Threat Focus: The Next Pandemic, End of Microsoft Vista Support, Physical Attack Variation

The Gate 15 Threat and Risk Analysis Cell’s (TRAC) weekly sweep of open-source media has revealed three topics for security and preparedness leaders to consider as they view the threat landscape. Yellow Fever continues to surge in Brazil and, due to the fact Spring is here and Yellow Fever’s method of transmission is similar to Zika’s, North America faces a threat of infection at a similar level of magnitude as that of last year. Microsoft has announced that it will no longer be supporting Vista, the consequence of which is a large number of security vulnerabilities that will mount for organizations continuing to use the OS. And reported attacks over the last week have demonstrated the large number of variations malicious actors can use to assault facilities.

As explained in Wednesday’s Threat Dashboard, “[i]n addition to the normal array of suicide bombings or shooting incidents, all of which are increasingly alarming and difficult to plan for, there are more signs of variations of these further challenging security professionals. In France, a man was killed as he attacked a female French soldier and wrestled with her and grabbed her gun at Orly airport. The suspect had been previously known to anti-terrorism authorities and toxicology reports indicated that he had drugs and alcohol in his system. This brazen attack could have been prompted by the drugs but it also shows a variation of a low-tech attack by minimizing the attackers profile by not carrying weapons. The attacker kept a low profile and then attempted to inflict damage using another person’s weapon. In another instance, a California carnival erupted into chaos when hundreds of teens started stealing prizes and merchandises from the fair. While there were not significant causalities reported, this flash mob style attack resulted in the destruction and theft of property. Finally, at least 12 Iraqi civilians suffered suffocation this week as a result of a chemical attack launched by Daesh in Mosul. Chemical attacks are not common, but this event shows that groups have the capability and resources to provide, if not deadly, at least disruption attacks on a group of people that could inspire groups or individuals to conduct similar attacks.”

Dave Pounder further expands on this in Thursday’s Torpedo Report, “While information is still being gathered regarding the incident, yesterday’s chilling attack in England and failed Antwerp attack, should serve as reminders of the ever-present terrorism threat that exists at any venue and with any weapon. In England, initial investigative acts at this point reveal the attacker drove a car into pedestrians crossing the Westminster Bridge and then driving his car into the outer gates outside the Parliament building before exiting the vehicle and attempting to continue the attack with a knife. Five people were killed and seriously injuring at least 40 as a result of the vehicle and knife attacks, before he was ultimately shot and killed by security forces. This type of combination low-profile attack followed by lethal weapon attack is similar to the Ohio State Daesh-inspired attack wherein the attacker rammed his car into a pedestrian area before exiting the vehicle with a knife.”

Additionally, the consequences of Vista’s requirement are listed in the Threat Dashboard, “If you keep Vista: Internet Explorer 9 will no longer be supported; Vista will no longer be receiving security updates; Antivirus cannot permanently solve this problem since the Antivirus may not continue to support Vista or receive updates for Vista; and new applications and updates are developed for current OS, so your software won’t upgrade past its current state. The key takeaway is that with Vista no longer being supported, users will not be able to maintain the patches and updates to not just their OS, but many crucial structures. Vista users will be exposed to vulnerabilities that will not be addressed by Microsoft.”

The complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.

To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.