Tag Archives: Department of Homeland Security

Can You Really Protect Against Ransomware?

We’ve written a few times recently about municipalities, companies, and government agencies hit with ransomware attacks this year. In early July, it was reported that a court system in Georgia was attacked with ransomware, causing lawyers, court employees and the public to have to rely on “old school” paper to file pleadings and keep the … Continue Reading

Privacy Tip #162 – Cybersecurity Help for Small Businesses

Small businesses are targeted by hackers because they often do not have the resources to stay abreast of new schemes, or to protect against them with the latest technology or security solutions. Small businesses have historically struggled with data security, so any help is always welcome. Recognizing that small businesses struggle with data security, the … Continue Reading

National Security, Technical and Legal Challenges for Counter-UAS Technology

National security concerns related to drones range from illicit intelligence gathering to smuggling drugs and guns over the border or into prisons, to attacks like those conducted by terrorist groups. However, currently, unmanned aerial systems (UAS) counter technology (or counter-UAS) legal authority is limited. Only the Department of Defense (DOD) and Department of Energy (DOE) … Continue Reading

Russian Hackers Successfully Phished Hundreds of U.S. Companies Last Year

The Department of Homeland Security (DHS) has indicated that Russian hackers successfully attacked the energy, nuclear, aviation and critical manufacturing sectors through targeted phishing campaigns throughout 2017. According to DHS, the coordinated attacks started in 2016 with one compromise that was dormant for a year until other infiltrations occurred. The hackers targeted real people by … Continue Reading

The Report to the President for “Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats”

Back in January, a draft report from the U.S. Department of Commerce and the U.S. Department of Homeland Security was released to President Trump in order to address his May 11, 2017 Executive Order, which called for strengthening “Cybersecurity of federal Networks and Critical infrastructure”. The Departments approached this issue by “hosting a workshop, publishing … Continue Reading

Remote Identification of Drones: For Commercial Operators Only or Hobbyists Too?

Last month, the Federal Aviation Administration (FAA) received recommendations regarding remote identification of drones in a report from the unmanned aircraft  Identification and Tracking (UAS ID) Aviation Rulemaking Committee (ARC). One of the topics at issue: whether we need remote identification (ID) of all drones in the national airspace. Beyond the FAA, the Department of … Continue Reading

Energy and Critical Infrastructure Industries Warned of Increased Attacks by FBI and DHS

The FBI and Department of Homeland Security issued a joint statement on October 20 warning of an increased danger of a malicious “multi-stage intrusion campaign” to critical infrastructure industries, including the energy sector. According to the warning, hackers are targeting company-controlled sites of different agencies to access information on equipment and designs, including “control-system capabilities” that … Continue Reading

FERC Proposes New Cybersecurity Rules for Electric Grid

The Federal Energy Regulatory Commission (FERC) has proposed new rules to enhance cybersecurity for the electric grid in the U.S., which includes security management controls to specifically respond to risks associated with malware. FERC suggested that the North American Electric Reliability Corporation, the nonprofit that helps regulate the U.S. electric utility industry, implement “mandatory controls … Continue Reading

Siemens Medical Equipment Vulnerable to Cyber-Attacks

The Department of Homeland Security and Siemens Healthineers has identified cybervulnerabilities in the Windows 7-based versions of Siemens PET/CT systems, SPECT systems, SPECT/CT Systems and SPECT Workplaces/Symbia.net and have issued a warning concerning the vulnerabilities. Although Siemens is working on updates for the affected diagnostic imaging systems, it is recommending that customers operate the systems … Continue Reading

Outgoing Homeland Security Chief: Cyber Security Has Improved But More Work Remains to Be Done

Following an election season characterized by missing emails, private servers and personal laptops, and amidst pervasive allegations of Russian cybercrimes, outgoing Secretary of Homeland Security Jeh C. Johnson issued an exit memo outlining the cybersecurity strides made by the Department of Homeland Security (DHS) during the Obama administration.  Despite acknowledging “tangible progress,” Johnson warned that … Continue Reading

FAA announces more drone detection testing at JFK Airport

The Federal Aviation Administration (FAA) announced this week that it will be expanding its research on how to detect ‘rogue’ drones near airports. The FAA will join forces with other government agencies and academic partners to experiment with new drone detection technology at JFK Airport in New York. FAA Senior Advisor on drone integration, Mark Gibson, … Continue Reading

Hacker has possession of 9,000 Department of Homeland Security employee information through social engineering and threatens to release data of 20,000 FBI employees

Boasting on a Twitter account, a hacker has claimed that he accessed over 9,000 Department of Homeland Security employees’ demographic information, including names, email addresses, telephone numbers, and titles. The hacker claims that he obtained access to 1TB of data directly from the Department of Justice. The hacker explained that he gained access to a … Continue Reading

GAO Report: EINSTEIN not meeting stated objectives

According to a recent GAO report, the Department of Homeland Security’s (DHS) National Cybersecurity Protection System, commonly referred to as EINSTEIN, is not meeting its stated objectives. The purpose of EINSTEIN is to protect federal civilian executive branch agencies from cyber attacks. EINSTEIN monitors traffic to and from these agencies to identify malicious activity, serves … Continue Reading

Spear-phishing campaigns continue to infiltrate critical infrastructure

The Department of Homeland Security’s Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT) has reported that critical infrastructure systems in the U.S. experienced a 20% increase in cybersecurity incidents in 2015. ICS-CERT responded to 295 incidents involving critical infrastructure in 2015. The good news is that the industry that is the most targeted—Energy—had a 42 … Continue Reading

Omnibus funding bill creates healthcare cybersecurity task force

The $1.1 trillion spending and tax extender bill that is on President Obama’s desk awaiting signature creates a healthcare industry cybersecurity task force, which must be established within 90 days of enactment. This is important news since a recent report issued by the International Data Corporation forecasts that one in three consumers will have their … Continue Reading

Public-private team of security experts disrupt Dorkbot malware

This is how it should be—private companies working with law enforcement to disrupt evildoers on the Internet. Late last week, Microsoft announced that it teamed up with the Department of Homeland Security, Europol, the FBI, Interpol, the Royal Canadian Mountain Police, the Computer Emergency Response Team Polska, security vendor ESET, and the Canadian Radio, Television … Continue Reading
LexBlog