officials

now browsing by tag

 
 

Pasadena, L.A. County Officials Warn of Scammers Posing as Coronavirus Contact Tracers – Pasadena Now | #coronavirus | #scams | #covid19

Officials are warning the public about con artists who have been taking advantage of the COVID-19 pandemic to try to trick Los Angeles County residents into giving up personal information […] View full post on National Cyber Security

Orange County officials ask how a child sex predator shed the offender registration requirement | #predators | #childpredators | #kids | #parenting | #parenting | #kids

Despite an unrelated sex crime conviction well before being confined for more than 20 years in a state mental hospital for his chilling words about raping and murdering children, Cary […] View full post on National Cyber Security

#nationalcybersecuritymonth | Trump administration officials brief Congress on election security

Source: National Cyber Security – Produced By Gregory Evans

Top law enforcement and intelligence community officials briefed members of Congress on election security in a pair of panels Tuesday afternoon, telling lawmakers they had “nothing to support” the notion that Russian President Vladimir Putin favored one candidate or another or had ordered actions on any given candidate’s behalf. They said the Russian government’s objective was to sow discord in U.S. political processes, sources said. 

Three sources familiar with Tuesday’s briefing said there were inconsistencies between the election security assessment delivered Tuesday and the one given to the House Intelligence Committee last month.

It appeared to two sources familiar with both February’s and Tuesday’s briefings that the assessment delivered Tuesday was crafted to avoid saying the Russian government had established a preference for Mr. Trump, a conclusion that had been expressed by representatives from multiple intelligence agencies before that panel in February. 

Lawmakers were also briefed last month on Russia’s efforts to boost Democratic candidate Bernie Sanders’ campaign

Separately, three sources also said the intelligence community has not yet furnished intelligence that members of both parties had requested in the February closed-door session that supported the assessment that the Russian government had developed a preference for President Trump. 

Richard Grenell, the acting director of national intelligence, was not among the officials briefing members of the House and Senate. President Trump made the controversial decision to tap Grenell as acting DNI last month. Grenell, the U.S. ambassador to Germany, has virtually no national intelligence experience.

Members heard from FBI Director Christopher Wray, Acting Homeland Security Secretary Chad Wolf, Cybersecurity and Infrastructure Security Agency Director Chris Krebs, and Assistant Attorney General John Demers, among other officials. Instead of Grenell, Bill Evanina, the director of the National Counterintelligence and Security Center, represented the Office of the Director of National Intelligence (ODNI).

An ODNI spokesperson said that the FBI and DHS are in charge of securing the U.S. elections, and the intelligence community was participating in the briefings “in support of that mission.” The intelligence community’s efforts are focused on “detecting and countering foreign election-related threats,” the spokesperson said. 

Shelby Pierson, the election security threats executive at ODNI, also did not appear at the briefing. Pierson’s position at ODNI appeared to be in jeopardy after the president learned she had delivered a February 13 assessment on, among other things, Russian election interference before lawmakers on the House Intelligence Committee. The assessment, which was based on intelligence collected by multiple agencies, indicated that Russia had established a preference for Mr. Trump, multiple sources familiar with the briefing told CBS News. 

The president was infuriated that Democrats on the committee, including Chairman Adam Schiff, who served as lead House manager during last month’s impeachment proceedings, were briefed on information that Mr. Trump feared could be used as a political weapon against him. He was informed of the briefing by House Republicans, though it is not clear how the substance of the briefing was characterized.

After learning of the briefing, Mr. Trump summoned Joseph Maguire, who had been serving as acting director since August, to explain why it had taken place. Days later, the president named Grenell to the role, and Maguire resigned from government. Administration sources have contended that Maguire’s ouster was unrelated to the president’s displeasure with the House briefing.

However, Pierson said in February that she would not be dismissed from her position and that she had the support of Grenell.

“Ambassador Grenell has not asked me to leave,” Pierson said. “In fact, he has encouraged and affirmed his support for my position here in the organization. I have not asked to depart nor discussed resignation in any way.”

Grace Segers contributed to this report.

Source link

The post #nationalcybersecuritymonth | Trump administration officials brief Congress on election security appeared first on National Cyber Security.

