could put organizations’ and their employees’ privacy at risk. Read more.

Rollout of Online Census Questionnaire Raises Fear of Cyber Threats

Beginning on March 12, households will participate in the once-a-decade national census by visiting www.my2020census.gov to complete the online questionnaire. According to a recent report on www.npr.com, the Census Bureau is expecting about six out of 10 households to fill out the form online. But the planned public debut for the online census form comes amidst heightened concerns about cybersecurity risks. Lawmakers fear that a problem with the upcoming digital rollout could undermine public trust in data that carry at least a decade’s worth of implications across the U.S. Read more.

First Open Source Messaging Framework for Security Tools Launched

According to an article on www.zdnet.com, on Feb. 24, the Open Cybersecurity Alliance (OCA), a consortium of cybersecurity vendors including IBM, Crowdstrike, and McAfee announced OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common messaging framework. OpenDXL Ontology aims to create a common language between cybersecurity tools and systems by removing the need for custom integrations between products that can be most effective when communicating with each other, such as endpoint systems, firewalls, and behavior monitors, but suffer from fragmentation and vendor-specific architecture. Read more.

Cyber Connections News Roundup: Feb. 25

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

February 25, 2020

Data Science Tools Are Helping Cybersecurity Teams Identify Threat Patterns

A recent article on www.ciodive.com offers insight into the trend of using data science tools to help security operation centers (SOCs) identify attack patterns and increase the chances of detecting threats. The trend is driven by the increase of cheap computing power afforded by the cloud, and the need for more sophisticated defenses against breaches. SOCs are using data science tools to enhance the speed and accuracy with which companies can identify threat patterns and where they lie. Read more.

Recent Ransomware Attack on Natural Gas Facility Serves as Warning to Industrial Companies

An article on www.cyberscoop.com reports that the Department of Homeland Security’s cybersecurity agency recently responded to a ransomware attack on a natural gas compression facility that led the organization to shut down its operations for two days. Hackers were able to encrypt data on the unnamed facility’s IT and “operational technology” network, a broad term for a network that oversees industrial processes. As a result, the facility shut down its various assets, including its pipelines, for two days, because it was longer able to read data coming from across its enterprise. Read more.

Accenture’s Upstream Oil and Gas Digital Trends Survey Results Demonstrate Emphasis on Cybersecurity

In related news, the oil and gas sector is investing aggressively in cybersecurity in an effort to protect assets and reputations, according to the recently released results of Accenture’s 2019 Upstream Oil and Gas Digital Trends Survey. In the global survey of 255 industry professionals, cybersecurity emerged as companies’ top investment focus, and the technology driving the greatest impact on business performance. The survey was conducted in early 2019 but the results were only published this month. “As oil companies’ operations come under increasing threat, cyber resilience becomes more important to stakeholders, consumers and government,” said Rich Holsman, a managing director at Accenture who leads the digital practice in the company’s Resources operating group. Read more.

Will the 2020 Census Be the Next Big Target for Hackers?

An article on www.washingtonpost.com details how lawmakers are growing concerned about hacking dangers targeting the 2020 Census after a watchdog detailed a number of cybersecurity challenges that should have been addresses already. A report released by the Government Accountability Office warns that the hacking danger could be compounded by social media misinformation spread by U.S. adversaries or pranksters falsely claiming that census data is corrupted or the count is rigged. Read more.

Tripwire Survey Sheds Light What Companies Are Doing to Bridge the Cybersecurity Skills Gap

Cybersecurity firm Tripwire recently announced the results a survey that examined how organizations and security pros are experiencing skills gap issues. The survey findings, based on the responses from 342 security professionals, revealed that 83 percent of respondents feel more overworked going into 2020 than they were in 2019. Moreover, according to the survey, 85 percent of respondents acknowledged that it became more difficult over the past few years to hire skilled cybersecurity professionals. Around 46 percent stated that they plan to use more managed services in 2020, and more than 50 percent of respondents said they will invest more cybersecurity training for their staff. Read more.

