Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify for Podcasters, Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.
In this week’s Security Sprint, Dave and Andy talked about the following topics:
Main Topics:
- Cyber Signals: Shifting tactics fuel surge in business email compromise. On 19 May, Microsoft “released the fourth edition of Cyber Signalshighlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022. Successful BEC attacks cost organizations hundreds of millions of dollars annually. In 2022, the FBI’s Recovery Asset Team (RAT) initiated the Financial Fraud Kill Chain (FFKC) on 2,838 BEC complaints involving domestic transactions with potential losses of more than USD590 million. BEC attacks stand apart in the cybercrime industry for their emphasis on social engineering and the art of deception. Between April 2022 and April 2023, Microsoft Threat Intelligence detected and investigated 35 million BEC attempts with an adjusted average of 156,000 attempts daily.” Read the report
- Pride Month Security Considerations. Orlando Digital Traffic Sign Blasts Vile Message to ‘Kill All Gays.’ Gate 15 shared a couple reports this week focused on June’s upcoming Pride Month and associated threats and risks leaders should be thinking about. Those concerns extend well beyond the LGBTQ community. “An Orlando digital traffic sign ‘appeared to be tampered with’ when it flashed ‘KILL ALL GAYS’ in bright orange on Wednesday morning, the Orlando Police Department said. Cops received a report of the suspicious sign roughly around 4 a.m., the Orlando Sentinel reported, and authorities are investigating the homophobic threat.”
- “Worst-case scenario”: Cybersecurity experts confirm school security blueprints stolen in MPS ransomware attack. This incident demonstrates the potential physical security concerns that can develop from a cyberattack. “It was known then but it’s even more apparent now: the ransomware attack against Minneapolis Public Schools was massive. Mark Lanterman, former member of the U.S. Secret Service Electronic Crimes Task Force, described it as a ‘worst-case scenario,’ and confirmed that highly sensitive security information, including campus blueprints, alarm schematics and the placement of surveillance cameras, were all among the documents stolen. ‘My advice to the school district – get new IT staff because someone fell asleep at the wheel during this event,’ Lanterman said bluntly. ‘The faucet of data was on for a long time. This was not a transfer of data like downloading a movie on iTunes that took 10 minutes. This took hours if not days if not longer. There are hundreds of thousands of files here.’”
- New RA Group ransomware targets U.S. orgs in double-extortion attacks. “targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea.”
- Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online; A new cybercrime outfit calling itself RA GROUP is just the latest to take advantage of leaked Babuk ransomware source code.
- Are Ransomware Attacks Declining, or Has Reporting Worsened? Article talks ISACs some.
- New RA Group ransomware targets U.S. orgs in double-extortion attacks. “targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea.”
- 12 Dead in Soccer Stadium Stampede in El Salvador
- Crowd Cushion and on Twitter: @crowd_cushion
Quick Hits:
- Computer in Russia breached Metro system amid security concerns, report says. The inspector general’s report surfaced deep-rooted problems that the watchdog’s officials say leave the transit agency open to attacks that could threaten train safety.
- DOJ: Judge Imposes Eight Consecutive Life Sentences Plus 260 Years in Prison for ISIS-Inspired 2017 Murder of Eight Victims and Attempted Murder of 18 Others in NYC Truck Attack.
- Congress looks to expand CISA’s role, adding responsibilities for satellites and open source software.Lawmakers advanced four on Wednesday that would broaden the Cybersecurity and Infrastructure Security Agency’s portfolio. And related: Peters & Cornyn Bipartisan Bill to Protect Commercial Satellites from Cybersecurity Threats Advances in Senate.
- FBI misused surveillance tool on Jan. 6 suspects, BLM arrestees and others; Crime victims, political donors and potential sources were targeted in digital searches that the FBI says have now been scaled back
- World likely to breach 1.5C climate threshold by 2027, scientists warn
- Burleson Man Who Idolized Mass Shooters Charged With Possessing Homemade Bomb: Feds
- New Mexico Shooter Was Wearing Bulletproof Vest, Carried Cryptic Note In His Pocket, Police Say
- Massachusetts Man Indicted for Acting as an Illegal Agent of the People’s Republic of China; Liang Allegedly Reported to PRC Officials on Pro-Democracy Protesters and Founded U.S. Advocacy Group to Covertly Advance the PRC’s Agenda in Boston and Surrounding Areas.
- Zoom executives knew about key elements of plan to censor Chinese activists
- Pentagon leak suspect Jack Teixeira warned about mishandling classified info, prosecutors say
- FBI misused surveillance tool on Jan. 6 suspects, BLM arrestees and others; Crime victims, political donors and potential sources were targeted in digital searches that the FBI says have now been scaled back
- Homeland Security Uses AI Tool to Analyze Social Media of U.S. Citizens and Refugees;
- US Dept. of State: 2022 Report on International Religious Freedom
- Montana’s TikTok ban: why has it happened and will it work?
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Anchor link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- The Risk Roundtable is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: [email protected].