View full post on National Cyber Security

FBI Expands Election Security Alerts Beyond Victims to State, Local Officials

Source: National Cyber Security – Produced By Gregory Evans by DH Kass • Jan 20, 2020 The Federal Bureau of Investigation will now notify state officials when a local election has been hit by hackers, a course reversal from a prior closed door policy not to extend notification beyond victims of cyber attacks. A protracted […] View full post on AmIHackerProof.com

#hacking | Florida Officials Pledge to Combat 2020 Election Hackers

Source: National Cyber Security – Produced By Gregory Evans (TNS) — “Foreign adversaries” and “malign foreign actors” are trying to influence and attack Florida’s election systems, FBI officials say, and they need your help to combat them. “You are the first line of defense against foreign influence operations and cybercriminals worldwide,” Rachel Rojas, special agent […] View full post on AmIHackerProof.com

#hacking | Hacking the hackers: Russian group hijacked Iranian spying operation, officials say

Source: National Cyber Security – Produced By Gregory Evans

LONDON (Reuters) – Russian hackers piggy-backed on an Iranian cyber-espionage operation to attack government and industry organizations in dozens of countries while masquerading as attackers from the Islamic Republic, British and U.S. officials said on Monday.

FILE PHOTO: A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture. Kacper Pempel//File Photo

The Russian group, known as “Turla” and accused by Estonian and Czech authorities of operating on behalf of Russia’s FSB security service, has used Iranian tools and computer infrastructure to successfully hack in to organizations in at least 20 different countries over the last 18 months, British security officials said.

The hacking campaign, the extent of which has not been previously revealed, was most active in the Middle East but also targeted organizations in Britain, they said.

Paul Chichester, a senior official at Britain’s GCHQ intelligence agency, said the operation shows state-backed hackers are working in a “very crowded space” and developing new attacks and methods to better cover their tracks.

In a statement accompanying a joint advisory with the U.S. National Security Agency (NSA), GCHQ’s National Cyber Security Centre said it wanted to raise industry awareness about the activity and make attacks more difficult for its adversaries.

“We want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them,” said Chichester, who serves as the NCSC’s director of operations.

Officials in Russia and Iran did not immediately respond to requests for comment sent on Sunday. Moscow and Tehran have both repeatedly denied Western allegations over hacking.

GLOBAL HACKING CAMPAIGNS

Western officials rank Russia and Iran as two of the most dangerous threats in cyberspace, alongside China and North Korea, with both governments accused of conducting hacking operations against countries around the world.

Intelligence officials said there was no evidence of collusion between Turla and its Iranian victim, a hacking group known as “APT34” which cybersecurity researchers at firms including FireEye FEYE.O say works for the Iranian government.

Rather, the Russian hackers infiltrated the Iranian group’s infrastructure in order to “masquerade as an adversary which victims would expect to target them,” said GCHQ’s Chichester.

Turla’s actions show the dangers of wrongly attributing cyberattacks, British officials said, but added that they were not aware of any public incidents that had been incorrectly blamed on Iran as a result of the Russian operation.

The United States and its Western allies have also used foreign cyberattacks to facilitate their own spying operations, a practice referred to as “fourth party collection,” according to documents released by former U.S. intelligence contractor Edward Snowden and reporting by German magazine Der Spiegel.

GCHQ declined to comment on Western operations.

By gaining access to the Iranian infrastructure, Turla was able to use APT34’s “command and control” systems to deploy its own malicious code, GCHQ and the NSA said in a public advisory.

The Russian group was also able to access the networks of existing APT34 victims and even access the code needed to build its own “Iranian” hacking tools.

Additional reporting by Vladimir Soldatkin in Moscow and Babak Dehghanpisheh in Geneva; Editing by Frances Kerry

Our Standards:The Thomson Reuters Trust Principles.

Source link

The post #hacking | Hacking the hackers: Russian group hijacked Iranian spying operation, officials say appeared first on National Cyber Security.

View full post on National Cyber Security

Cyber #security a #priority for #area #election #officials

With election season quickly approaching, Grand Island workers are taking steps to secure their data.

