The Risk Roundtable: EP 20. The latest security news delivered “without remorse”.

Please enjoy this month’s episode of The Gate 15 podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts.

The Risk Roundtable crew jumps into summer with a new episode focused on some of the latest security news. Kicking off the episode, Dave and the team looks at the latest FBI report on Active Shooters (Active Shooter Incidents 20-Year Review, 2000-2019) and how organizations can integrate this information into their security planning and preparedness. Then they switch over to talk about a threat that grows stronger each month – Ransomware. Jen breaks down the latest ransomware activity and reminds organizations to not go at it alone! Then while Dave is dancing on mute, the risk roulette goes into a few “Public Service Announcements” about privacy and opting out of some services that may feel forced, and the upcoming summer season (Fourth of July) and the security precautions organizations and individuals need to remember when planning events. Andy then wraps up the episode sharing how much he loved a certain movie that was Dave’s favorite book of all time. Dave might have had something….or three minutes….to say something about it.

Gate 15 continues to conduct workshops and other educational and exercise events focused on hostile events (active shooter), ransomware, and more. Please contact our team if we can assist your organization plan and prepare for these and other threats.

Some of the references from our podcast and additional resources include:

Active Shooter:

• FBI Active Shooter Resources. 
• Active Shooter Incidents 20-Year Review, 2000-2019
• A Study of the Pre-Attack Behaviors of Active Shooters in the United States Between 2000 and 2013
• Gate 15 Services, including our Hostile Events Preparedness Series (HEPS)
• What’s Your Plan, a short book with lots of great information by James DeMeo.  

Privacy (Amazon):

• Bleeping Computer, Amazon to share your Internet with neighbors on Tuesday – How to opt out, 06 Jun 2021
• Malwarebytes. Amazon Sidewalk starts sharing your WiFi tomorrow, thanks, 07 Jun.

Ransomware (see this accompanying post for more on the June 2021 White House guidance on ransomware):

• WSJ, FBI Director Compares Ransomware Challenge to 9/11, 04 Jun 2021
• Armis, Beer, cheese, fuel, and now meat. What’s next?, 03 Jun 2021.
• Malwarebytes, Ransomware to be investigated like terrorism, 04 Jun 2021
• Cybercrime Magazine, Global Ransomware Damage Costs Predicted To Exceed $265 Billion By 2031, 03 Jun 2021
• The Gate 15 Interview: Ransomware Running Rampant! 28 Sep 2020. Some notes from that post: In the discussion Jeremy and Andy discussed some ransomware security best practices. Jeremy shared some technical ideas and listeners are encouraged to review the Cybersecurity and Infrastructure Security Agency’s Ransomware Resources, including CISA’s Ransomware page. Some of the best practices listed there include:
  • Restrict users’ permissions to install and run software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
  • Use application whitelisting to allow only approved programs to run on a network.
  • Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.
    • Additionally, see the Ransomware Security Publication, technical guidance on How to Protect Your Networks from Ransomware, and CISA’s Awareness Briefings on Combating Ransomware, Joint Ransomware Statement, and CISA Insights – Ransomware Outbreak for more information.
• DHS CISA and MS-ISAC Ransomware Guide, (announcement)
• U.S. DHS CISA, Ransomware Guidance and Resources: A DHS repository of ransomware-related products, including government alerts, guides, and fliers.
• U.S. NCIJTF, Ransomware Factsheet: A joint-sealed ransomware factsheet adressing current ransomware threats and provide information on prevention and mitigation techniques. 
• U.S.S.S. Cybercrime Investigations, The U.S. Secret Service released a series of fact sheets related to ransomware attacks and how to report cybercrime-related incidents to the government.
• A Guide to Ransomware
• Contacting Law Enforcement
• Reporting Cyber Incidents to the Federal Government
• U.S. FTC, Ransomware Prevention: An Update for Business: A blog outlining the commission’s stance on ransomware.
• U.S. Department of Treasury, Advisory on Potential Sanctions for Facilitating Ransomware Payments: This advisory alerts companies of the potential sanctions risks for facilitating ransomware payments.
• U.S.  Department of Treasury, Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments: This advisory alerts financial institutions to predominant trends, typologies, and potential indicators of ransomware and associated money laundering activities.
• U.S.  White House memo, as reported by The Hill: Memo to Protect Against The Threat of Ransomware: This open letter urges the private sector to increase efforts to defend against ransomware.
• U.K. NCSC: Cyber Security Toolkit for Boards: Ransomware: A blog post outlining the basics of ransomware and the essential questions a board should be asking technical experts.

Additional references:

• Intel471, Here’s what happens after a business gets hit with ransomware.
• Cyber Readiness Institute, Ransomware Playbook
• Heimdal Security, What is Ransomware – 15 Easy Steps To Protect Your System.
• FireEye, Ransomware Protection and Containment Strategies: Practical Guidance for Endpoint Protection, Hardening, and Containment.

The Risk Roundtable podcast is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally. As we seek to help apply a threat-informed, risk-based approach to analysis, preparedness and operations, we hope these podcasts are informative and maybe even a little entertaining. Read more about Gate 15’s full podcast menu at our Podcast page. We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: podcast@gate15.global.

You can subscribe and enjoy The Gate 15 Podcasts on Anchor, Apple, Spotify, Google, as well as other locations accessible from the Anchor link. The full menu includes:

• The Risk Roundtable, a panel discussion among our Gate 15 team;
• The Cybersecurity Evangelist, with Jennifer Lyn Walker;
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder; and
• The Gate 15 Interview, a monthly interview with security and risk management leaders.

We hope you’ll subscribe, listen and share your ideas and other feedback!