Security
IT protection that supports the state, its employees and assets.
Don't Get Held Up at Ransom Article and Video Presentation
On Oct. 11, the U.S. Secret Service, FBI Denver Cyber Task Force, Cybersecurity and Infrastructure Security Agency (CISA), Boulder County Chief Information Security Office and the Governor’s Office of Information Technology (OIT) gathered to talk about cybersecurity and ransomware.
Expert Panel on Ransomware - 2023 Cybersecurity Awareness Month: Watch the video.
What is ransomware? Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
What to do if an incident occurs.
Johnathan Reaghart, Supervisory Special Agent for the FBI Denver Cyber Task Force, says that first and foremost, it’s important to inform state and federal cybersecurity experts so they can collect digital evidence, which could include malware, suspicious files, data logs, etc. This threat intelligence will then be organized and analyzed to start the mitigation process.
The Secret Service will then work with partners across the country to gather intel and share information on the incident. Cyber actors are rarely confined to the U.S., so instead of working on financial sanctions, diplomatic sanctions come into play and the State Department works with overseas entities to deny the infrastructure the bad actors are using in order to dissuade and disrupt them. In parallel, CISA focuses on discovering the technique and tactic that the bad actor used to get access, as well as asking a lot of questions. How will this incident affect the community at large? What is the most critical service that could be impacted in the community? How can that impact be minimized? The first 24 hours after an incident has occurred are critical and assistance mitigating the issue(s) will need to be outsourced if it was a major attack.
Build the boat before the storm.
The more time and energy you spend on preparedness, the less crippled your organization will be if you’re attacked. Ensure that you have an incident response plan (IRP) with current staff members who understand how to implement it, as well as have policies in place that will give that plan authority. Every organization that cares for critical infrastructure needs to have a cybersecurity person on staff.
But remember, this is a team sport. Connect with an Information Sharing and Analysis Center (ISAC). These committees offer federal grants to those with cybersecurity needs as well as mentorship opportunities. ISACs also encourage the exchange of information like trading acceptable use policies between entities. Colorado has a connected cybersecurity community of managers and leaders in the field, so it is to your benefit and advantage to engage this larger ecosystem.
Ransomware has been around since 1989, but the tactics haven’t changed.
Phishing is still the number one avenue for attackers to place ransomware on your network, accounting for 95% of attacks. The bad guys get in the door by someone making a mistake. Bad actors will always exploit known vulnerabilities because that’s the easiest route. The best defense is user education and ensuring that you’re using the most up-to-date technology, including hardware and software updates.
We need to be more diligent about our cyber hygiene:
Create strong and unique passwords.
Use multifactor authentication to keep accounts secure.
Recognize and report phishing attacks.
Download the latest software updates.
Hire trained cybersecurity staff members.
Connect with other cybersecurity organizations and professionals.
Develop an incident response plan.
Watch for These Seven Red Flags Article
Social media is now the leading channel for scammers to access your information. According to a new report from the Federal Trade Commission, Americans lost $2.7 billion combined to scams originating on social media between January 2021 and June 2023. Online shopping accounted for the most common type of social media fraud, and with the holidays fast approaching, there are some big warning signs to look out for to avoid falling victim to a scam.
An urgent message with an emergency request from a connection.
Any request involving gift cards, wire transfers or cryptocurrency.
Products sold at huge discounts that sound too good to be true.
Typos or grammatical mistakes in account names, bios or website URLs.
Promising a huge return on investment with little or no risk.
Being rushed into making a decision.
Someone you just met online wants to meet in person or asks for more personal information.
Simple ways we can protect ourselves, our friends and our family:
Limit who can see your posts and profile information and be suspicious of unexpected communications from unknown social media profiles.
If you don’t recognize the person or business reaching out to you online, do your own research and search for the brand or person’s name alongside words like “scam” or “complaint” to make sure they are legitimate.
Monitor your credit to make sure you haven’t unsuspectingly fallen victim to fraud.
Avoid using debit cards for online payments; they don’t offer the same protection that comes with most credit cards.
The best advice?
Turn on and use multi-factor authentication.