Election officials from across the state are taking advantage of training opportunities to stay up-to-date on cyber security measures.

Last fall Secretary of State John Gale hosted a big presentation. Tracy Overstreet, the Hall County Election Commissioner attended.

Overstreet had the opportunity to meet with officials from Homeland Security and the FBI to learn about ways to protect elections from hackers.

She says there are also risk-assessment analysis taking place on the state and local level right now.

“We’ve got the anti-virus software, we’ve got the firewalls up. The election information isn’t even available to any outside site. The only thing that comes out of the election office that goes out to the election site is our election results on election night,” said Hall County Election Commissioner Tracy Overstreet.

Overstreet says Hall County still uses paper ballots for their elections. She feels this provides even more security and also a paper trail to refer back to.

advertisement:

The post Cyber #security a #priority for #area #election #officials appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hack of #Baltimore’s 911 #dispatch system was #ransomware #attack, city #officials say

The hack that forced Baltimore’s 911 dispatch system to be temporarily shut down over the weekend was a ransomware attack, city officials said Wednesday.

Such attacks — another of which occurred in Atlanta last week — take over parts of private or municipal computer networks and then demand payment, or ransom, for their release.

Frank Johnson, chief information officer in the Mayor’s Office of Information Technology, said he was not aware of any specific ransom request made by the hackers of Baltimore’s network, but federal authorities are investigating.

“The systems and the software and the files are all being investigated by the FBI right now,” Johnson said.

No personal data of city residents was compromised, he added.

Dave Fitz, an FBI spokesman, could not be reached Wednesday. On Tuesday, Fitz said the agency was aware of the breach and providing assistance to the city, but otherwise declined to comment.

The attack infiltrated a server that runs the city’s computer-aided dispatch, or CAD, system for 911 and 311 calls. The system automatically populates 911 callers’ locations on maps and dispatches the closest emergency responders there more seamlessly than is possible with manual dispatching. It also relays information to first responders in some cases and logs information for data retention and records.

The breach shut down the CAD system from Sunday morning until Monday morning, forcing the city to revert to manual dispatching during that time. While the city’s 911 calls are normally recorded online on Open Baltimore, the city dispatch logs stopped recording them at 9:54 a.m. Sunday and didn’t resume recording them again until 7:42 a.m. Monday.

Johnson said the attack was made possible after a city information technology team troubleshooting a separate communications issue with the server inadvertently changed a firewall and left a port, or a channel to the Internet, open for about 24 hours, and hackers who were likely running automated scans of networks looking for such vulnerabilities found it and gained access.

“I don’t know what else to call it but a self-inflicted wound,” Johnson said. “The bad guys did not get in on their own without the help of someone inadvertently leaving the door open.”

Once the “limited breach” was identified, city information technology crews “were able to successfully isolate the threat and ensure that no harm was done to other servers or systems” on the city’s network, Johnson said. And once “all systems were properly vetted, CAD was brought back online.”

Johnson said the city “continues to work with its federal partners to determine the source of the intrusion.”

The Baltimore hack comes amid increasing hacking of municipal systems across the country, and follows one in Atlanta last week that paralyzed that city’s online bill-payment system, with hackers demanding a $51,000 payment in bitcoin to unlock it. That attack occurred Thursday, and Atlanta employees only turned their computers back on Tuesday.

Johnson said his office works diligently to prevent cyberattacks and is looking to invest more in safeguarding its networks.

Baltimore also faced cyberattacks during the unrest in 2015, when its website was taken offline. Johnson said he was unaware of any other successful attacks on the city’s networks. He said the city would be obligated to disclose any attacks that compromised residents’ personal information, health information or crime data.

Johnson said he feels the city recovered well from the breach once it was identified, but that he did not want to go into detail about what was done lest he expose the city to more attacks.

The city has a $2.5 million contract with TriTech Software Systems to maintain its CAD software and provide “technical support services to ensure the functional integrity” of the city’s CAD system.

Scott MacDonald, TriTech’s vice president of public safety strategy, said the company worked with city IT personnel to shut down the CAD software after the attack. The breach was not related to the company’s software, MacDonald said.