Cyber Connections News Roundup: Feb. 11

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

February 11, 2020

Iowa Caucuses Fall Victim to Faulty App

A recent article on www.ecommercetimes.com laid out the issues involved in the coding error an app used to count vote totals in the Democratic caucuses in Iowa delayed the release of final tallies. Although the data collected by the app was sound, it was reporting only a portion of that data to party headquarters due a coding issue with its reporting system, the party explained in a statement. As it turned out, the app, developed by Shadow, a company that builds political tools and platforms, was reporting only a portion of data to party headquarters due to the coding issue. It appears that the app was rushed to market without adequate testing. Bruce deGrazia, program chair for cybersecurity management and policy at the University of Maryland Global Campus in Adelphi, Maryland, quoted in the article, said, “It was tested for two months. It should have been tested for far longer than that.” He added, “You don’t bring something like this out in the middle of an election cycle.” Read more.

Pentagon Rolls Out New Cybersecurity Standards

The U.S. Department of Defense (DoD) recently published a new set of cybersecurity standards, known as the Cybersecurity Maturity Model Certification (CMMC) version 1.0, according to a recent article on www.cisomag.com. The new standards will require defense companies to adhere to a set of rules and mandates in order to do business with the DoD. The CMMC standards specify five different cybersecurity levels ranging from basic cyber hygiene requirements to detailed lists of security controls. Read more.

CISA Lacks Election Security Readiness, According to GAO Report

A recent article on www.cyberscoop.com sounds the alarm on election security, notably that the Cybersecurity and Infrastructure Security Agency (CISA), which provides state and local election officials with federal assistance, education and information sharing about how to safeguard U.S. voting infrastructure from possible interference has not created a clear plan to respond to possible Election Day security incidents. According to a recent Government Accountability Office (GAO) report, despite three years of work meant to improve security, CISA still is not well positioned to execute a nationwide strategy for securing election infrastructure prior to the start of the 2020 election cycle. Read more.

Cyber Criminals Are Taking Advantage of the Coronavirus to Spread Malware

A recent article on www.securitymagazine.com reports that cyber criminals are taking advantage of the coronavirus outbreak, and using it to spread malware. According to a new report by IBM X-Force Exchange, the practice of leveraging worldwide events by basing malicious emails on current important topics is common among cyber criminals. X-Force discovered the first campaign of this type, in which the outbreak of a biological virus is used as a means to distribute a computer virus. The emails appear to be sent by a disability welfare service provider in Japan, says IBM. The text briefly states that there have been reports of coronavirus patients in the Gifu prefecture in Japan and urges the reader to view the attached document. Read more.

Insider Threats Costing Companies Over $11 Million Annually

Proofpoint, Inc., a cybersecurity and compliance company, recently released Cost of Insider Threats 2020 Global Report, which identifies the costs and trends associated with negligent, compromised, and malicious insiders. The study found that, on average, impacted organizations spent $11.45 million annually on overall insider threat remediation and took 77 days to contain each incident. The report, commissioned with The Ponemon Institute and co-sponsored by IBM, surveyed nearly 1,000 IT and IT security practitioners across North America, Europe, Middle East, Africa, and Asia-Pacific. Read more.

 

Cyber Connections News Roundup: Jan. 28

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

January 28, 2020

Measuring Artificial Intelligence-Based Cybersecurity Readiness

A recent article on www.entrepreneur.com offers a look at how enterprises today can measure their readiness for adoption and implementation of artificial intelligence-based cybersecurity solutions. Because AI in the area of cybersecurity is relatively new, many organizations are hesitant to adopt it for their enterprises. As AI-based cybersecurity begins to pay dividends for some, it is wise to understand some parameters that can help gauge whether or not to make the leap into adoption. Read more.

