Weekly Security Sprint EP 31. Hostile Events, Space, Doxxing, a PSA, and so much more!

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify for Podcasters, Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

Gate 15 is on Threads! Give us a follow and join us: @gate_15_resilience

In this week’s Security Sprint, Dave and Andy talk about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].

Main Topics

Jacksonville Murders and other physical security updates. Gunman Kills 3 in Racially Motivated Attack on Jacksonville Dollar Store; First Confronted by Security at HBCU; The shooter left three distinct manifestos: one for his parents, one for the media, and one for federal law enforcement. “Portions of these manifestos detail the shooter’s disgusting ideology of hate,” the sheriff said.

• Jacksonville gunman was turned away from historically Black university before killing 3 in racist shooting at nearby store, authorities say
• Ryan Palmeter, Dollar General Suspect: 5 Fast Facts You Need to Know
• Ryan Palmeter Video: Dollar General Suspect Video Released
• Jacksonville Gunman Used Gun With Swastika on It to Kill 3 in Racist Attack, Police Say
• At least seven injured in shooting at Caribbean parade in Boston. ‘the shooting potentially involved “two groups having some type of altercation.”’
• Final moments before Pride flag killing emerge, along with disturbing portrait of gunman

Safeguarding The US Space Industry; Keeping Your Intellectual Property In Orbit (PDF). “Foreign intelligence entities (FIEs) recognize the importance of the commercial space industry to the US economy and national security, including the growing dependence of critical infrastructure on space-based assets. They see US space-related innovation and assets as potential threats as well as valuable opportunities to acquire vital technologies and expertise. FIEs use cyberattacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes, and other techniques to gain access to the US space industry.”

• An article over the weekend notes: “a significant set of cyberattacks has been knocking down the remote connections of prominent space telescopes from the National Science Foundation (NSF) worldwide. Specifically, there have been 10 affected telescopes that have been down for more than two weeks, and the few that have managed to recover are acting less efficiently than before.” Axios adds:

• The space business — which is set to become a $1 trillion industry by 2030 — is about more than just the flashy, headline-grabbing trips that bring humans out of Earth’s orbit. 
• Many fields, including agriculture, health care, transportation and energy, rely on satellites to provide crucial GPS coordinates, relay critical communications, predict the weather and more.
• OODA Loop: What To Do About The U.S. Intelligence Community Warning on Safeguarding The Space Industry. Nice tip at the end – Join Space-ISAC!
• Axios: Space is the next cybersecurity frontier
• Scientists Still Looking For Reasons Cybercriminals Are Disabling These Space Telescopes
• Space ISAC

Swatting and Doxxing. 

• Bomb threat at a Forest Park church induced panic, police say
• Threats against public officials on the rise as 2024 nears
• Surrenders and threats of arrest ahead of Trump’s booking in Georgia
• Bumbling alleged arsonist sets himself ablaze trying to burn down Florida church

PSA: FEMA and FCC Plan Nationwide Emergency Alert Test for 04 Oct 2023. The Federal Emergency Management Agency (FEMA), in coordination with the Federal Communications Commission (FCC), will conduct a nationwide test of the Emergency Alert System (EAS) and Wireless Emergency Alerts (WEA) on Oct 4 at 2:20 p.m. The purpose of the test is to ensure that the systems continue to be effective means of warning the public about emergencies, particularly those on the national level. The EAS portion of the test will be sent to radios and televisions. This year, the EAS message will be disseminated as a Common Alerting Protocol (CAP) message via the Integrated Public Alert and Warning System-Open Platform for Emergency Networks (IPAWS-OPEN). Earlier this year, the FCC updated its EAS rules to take advantage of the latest technologies in order to reach more people, particularly people with disabilities. The FCC believes that requiring greater use of Common Alerting Protocol-formatted alerts will result in more understandable and informative messages. Beginning in December 2023, broadcasters will be required to implement the new CAP alert polling and prioritization rules. The WEA portion of the test will be administered via a code sent to cell phones. 

• FEMA’s press release 
• FCC’s Public Notice  
• FEMA
• FCC
• EMR-ISAC InfoGram Aug. 24 – S&T report evaluates gunshot detection technology for first responders; Nationwide emergency alert test on Oct. 4
• Radio World

Quick Hits.