“When we were alerted of it, it was reported that the server had some sort of compromise,” he said. “Our techs connected and worked with the IT staff there, and the CAD system was taken down manually, in combination between our staff and theirs, while the servers could be troubleshooted by the city.”

advertisement:

The post Hack of #Baltimore’s 911 #dispatch system was #ransomware #attack, city #officials say appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Intel didn’t #tell US #cyber security officials about the #Meltdown and #Spectre flaws until after it #leaked in news #reports

Source: National Cyber Security News

Intel did not inform U.S. cyber security officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet Inc notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday.

Current and former U.S. government officials have raised concerns that the government was not informed of the flaws before they became public because the flaws potentially held national security implications. Intel said it did not think the flaws needed to be shared with U.S. authorities as hackers had not exploited the vulnerabilities.

Intel did not tell the United States Computer Emergency Readiness Team, better known as US-CERT, about Meltdown and Spectre until Jan. 3, after reports on them in online technology site The Register had begun to circulate.

US-CERT, which issues warnings about cyber security problems to the public and private sector, did not respond to a request for comment.

Details of when the chip flaws were disclosed were detailed in letters sent by Intel, Alphabet and Apple Inc on Thursday in response to questions from Representative Greg Walden, an Oregon Republican who chairs the House Energy and Commerce Committee.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Hackers #redoubling efforts after #Meck Co officials #decline #paying #ransom

Hackers are reportedly “redoubling their efforts to penetrate the county’s systems” after Mecklenburg County officials decided not to pay a ransom to unfreeze hacked servers, officials said Thursday.

Mecklenburg County remains open for business as it continues to restore services.

According to county officials, cybercriminals are trying to use emails with fraudulent attachments and viruses to further damage the county’s systems. County officials are asking residents and employees to remain patient.

County Manager Dena Diorio says hackers froze 48 county servers, and asked for two bitcoins in ransom, which totals about $23,000. This, despite claims made by other county officials to WBTV that the hackers were actually seeking a ransom on each server, which would have run the ransom into a range of the hundreds of dollars.

On Thursday, officials said ITS is disabling county employees’ option to open attachments in Drop Box and Google Documents. Officials released this statement:

“The best advice for now is to limit your use of emails containing attachments, and try to conduct as much business as possible by phone or in person. “

As the county manager refuses to pay the hackers, the county’s IT team begins work on repairing the 48 frozen servers, and bringing the affected county departments back to normal working order. These departments include the tax office, register of deeds, LUESA, assessor’s office, park and recreation, department of social services, child support enforcement, finance, sheriff’s office, and the courts.

The county was experiencing a county-wide computer system outage Tuesday afternoon. Just after 6 p.m., officials told reporters that the servers were being held for ransom.

Officials have not given a timeline for how long the repairs will take, but say they will take “days.” They have prioritized repairs on servers affecting health and human services, the courts, and LUESA.

Diorio told WBTV that bringing the 48 servers back to full strength is a process that could go into early 2018.

“Now understand things will come back up incrementally, so as we bring systems on line we won’t be shot down that long, but by the time we get everything fully restored I would say the first of the year,”Diorio said.

Rather than pay hackers demands to get rid of ransomware, the county is taking matters into  its own hands.

One place impacted and where business practices have changed is the Mecklenburg County Tax Office.

Online payments have become the norm, but with computers being down fees collected in person.

Daniel Chisholm ended up with handwritten receipt and a dose of reality.

“I am paranoid about using the internet and I use it all the time. Problem is that’s the wave of the future and you can’t get around it,” Chisholm said.

Theresa Payton and her company Fortalice Solutions is one of the companies hired by Mecklenburg County to work through this series of challenges.

She is also a WBTV cyber security expert who says hackers in most instances are hoping to beat the odds.

“For cyber criminals they have nothing to lose and everything to gain. If you think about, you have to get it right 365 days out of the year, and they only have to get it right once,” Payton said.

Getting right during this period of recovery is the goal of the county manager.

“We just ask people to work with us and be patient to the best of their ability,” Diorio said.