Three Arrested in Indonesia for Magecart Attack

According to a report on www.cyberscoop.com, police in Indonesia have arrested three men accused of inserting malicious code into e-commerce websites to steal shoppers’ payment data, an emerging hacking technique known as a Magecart-style attack. Interpol announced on Jan. 27 it coordinated a law enforcement operation that identified hundreds of websites that had been infected with malicious software used to collect customers’ financial data and personal details. The Magecart attack relies on a malicious tool that attacks the JavaScript programming language, the digital equivalent of a “smash-and-grab robbery.” Read more.

A Rise in Crypto Wars Predicted at Word Economic Forum

A blog post on www.weforum.org, as part of the World Economic Forum’s annual meeting, predicts that more data will be created and collected than ever before, making policy attempts to protect this data more urgent. Data borders will continue to be drawn. As a result, crypto wars will proliferate as tech companies increasingly find it difficult to resist government calls for back doors to their systems. Moreover, as internet users increase in emerging economies the same challenges of disinformation and cyber attacks experienced in more cyber-advanced countries will occur, the article predicts. Read more.

Bezos Hack Signals Rise in Commercial Tools

An article on www.washingtonpost.com offers the Saudi hacking campaign (thought to have been orchestrated by the Saudi Crown Prince Mohammed bin Salman in 2018) compromised the cellphone of Amazon founder and Washington Post owner Jeff Bezos as an example of how even someone of Bezos’s stature can be hacked with off-the-shelf tools. The escalation in the way nations use commercial hacking tools is fueling calls from officials and experts to ban the international sale of spyware, according to the article. Read more.

Senate Bill Would Require State Cybersecurity Coordinators

According to a recent article on www.scmagazine.com, bipartisan legislation introduced in the Senate on January 17 would create a federal program to bolster response to cyber attacks in states by installing cybersecurity coordinators. Under the Cybersecurity State Coordinator Act, sponsored by Sens. Maggie Hassan, D-N.H., Gary Peters, D-Mich., John Cornyn, R-Texas and Rob Portman, R-Ohio, the program would fall under the umbrella of the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and would facilitate threat information-sharing as well as boost coordination between state and federal governments. Read more.

Cyber Connections News Roundup: December 31

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

December 31, 2019

UMGC Cyber Faculty Members’ Predictions for 2020

Cybersecurity faculty members of University of Maryland Global Campus offer their top five trends and predictions for the New Year. As we head into a new decade in the 21st century, one prediction is almost certain. The sophistication and number of cyber attacks perpetrated globally most likely will rise, but some questions remain. Will attackers focus on emerging technologies like artificial intelligence and cloud computing? Will new attack vectors proliferate, replacing the tried and true methods? Read more.

Heading into 2020, Women Still Face Roadblocks in Cybersecurity

A recent podcast on www.threatpost.com examines the challenges and opportunities that women face in the cybersecurity landscape. As the tech industry faces challenges around diversity in general, women are still particularly underrepresented. Threat Post recently sat down with Jessica LaBouve, a pen tester with A-LIGN, to discuss the personal challenges she’s faced in the cybersecurity industry and the opportunities in the space that she sees for improvement. Read more.

U.S. Navy Bans TikTok for Fear of Cybersecurity Threats

According to a recent article on www.digitalmusicnews.com, The United States Navy has issued a blanket ban on the Chinese-owned social media app, TikTok, saying the app may present a cybersecurity threat to service members. A bulletin issued by the Navy said government-issued mobile devices with TikTok installed would be blocked from the Navy Marine Corps Intranet. However, the bulletin did not describe what threat the app may represent. The app is currently part of an ongoing U.S. investigation, despite being popular among teenagers. Read more.

Cino Launches Cybersecurity Program for Hotel Guests

The Marriott International data breach of 2018 highlighted just how vulnerable hotels are to cyber attacks. In response, Cino, a full-service risk management, cybersecurity and training company, has launched a new product designed to protect hotel guests’ personal data from cyber criminals, according to an article on www.hotelmanagement.net. The product, Cyber Safe Travel, is powered by StrikeForce Technology’s military-grade technology. It provides protection for hotel guests’ mobile devices using keystroke encryption, advanced login breach protection and sophisticated screen scraper technologies. In addition, Cyber Safe Travel has a click-jacking attack-warning feature to help mitigate cyber threats. The product was first introduced at the October meeting of the Hotel Financial and Technology Professionals, New York Chapter. Read more.

