Public Sector Cybersecurity Weekly Briefing 03-30-2018

Ousted HHS Cyber Leaders Have Met with Inspector General About A Reprisal Complaint
The Health and Human Services Department’s inspector general has interviewed the ousted leaders of the department’s fledgling cyber operations center as part of a reprisal complaint, the pair’s attorney told Nextgov Thursday. […] “It is our understanding that [the inspector general’s office] take[s] whistleblower reprisal very seriously, and that they are actively looking into the allegations of retaliation made by Mr. Scanlon and Ms. Amato,” the pair’s attorney Chuck McCullough told Nextgov in a statement.

 

Fallout from Cyberattack on Atlanta Computers Still Unclear
The attack caused an outage for some internal and customer-facing applications, including those used to pay bills and access court information, city Chief Operating Officer Richard Cox told reporters at a news conference Thursday. But it did not affect the public safety department, water department or Hartsfield-Jackson Atlanta International Airport, he said. […] “We don’t want to open up the airport to any possible cyberattack,” he said, adding that the airport’s technology staff was working to harden its infrastructure to make sure it’s not vulnerable.

 

Facebook Accused of Massive Fraud in new Lawsuit Filed by Cook County
“This kind of mass data collection was not only allowed but encouraged by Facebook, which sought to keep developers building on its platform and provide companies with all the tools they need to influence and manipulate user behavior,” Jay Edelson, an attorney representing Cook County, wrote in the complaint. “That’s because Facebook is not a social media company; it is the largest data-mining operation in existence.” Cook County, which includes Chicago, is the second-largest county by population in the United States, behind Los Angeles County.

 

Combating Cyber Threats in Critical Infrastructure Through Due Diligence
Aside from your existing frameworks – ISO, NERC, DFARS, COBIT – there is one framework that covers the depth and breadth necessary to organize and execute an effective and thorough cyber program. This framework, the NIST Cybersecurity Framework (CSF), is built upon NIST 800-53. According to a filing by the Telecommunications Industry Association,  the telecommunications sector has identified the NIST CSF as “a great model for consideration of how to begin developing a flexible, voluntary, viable mechanism for cybersecurity readiness and resilience.”

 

City: Cyber Attack Against Baltimore’s 911 Computer-aided Dispatch System was Ransomware
Ransomware perpetrators were behind Sunday’s cyber attack on the Computer Aided Dispatch (CAD) system that supports Baltimore’s 911 operations, according to Baltimore City Chief Information Officer Frank Johnson. In a statement released Wednesday, Johnson said federal investigators are working with the city to determine the source of the attack, which forced the CAD system offline for 17 hours on Sunday. Officials have said that service was not disrupted during that time, as calls were dispatched by voice.

 

WA Election Cybersecurity Gets $8 Million Boost from Feds
The new money comes from the federal Consolidated Appropriations Act. As part of the act, Washington must also provide nearly $400,000, bringing the total to about $8.3 million. “With this funding, we’ll be able to bring new resources and technology together to improve our ongoing cybersecurity efforts,” said Wyman in a statement. Washington state has 90 days to provide the federal Election Assistance Commission with a proposed plan on how it will use the funding and improve the integrity of the election process.

 

 

Stay up to date on the Public Sector Information Security news that you need to know by signing up for our Public Sector Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.