Public Sector Cybersecurity Weekly Briefing 03-16-2018

Port of Longview Hit with Major Cyberattack 
An investigation led by SecureWorks, the port’s cybersecurity firm, found the attack had the potential to affect 370 past and current employees — including past Port of Kalama employees — and 47 vendors. (The Port of Longview used to manage Port of Kalama employees’ benefits.) The attack may also have affected 22 longshoremen, the memo said. Investigators traced the attack to internet service provider addresses in Russia, Liberia and Kazakhstan, according to the memo.

 

Cyber Security at Sea: The Real Threats
The good news is that only 30 percent of those responding to the survey had no appointed information security manager or department, meaning that the majority of companies have a resource able to respond and mitigate any attack. However, the survey did reveal that there are still a lot of employees who have not received cyber awareness training of any kind, which means the shipping industry must try harder, for its own security. Additionally, only 66 percent of those questioned said that their company had an IT security policy, which is a serious cause for concern; IT security cannot be approached on an ad hoc, incident by incident basis.

 

Cyberattack Worries: Tennessee Campaign Fears It Was Hacked 
The U.S. Senate campaign of former Tennessee Gov. Phil Bredesen has told the FBI it fears it has been hacked by someone who tried to scam it into wiring money. In the letter dated Thursday and obtained by The Associated Press, campaign lawyer Robert E. Cooper Jr. says someone pretending to be the campaign’s media buyer asked for money to be wired to an international account. The report comes amid growing concern that candidates in the 2018 election could be targets of cyberattacks.

 

Forensic Analysis of Digital Media – 4 Methods Explained
Imagine your computer getting infected with malware or getting compromised, and you suspect evidence of a crime that you’d like to see prosecuted. After taking the necessary steps to securely obtain a forensically-sound and legally-defensible image, we must conduct an analysis to determine the suspected series of events. While true forensic methodologies can be extremely time-consuming and complex, let’s discuss four of the most common techniques and methodologies used during an image analysis.

 

Top officials: U.S. Must Shift to More Aggressive Cyber Approach
Senior cyber representatives from the U.S. Army Cyber Command, Marines Corps, Navy, and Air Force appeared before the Senate Armed Services Committee’s Cybersecurity Subcommittee to testify about the challenges and needs they are encountering. […] Weggeman argued that the U.S. military must become “more oriented on mission outcomes, risk models, and threat driven operations” in order to allow the U.S. “to become the challenger instead of the challenged.”

 

Calif. Weighs Toughest Net Neutrality Law in US—with Ban on Paid Zero-rating
The bill would also try to prevent interconnection payment disputes that harm Internet service quality—such as those between Netflix and major ISPs in 2013 and 2014. […] “The [California] bill prohibits ISPs from blocking, speeding up or slowing down websites, applications, and services; charging online companies for access to an ISP’s customers and blocking those that do not pay; and from entering into deals with online companies to put them in a fast lane to the ISP’s customers,” van Schewick wrote today.

 

 

Stay up to date on the Public Sector Information Security news that you need to know by signing up for our Public Sector Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.