Cybersecurity for Rural Communities Is Often Neglected

An article on www.arcweb.com points out that while attacks on large U.S. cities have had significant financial and operational impact, these same kinds of attacks, on a much smaller scale, can have a much more significant impact on smaller, more rural communities.  The August 2019 malware attack on 22 Texas communities is a recent example of this. Rural communities often lack the proactive planning and infrastructure to mitigate the damage caused by these threats. In the case of the Texas attacks, many business and financial functions of the communities affected were paralyzed. The article takes an in-depth look at how these communities responded and what must be done in the future to prevent these attacks. Read more.

 

Five Cybersecurity Trends to Watch Out for in 2020

Cybersecurity faculty members of University of Maryland Global Campus offer their top five trends and predictions for the New Year.

As we head into a new decade in the 21st century, one prediction is almost certain. The sophistication and number of cyber attacks perpetrated globally most likely will rise, but some questions remain. Will attackers focus on emerging technologies like artificial intelligence and cloud computing? Will new attack vectors proliferate, replacing the tried and true methods?

Arguably, the greatest challenge in the cybersecurity space for 2020 and beyond will be closing the workforce gap and maintaining a pipeline of skilled cybersecurity experts who are equipped with the tools, skills and leadership experience necessary to combat an ever-changing threat landscape. According to CyberSeek, the US faced a shortfall of almost 314,000 cybersecurity professionals as of January 2019. A recent Frost & Sullivan report predicts that by 2022 the global cybersecurity workforce shortage will reach upwards of 1.8 million unfilled positions.

Two significant developments in 2019 foresee a big year for us UMGC, too. First, effective July 1, 2019, we changed our name from University of Maryland University College to University of Maryland Global Campus to better communicate our status as a respected state university that brings higher education to working adults no matter where life takes them. Second, with an eye on the future, University of Maryland Global Campus has, through a recent realignment, created a School of Cybersecurity and Information Technology, which will further solidify our leadership role in addressing a rapidly changing menu of competencies and skills needed to work in cybersecurity.

From the faculty of the School of Cybersecurtiy and Information Technology, here are our top five cybersecurity trends we think will impact businesses and consumers in 2020:

  1. Artificial Intelligence (AI) will continue to gain popularity.AI is being touted as a possible solution to many human-centric needs, including more accessible healthcare to national security in the form of military robots.  In 2020 AI will use object detection algorithms to improve neural networks so that they are robust and large scale. By improving the neural networks, AI will become more mainstream, applying algorithms to efficiently process large volumes of data to produce results that improve human lives and enterprise operations.
  2. AI tools will both benefit and hinder cybersecurity. Piggy backing on the gaining popularity of AT, as companies continue to launch easy-to-use artificial intelligence tools and technology, cybersecurity will reap the benefits of added automated protection, but also will suffer from smarter, more efficiently organized attacks.
  3. Blockchain technology will enhance data communication systems. Blockchain technology is projected to make a significant impact in security data communication systems. The issue is leakage of data during transit and at rest, and this solution combines key-value pairs with encrypted values, access control policies, and policy and attribute enforcement engines to mitigate data leakage. Integrating a blockchain platform, such as IBM Hyperledger Fabric, ensures integrity of source data, which is essential to investigate data leakage incidents, and allows verification of data transactions for future analysis.
  4. Standards and regulation for autonomous vehicles. Autonomous vehicles are under development or production at most carmakers, and with multiple manufacturers across the globe, regulations are needed to address potential issues with safety, ethics, and personal privacy.
  5. Cloud attacks will continue to rise. As companies continue to migrate to the cloud, rushed schedules combined with a shortage of highly skilled cloud security professionals will cause an increase in cloud attacks and vulnerabilities.