Idalia Intensifying and Forecast to Become a Major Hurricane. Idalia is forecast to become a major hurricane early this week in the eastern Gulf of Mexico. There is an increasing threat of life-threatening storm surge, hurricane-force winds and scattered flash and urban flooding along or in portions of the west coast of Florida, the Panhandle and Southeast beginning on Tuesday. Florida should closely monitor Idalia and have a plan in place – hurricane safety Read More.

• NHC issuing advisories for the Atlantic on Hurricane Franklin and TS Idalia
• Governor Ron DeSantis Issues Updates on Tropical Storm Idalia
• Key Messages regarding Tropical Storm Idalia
• Local info on Tropical Storm Idalia: Key West, Melbourne, Miami, Tampa, Tallahassee, Jacksonville
• Tropical Storm Franklin leaves a body count and damage in the Caribbean
• AccuWeather warns Idalia could rapidly strengthen to a major hurricane before coming ashore in Florida
• 7 tornadoes confirmed as Michigan storms down trees and power lines; 5 people killed

USG Updates

• TLP:CLEAR FBI FLASH: Suspected PRC Cyber Actors Continue to Globally Exploit Barracuda ESG Zero-Day Vulnerability
• CISA, NSA & NIST: Quantum-Readiness: Migration to Post-Quantum Cryptography
• FBI PSA – FBI Guidance for Cryptocurrency Scam Victims
• CISA’s VDP Platform 2022 Annual Report Showcases Success
• CISA touts ‘tremendous growth’ in vulnerability disclosure platform

Of possible interest

• The Cheap Radio Hack That Disrupted Poland’s Railway System
• UK air traffic control experiencing ‘technical issue’
• Elon Musk stopped policing political misinformation
• Pentagon Official Calls for Total Force Focus on Emerging Biothreats
• Ex-Cop Walked Into California Bar, Shot His Wife and Kept Shooting

Ransomware

• MOVEit, the biggest hack of the year, by the numbers
• Banning Ransomware Payments Brings New Challenges. With references to our friends Silas Cutler and eCrime!
• Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 ransomware groups have breached over 2,200 victims
• Rhysida claims ransomware attack on Prospect Medical, threatens to sell data
• Thousands have SSNs leaked after ransomware attack on Ohio state archive org
• Connecticut hospital nurse says ransomware attack has affected payroll
• Prince George’s Co. Public Schools: Data stolen in ransomware attack could be posted online
• Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset
• Akira: Pulling on the chains of ransomware
• New Akira Ransomware Targets Businesses via Exploited CISCO VPNs
• From Conti to Akira | Decoding the Latest Linux & ESXi Ransomware Families
• Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit
• Rapattoni reportedly restores service to its NorCal MLS network
• Cyberattack on NorCal MLS provider drags on for 19th day
• Ransomware ecosystem targeting individuals, small firms remains robust
• Discovering the ADHUBLLKA Ransomware Family: Tracing the Roots of LOLKEK, BIT, OBZ, U2K, TZW Variants
• Ohio History Connection hit with ransomware attack
• Ransomware gang claims it stole Social Security numbers, passport data in recent hospital attack
• Ransomware Attack Key Factor in H1 Operating Losses of $102.6 Million for Point32 Health
• Ransomware hackers dwell time drops to 5 days, RDP still widely used
• Banning Ransomware Payments Brings New Challenges
• Lockbit leak, research opportunities on tools leaked from TAs
• The Value of Engaging a Threat Actor: Leveraging Strategic Communications for Ransomware Response

From Russia and Ukraine, with love

• Statement from President Joe Biden on Ukraine Independence Day
• THE CYBERSECURITY 202 – Without Prigozhin, expect some changes around the edges on Russian influence operations
• Intentional explosion downed Prigozhin’s plane, says US intelligence
• ‘Highly likely’ Yevgeny Prigozhin is dead, says UK
• Kremlin Dismisses Prigozhin Assassination Rumors as ‘Absolute Lies’

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment. 
• The Risk Roundtable is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: [email protected].