Public Sector Cybersecurity Weekly Briefing 01-05-2018

17 Things We Should Have Learned in 2017, but Probably Didn’t
Chances are, you make similar resolutions every January 1st. Each year the infosec headlines flood us with new cautionary tales, some trying to teach us the same old lessons. Here are 17 things we should have learned from the horrors of 2017…but probably didn’t[.]


5 Risks Posed by the Increasing Misuse of Technology in Schools 
Studies of cyber charters have concluded that students learn very little when enrolled in them. There may be students who have legitimate reasons to learn at home online, but these “schools” should not receive the same tuition as brick-and-mortar schools that have certified teachers, custodians, libraries, the costs of physical maintenance, playgrounds, teams, school nurses and other necessities.


Should We Believe a Russian Hacker Who Claims He Hit the DNC for a Rogue Operative in the FSB?
Kozlovsky claimed in his TV Rain letter that he worked mainly from home and had few contacts outside his focused work hacking and planting malware in various target accounts. But he said he answered to Dokuchayev in the FSB, with whom he had a longstanding relationship, and Dokuchayev is the one who gave him the order to hack the DNC.


Why the 2018 Midterms Are So Vulnerable to Hackers
The first primary of the 2018 midterm elections, in Texas, is barely eight weeks away. It’s time to ask: Will the Russian government deploy “active measures” of the kind it used in 2016? Is it possible that a wave of disinformation on Facebook and Twitter could nudge the results of a tight congressional race in, say, Virginia or Nevada? Will hackers infiltrate low-budget campaigns in Pennsylvania and Nebraska, and leak their e-mails to the public? Will the news media and voters take the bait?


New Bill Could Finally Get Rid of Paperless Voting Machines
A bipartisan group of six senators has introduced legislation that would take a huge step toward securing elections in the United States. Called the Secure Elections Act, the bill aims to eliminate insecure paperless voting machines from American elections while promoting routine audits that would dramatically reduce the danger of interference from foreign governments.


Contractors Must Contend with New Cybersecurity Rule
The basic construct of DFARS 252.204-7012 has not changed. The final October 2016 version requires that contractors must provide “adequate security on all covered contractor information systems” and “rapidly report” any “cyber incident that affects a covered contractor information system or the covered defense information residing there-in, or that affects the contractor’s ability to perform the requirements of the contract that are designated as operationally critical support and identified in the contract.”


Stay up to date on the Public Sector Information Security news that you need to know by signing up for our Public Sector Briefing Here.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.