 

 

Cyber Connections News Roundup: October 22

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 22, 2019

It’s National Cybersecurity Awareness Month: UMGC Students, Alumni and Faculty Experts Share Their Tips for Staying Safe

Check out our University of Maryland Global Campus three-part video series offering tips and insights to help you understand and secure your digital profile at home and at work. Read more.

Making the Case for a Risk-Based Approach to Cybersecurity in the Financial Services Industry

We have no definable network perimeter to protect, according to a recent article on www.securityboulevard.com. With thousands of mobile devices connecting to networks through cloud-based applications that access critical and sensitive data from a variety of hybrid cloud environments, the article supports the argument that it’s time to adopt a truly risk-based approach to cybersecurity to enable us to focus on protecting data itself, rather than on endpoints, networks, and identity. Read more.

Supply Chain Hacks Are On the Rise for Phishing Scams

According to Verizon’s latest Data Breach Investigations Report, email is the channel used in 94% of attacks where hackers target executives for phishing schemes. A recent article on https://netlibsecurity.com describes how hackers are now employing creative approaches to what are known as “supply chain” attacks, which use an organization’s associates, like outsourcing companies, to spread their attacks across that entity’s network of partners and vendors. Read more.

Is Insurance a Viable Solution to Growing Cybersecurity Challenges?

A recent article on www.insurancejournal.com makes the case. Given the increasing frequency of cyber breaches, along with the presence of more varied and evolving threats, how do we address the perpetual uncertainty about whether the cybersecurity industry can protect us? The article argues that since cybersecurity providers can’t guarantee the effectiveness of a cyber solution, and since it is difficult to accurately quantify the cost/benefit of a cyber strategy, then cybersecurity insurance may provide the path toward a way to reduce risk and incentivize clients to take preventative measures. Read more.

Open Cybersecurity Alliance Aims to Unite a Fragmented Landscape with Common, Open Source Code and Practices

On October 8, 2019, the OASIS international consortium announced the Open Cybersecurity Alliance (OCA), an industry initiative to bring interoperability and data sharing across cybersecurity products. IBM and McAfee have contributed the initial open source content and code. Formed under the auspices of OASIS, OCA brings together organizations and individuals from around the world to develop open source security technologies, which can freely exchange information, insights, analytics, and orchestrated responses. Read more.

Cybersecurity Challenges Lie Ahead for Next Generation 9-1-1 in Maryland

By Balakrishnan Dasarathy

The state of Maryland, along with many other states, is in the process of evolving its current largely telephony based 9-1-1 emergency handling systems to the Next Generation 9-1-1 (NG9-1-1) systems, as described in the final report by the Commission to Advance NextGen 9-1-1 Across Maryland. Although the benefits to a digital emergency handling system are vast, the migration to a more open IP-based system also raises a number of security threats that must be addressed to ensure success.

Current 9-1-1 services typically operate over standard telephone networks and, as such, mainly support requests through a voice call. The NG9-1-1 systems will all operate on a nation-wide digital network using the Internet Protocol (IP) technology, enabling interconnection with a wide range of public and private networks supporting emergency assistance from regular phone networks, wireless networks and the Internet.

One of the main benefits of the migration to NG9-1-1 systems is that they will allow Public Safety Answering Point (PSAPs) staff to accept and process a range of information from the public and responders, including text, images, video and voice. Moreover, non-humans such as collision detection systems in automobiles and home health monitoring IoT devices will be able to initiate requests not in the too distant future.

Overall, NG9-1-1 will be able to enable more situational awareness for dispatchers and responders. Because of the connectedness of the Internet, PSAPs can be consolidated and backups for a PSAP can be dynamically called upon nationally (not just regionally) to handle large-scale emergency situations, as encountered during the attacks of September 11, 2001. PSAP IT resources such as logging and recording and location look up services can be shared. In short, emergency handling will be far more resilient and economical with NG9-1-1 than they are today.

