Tag Archive for: security

The Top Cybersecurity Concerns for the Upcoming Elections

/in

2020 has not been our year. We won’t air out its dirty laundry, but we all can remember the events that had plagued these first 6 months, with the Coronavirus Pandemic taking the cake. Across the internet, users are wondering “What is coming next?” The Coronavirus seems to have ruined all of our 2020 plans, including future plans, like large wedding celebrations, summer vacations, and now the 2020 elections. 

Heightened Security Concerns with 2020 Elections

Election officials are concerned about the cybersecurity of the upcoming elections, given the entirely new and unplanned circumstances we’ve found ourselves in. Close to 1 billion dollars have been poured into improving security measures for the elections after the 2016 elections were affected by Russian hackers. However, despite the large sums of money that have been put into the increased security, new concerns have arisen that weren’t originally addressed in the security upgrade because of the pandemic. For example, there are many new costs associated with voting facilities because of the pandemic, namely, hand sanitizer and hand-washing stations, as well as the shortage of space needed in current voting facilities to appropriately distance voters and poll workers, as well as an increase in the number of mail-in ballots. These extra costs are coming at the same time when budgets are imploding, and state and local governments do not have extra money available to fund these extra costs. 

Additionally, officials are concerned about the security (or lack thereof) for new online registration portals, which many states have hastily built to help voters social distance. During the 2016 presidential elections, Russian military intelligence conducted cyberattacks against at least one U.S. voting software supplier and spear phished over 100 local election officials. Concerns are that these registration portals could contain security vulnerabilities because of the speed at which they were built. 

Increased Risk in Government Employees Being Spearphished

The Coronavirus has also increased the possibility of local voting officials falling victim to spearphishing attacks because of the number of government employees working from home. While working from home, employees do not have access to all of the safeguards provided at their offices. Beyond secure networks, less physical interaction with coworkers means less communication and more confusion, leaving them more vulnerable to mistaking spearphishing emails as legitimate. 

Misinformation Campaigns on Social Media

Social Media also presents similar security issues with the upcoming elections. Social media became an essential source of information for the 2016 elections and has become an even more central source of election news and information now because of the pandemic. Experts are saying that they expect to see (and have seen) misinformation campaigns closer to elections, set on confusing and swaying voters with incorrect information. 

Most recently, famous blogger Marcus Hutchins reported on his twitter account, MalwareTech, a case where an “Anonymous” group created a fake K-pop giveaway account to gain followers, only to change the profile and start tweeting about the Black Lives Matter movement. This is a great example of one of the ways that incorrect information can be spread over social media. 

While Election Officials and Security Experts do have security concerns, as voters and citizens, we can educate ourselves about these issues. By educating ourselves, we are minimizing the chances of ourselves being defrauded by a well-crafted spearphishing attack and other cyber threats. The best defense is being aware and ready for attacks in the recent future.

Advice from Microsoft: Blocking Ransomware Attacks

/in ,

We have seen lots of changes in businesses due to the COVID-19 pandemic. As most companies are converting to a remote workforce, we have seen human-operated ransomware campaigns targeting healthcare organizations and critical services. To prevent these attacks, Microsoft “advises potential victims to prevent threat actors behind ransomware campaigns from being able to exploit the weaknesses they usually abuse to launch their attacks.”

Microsoft encourages companies to do several things to reduce the risk of becoming a victim of a ransomware attack. The Microsoft Threat Protection Intelligence Team says, “Applying security patches for internet-facing systems is critical in preventing these attacks.” As they have researched data about recent ransomware attacks they have found the following security gaps or common ways attacks infiltrate systems: 

  1. Remote Desktop Protocol (RDP) or Virtual Desktop endpoints without multi-factor authentication (MFA);
  2. Older platforms that have reached end of support and are no longer getting security updates; and
  3. Misconfigured web servers, including IIS, electronic health record (EHR) software, backup servers, or systems management servers.

Organizations should be looking for signs of an active ransomware attack and if they find any signs, Microsoft encourages people to take the following actions:

  1. Investigate affected endpoints and credentials,
  2. Isolate compromised endpoints, and
  3. Inspect and rebuild devices with related malware infections.

To help people understand just how detrimental a ransomware attack can be, Microsoft reported that “after analyzing collected cryptocurrency wallets and ransomware ransom notes, the FBI said at this year’s RSA security conference that victims paid more that $140 million to ransomware operators during the past six years.” It is important for your business to be informed of the possible ways you may be at risk of a ransomware attack. 

Microsoft wants you and your company to be safe from the detrimental effects of ransomware.