Dioro also expects work to continue through the weekend and through the holidays.

In the meantime, they have asked customers to call these departments to check on their services.

Below is information from county officials given Thursday of offices affected during the server outage, along with direction for customers moving forward.

Assessor’s Office (CAO)
Non-Operational:

  • County Assessor’s Office reports AssessPro (The Real Property appraisal system), NCPTS (the personal property appraisal system and the billing and collection system) are down.
  • Polaris and Tax Bill look up county web links are not working.

Criminal Justice Services
Non-Operational:

  • Research & Planning cannot run the daily population numbers without OMS interfacing with our data warehouse.  (Please note that we anticipate a spike in the jail numbers due to the release process being slowed.)

 Child Support Enforcement (CSE): CSE is in full Manual Services- still seeing customers here and in the Courthouses, all records are being hand-written and the Clerk’s office is printing/making copies for the Court.

  • Advantage is Down
  • ACTS- Automated Collection and Tracking System is down- which is used to interface with other state and federal systems; document generation; pay histories; charging and billing functions, etc
  • Compass/OnBase is down
  • Dept. Of Vital Records is down
  • Qflow- Used to track customer visits by date, time, visit purpose, service provider, etc.
  • VMWare

Community Support Services: The Domestic Violence Victim Services phone line (704-336-3210) is now fully functioning.
Non-Operational:

  • ECHO for Substance Use Services (they are documenting on paper & will scan into the system once operational),
  • OnBase for Veterans Services & secure printing and copying. We are seeing clients but Veterans Services may run slower. As soon as we have access to a copier we will run much smoother.
  • All secure printing & coping DOWN.
  • Community Support Services Prevention & Intervention Division is unable to transfer a call from the receptionist to a clinician.

 Department of Social Services (DSS): All DSS services and programs are up and running with the exception of individual medical transportation scheduling.

  •  All Public Assistance programs and services are available.  We have made adjustments to work around the systems that are unavailable.
  • Adult Protective Services and Child Protective Services are fully operational.

 Transportation Message:
If you have made a transportation reservation through DSS/MTS scheduling, please call Customer Connection at 704-336-4547 to confirm your transportation.  This includes reservations made for bus passes and vendor transportation for trips scheduled through December 11, 2017.

Finance
Non-Operational:

  • Services/support are all manual and limited as most all of our work relies on Advantage as our core financial system.
  • Automated payments, invoicing, procurement, etc.  This means no Electronic funds transfers, processing of procurement requests in the system, or other similar transactions.  Because many of our internal controls are automated, or rely on systems (verifying funds, etc.), most of our services will be manual and slowed, but we should be able to perform them.  We also cannot apply payments received to the balance owed in the system—meaning we will have a backlog and some risk to the extent collections are continuing.

 Human Resources
Non- Operational:

  • Applicants cannot apply for vacant positions

Library

  • No changes since last communication

 LUESA
The LUESA offices on Suttle Ave continue to operate to provide services to our building community.  If you have urgent permitting and inspection needs, please call 980-314- CODE (2633) and staff will be able to coordinate your request for service.

Non-Operational:

  • Code and Storm Water Services cannot review plans or issue new permits until POSSE/Winchester and other supporting systems including GIS, Navision (payment processing) are up.
  • GIS cannot provide addressing and other services including processing register of Deeds data until the GIS servers are back online.
  •  Air Quality services for asbestos reviews etc cannot be performed until the permitting system is up.

MEDIC: Nothing affected at this time.

Office of the Tax Collector
Non-Operational:

  • Property tax payments cannot be made at the Wilkinson Boulevard location.
  • Tax records and payment information cannot be accessed online or by telephone.
  • Research requests for bankruptcy, tax certificates, tax lien research, or any other service requiring reference to the tax records cannot be performed.
  • All online services including online payment options are not available.

As of Wednesday night, the county’s domestic violence hotline was down. They were directing callers to Safe Alliance reached at 704-332-2513.

County officials say employees’ payroll will not be affected by the Dec. 15 pay date. Officials say most printers are still offline, with a limited number enabled in specific offices.

View full post on National Cyber Security Ventures