Although cyber attacks such as Telephony Denial of Service (TDoS) and Radio Frequency (RF) jamming attacks have compromised current 9-1-1 systems, the migration to NG9-1-1 systems invites a host of additional threats. As NG9-1-1 networks and systems are more open and connected than today’s closed telephony-based 9-1-1 systems, their attack surfaces are much larger.

NG9-1-1 systems can be subject to several types cybersecurity attacks that would hamper their availability, and affect confidentiality and integrity of data critical to the handling of emergencies. These new threats include:

  • Telephone Denial of Service Attacks (TDOS): Calls jam a PSAP administrator line or 9-1-1 lines. This type of attack already happened in October 2016 via compromised cell phones.
  • Ransomware. Use of malware to prevent access to computer systems for the purpose of extorting a ransom. The City of Baltimore emergency 9-1-1 system dispatch and recording servers were subject to this attack in March 2018.
  • Malware attacks. More generally, a malware in the form of a worm spreading from systems in one PSAP to its neighboring ones compromising the ability to respond in a state or a region of the country.
  • Swatting. Swatting is essentially tricking an emergency dispatcher with false or misleading information; for example, through the manipulation of fields such as Caller ID and location information in IP packets in an emergency request to indicate the call is originating from a location at which a serious emergency is taking place, thus directing scarce law enforcement (and medical responders) to that location. This could be just a revenge, or the manipulator could be committing a serious crime somewhere else. This happened in 2017 in California and resulted in an innocent person shot by the police.

With well-known technical and policy controls in place in the IT and network infrastructure and in various emergency handling applications, as well as the support of a well-trained staff, these types attacks can be largely prevented and the damage contained.

The Department of Homeland Security (through its Office on Emergency Communications), the Federal Communications Commission (through its task force on Optimal PSAP Architecture), the National Emergency Number Association (NENA), and the Association of Public-Safety Communications Officials (APCO) are all involved in the rollout of NG9-1-1 and have produced guidelines to address cybersecurity issues among other directives (e.g., specification of functional components and their interfaces for procurement purposes, IP network based architecture, deployment alternatives, budget and cost sharing among various government entities).

A simplified IP network-based “three-tier” architecture is shown below. The key aspect of the architecture is the Emergency Services IP Networks (ESInets), to carry all types of traffic with intelligence to route to appropriate PSAPs and support functions such as location information and subscriber information services.

911

Source: Office of Emergency Communication: Cyber Risks to Next Generation 9-1-1, Nov. 2018

What’s Happening in Maryland?

In Maryland, a statewide task force known as the ENSB (Emergency Number System) Cybersecurity was formed during the summer of 2019 to address the cybersecurity issues related to NG9-1-1. The task force consists of public safety managers and IT professionals from various counties and vendors in the space. Emergency handling in Maryland is largely provided at the county level. I am representing University of Maryland Global Campus to provide cybersecurity expertise. The current focus areas of this committee are to:

  • Develop minimum standards and requirements to address cybersecurity concerns for products serving PSAPs and ESINet components, and
  • Cybersecurity best practices for PSAPs and IT organizations supporting the underlying infrastructure and applications

Standards and recommendations from several organizations and related industries are currently under review so as adopt them to hit the ground running, including:

  • NENA (National Emergency Number Association) Security for Next-Generation 9-1-1 standard
  • Next Generation 9-1-1 Security (NG-SEC) Audit Checklist
  • FCC Task Force on Optimal PSAP Architecture: Final Report
  • NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (and its compliance)
  • NENA Detailed Functional and Interface Standards for the NENA i3 Solution (for various vendor products)

Next Steps

We expect to issue standards and an auditing process to verify how well the standards are followed by the end of 2019, so that the various PSAP entities in the state can complete their gap analysis. Beginning on January 1, 2020, the ENSB will begin approving projects for improving their cybersecurity posture.

About the Author

DasMarch2018v6Balakrishnan Dasarathy, Ph.D. is collegiate professor and program chair for Information Assurance at University of Maryland Global Campus.