dhs (19)

13222727095?profile=RESIZE_400xThe US Coast Guard has issued a second security directive warning that Chinese ship-to-shore cranes used widely in the United States pose a cybersecurity risk. Maritime Security Directive 105-5 calls on port operators to take “risk management” measures to mitigate the threats.

Built-in vulnerabilities for remote access and control of the cranes “combined with intelligence regarding China’s interest in disrupting US critical infrastructure, necessitate immediate action,” according to a portion of

13174368075?profile=RESIZE_400xEfforts by the US DHS, Transportation Security Administration (TSA) to address cybersecurity issues faced significant criticism this week from government watchdogs, members of Congress and regulated companies.  A US Government Accountability Office (GAO) report last week said four of the six cybersecurity recommendations made to TSA since 2018 have still not been addressed, including one centered around the agency’s efforts to protect companies from ransomware.  “For example, in January 2024, GA

12539630274?profile=RESIZE_400xIn a comprehensive National Security Memorandum (NSM), the current administration has outlined its strategy for strengthening the security and resilience of United States critical infrastructure against threats like cyberattacks, natural disasters, and climate change.  The memorandum designates 16 critical infrastructure sectors, such as energy, transportation, and health care, and outlines roles and responsibilities for relevant federal agencies to identify and mitigate risks within each sector

12425370855?profile=RESIZE_400xWith supply chain attacks on the rise, and nation-state attackers constantly looking for new ways to disrupt national security and economic stability, one of the most vulnerable areas is the security around our maritime operations.  The current US administration's recent Executive Order to fortify the cybersecurity of US ports underscores this concern, spotlighting the urgency of addressing vulnerabilities in a sector that drives over $5.4 trillion in economic activity annually.  This initiative

12378415093?profile=RESIZE_400xAs more than 65,000 football fans descend on Allegiant Stadium in Las Vegas, Nevada, for Super Bowl LVIII, attractive targets for cybercriminals and hackers.  The major sporting events like the Super Bowl face elevated cyber risks due to the proliferation of connected networks and devices used by venues, teams, vendors, media, and attendees.  This year, the US Department of Homeland Security (DHS) is working closely with partners to assess and strengthen cyber protections.  "There are no known,

12310669452?profile=RESIZE_400xTerrorism, both foreign and domestic, remains a top threat to the Homeland, but other threats are increasingly crowding the threat space.  During the next year, we assess that the threat of violence from individuals radicalized in the United States will remain high, but largely unchanged, marked by lone offenders or small group attacks that occur with little warning.  Foreign terrorist groups like al-Qa’ida and ISIS are seeking to rebuild overseas, and they maintain worldwide networks of support

12234694483?profile=RESIZE_400xA US government shutdown affects about 800,000 federal employees out of 1.8 million full-time civil servants.  About 380,000 are furloughed, meaning they cannot work or get paid.  The rest are working without pay.  A government shutdown can cause financial hardship for many federal employees, who may have to use their savings to survive while furloughed.

Nearly 85% of US cybersecurity agency CISA staff may be sent home at the end of the week as a government shutdown looms.  The US government wil

12229283293?profile=RESIZE_400xAfter years of spouting the need in an ease of reporting suspicious activity, I see the US Department of Homeland Security (DHS) now floating several new ideas for how to make federal cyber incident reporting rules ‘simpler’ for victim organizations — including the concept of a single reporting web portal.  Not a new concept, but a wise one. 

There are currently 52 in-effect or proposed federal cyber incident reporting requirements.  As part of the cyber incident reporting bill that was signed i

10998526880?profile=RESIZE_400xOur US government just loves acronyms.  Well, here’s a brand new one - RVWP.  The Department of Homeland Security (DHS), Cybersecurity infrastructure Security Agency (CISA) is telling organizations across all sectors and of all sizes they are often impacted by damaging ransomware incidents.  Many of these incidents are perpetrated by ransomware threat actors using known vulnerabilities.  By urgently fixing these vulnerabilities, organizations can significantly reduce their likelihood of experien

10805304256?profile=RESIZE_400xThis joint CISA - Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.  These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.  Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about

10051028253?profile=RESIZE_400xThe U.S. Department of Homeland Security is reportedly warning that the U.S. could witness a retaliatory cyberattack at the hands of Russia if it decides to respond to the latter's potential invasion of Ukraine, where 100,000 or more troops have been amassed for weeks.  According to a DHS Intelligence and Analysis bulletin dated 23 January 2022 and sent to law enforcement agencies around the country, officials believe that if the U.S. responds to rising tensions at Ukraine's eastern border, the

9747897664?profile=RESIZE_400xA recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years.  A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”

The new report, titled “Feder

9518436491?profile=RESIZE_400xUS Government Cyber Warning Summary:

Immediate Actions You Can Take Now to Protect Against Ransomware

  • Make an offline backup of your data.
  • Do not click on suspicious links.
  • If you use RDP, secure and monitor it.
  • Update your OS and software.
  • Use strong passwords.
  • Use multi-factor authentication.

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on US holidays and we

9103820261?profile=RESIZE_400xThe Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government.  The new cybersecurity mandates, which will replace some voluntary guidelines that had been in place for a decade, were announced Thursday in the wake of a 07 May 2021 ransomware attack that led Colonial Pipeline Co. to temporarily shut down its pipeline serving the East Coast, triggering fuel sh

9068051683?profile=RESIZE_400xCyber threat analysts have stated that 50% to 70% of all ransomware attacks in the U.S. are targeting small and medium-sized businesses, costing the victims an estimated total of $350 million in the last year, Secretary of Homeland Security Alejandro Mayorkas said Wednesday in a speech to the U.S. Chamber of Commerce.  "The losses from ransomware are staggering. And the pace at which those losses are being realized is equally staggering," Mayorkas said, noting this is why DHS has made battling r

8110479090?profile=RESIZE_400xUS authorities are sharing a quick reference on Ransomware.  "Ransomware is a type of malicious software cyber actors use to deny access to systems or data.  The malicious cyber actor holds systems or data hostage until the ransom is paid.  After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems.  If the demands are not met, the system or encrypted data remains unavailable, or data may be deleted. L

Link to full report: Ransomware_Exec

8011615880?profile=RESIZE_400xOur friends from the US Department of Homeland Security have provided an open source Threat Assessment for October 2020 - which is Cyber Security Awareness Month.  The following is the Cyber Threat Assessment Section. 

Cyber threats to the Homeland from both nation-states and non-state actors will remain acute. U.S. critical infrastructure faces advanced threats of disruptive or destructive cyber-attacks. Federal, state, local, tribal and territorial governments, as well as the private sector, w

7990672077?profile=RESIZE_400xOur friends at the US Department of Homeland Security (DHS), Cyber Security and Infrastructure Agency (CISA) shared the follow good practices:

DRIVE CYBERSECURITY STRATEGY, INVESTMENT, CULTURE  [Link to DHS CISA report with helpful active links: 20-02019b - Telework_Essentials-08272020-508.pdf

After rapidly adopting wide-scale remote work practices in response to COVID-19, organizations have started planning for more permanent and strategic teleworking postures. An organization’s executive leade

3396768374?profile=RESIZE_710xThe Department of Homeland Security released a National Terrorism Advisory System

Bulletin on 18 July 2019.

It updates The National Terrorism Advisory System, or NTAS, a tool designed to communicate information about terrorist threats by providing timely, detailed information to the public.  There are now three primary notifications: Bulletins, Elevated Alerts and Imminent Alerts.  NTAS “Bulletins” provide information describing broader or more general trends and current developments regarding t