Weekly Security Sprint EP 34. MGM breach, disaster planning, Homeland Threat Assessment and more!

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify for Podcasters, Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

Gate 15 is on Threads! Give us a follow and join us: @gate_15_resilience

In this week’s Security Sprint, Dave and Andy talk about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].

Main Topics

Casino, Ransomware

• Washington Post Cybersecurity 202 – What’s behind recent hacks of casinos? “Last year, the FBI issued an alert about how the parent gang operates. The Health and Human Services Department also issued an alert about the threat the gang poses to the health-care sector, tracing ties between them and past, infamous ransomware groups like REvil and DarkSide/BlackMatter.”
• Tactics of MGM-Caesars attackers were known for several months. “In a LinkedIn post… Charles Carmakal, a Mandiant Consulting CTO at Google Cloud, said while members of the group may be less experienced and younger than many of the established multifaceted extortion/ransomware groups and nation-state espionage actors, they are a serious threat to large organizations in the United States. Carmakal added that many members are native English speakers and are incredibly effective social engineers.Researchers such as Crowdstrike and Trellix have repeatedly observed these tactics and published them in blogs earlier this year. The Crowdstrike blog was posted in January and the Trellix blog was more recently in August.”
• High-profile cyberattacks will be talk of tribal technology conference this week. “Everybody working in gaming and hospitality is watching this and is concerned about it,” said TribalHub CEO Mike Day. “Part of why we created Tribal-ISAC (Tribal Information Sharing and Analysis Center) that helps warn, inform, educate, and prevent or mitigate cyberattacks for Native American tribes and all of their enterprises was so we could share information as quickly as possible. When something happens in gaming or hospitality or to a tribe and has been successful, the likelihood of it happening to a similar organization goes up astronomically.”
• Very good perspective and tips from social engineering SME, Rachel Tobac, on LinkedIn
• BlackCat/ALPHV reportedly encrypted more than 100 MGM ESXi hypervisors
• Hackers tied to Las Vegas attacks known for sweet-talking their way into company systems
• The chaotic and cinematic MGM casino hack, explained
• MGM wrestling with fallout from days-long apparent cyberattack
• Two Vegas casinos fell victim to cyberattacks, shattering the image of impenetrable casino security
• Massive MGM and Caesars Hacks Epitomize a Vicious Ransomware Cycle
• Tactics of MGM-Caesars attackers were known for several months
• Mandiant: Why Are You Texting Me? UNC3944 Leverages SMS Phishing Campaigns for SIM Swapping, Ransomware, Extortion, and Notoriety
• Spidering Through Identity for Profit and Disruption
• Ransomware Resources! UK NCSC: Ransomware, extortion and the cyber crime ecosystem. A white paper from the NCSC and the National Crime Agency (NCA). Blog Post: Ransomware and the cyber crime ecosystem – A new white paper examines the rise of ‘ransomware as a service’ and extortion attacks.

Weatherman Segment.

• Nipah virus outbreak.
• Libya flooding.
• Home Office / Small Business Hurricane Prep – SANS Internet Storm Center

DHS Continues to See High Risk of Foreign and Domestic Terrorism in 2024 Homeland Threat Assessment. Annual Threat Assessment to Replace Regular NTAS Bulletins and Provide the Public and our Partners with More Comprehensive Analysis of Most Pressing Threats and Challenges. 

• HS Today: Homeland Threat Assessment Says Violent Extremists Are Improving Online Materials, Information Sharing, and Collaboration
• Cybersecurity 202 – DHS warns about 2024’s cyberthreats
• WaterISAC – H2O Surging Towards Safety & Security. 2023 Sponsorship Prospectus. Learn more about WaterISAC Champions!

Quick Hits.

Faith Based Security: FB-ISAO Newsletter, v5, Issue 9, Membership Reimagined and Harnessing the Power of Collaboration to Ensure School Safety

• At least 49 synagogues have been evacuated due to bomb threats in the last 2 months. Next up, the High Holidays.
• Ahead of High Holidays, US Jewish leaders stress need for security vigilance as antisemitism surges
• Synagogues are doing active shooter training amid rise in antisemitism
• On Telegram, Accelerationist Group Claims Responsibility For Calling In Bomb Threats To Synagogues, Black Churches, LGBTQ+ Bar, Vows To Continue ‘Swatting’ Activities; Posts Livestreams Of Religious Services Online As They Call In Threats
• Altoona man with swastika tattoo charged for taping razor blade on church handrails, police say
• ‘Unacceptable’: North Shore church, crosswalk defaced amid rash of anti-LGTBQ vandalism across city
• Third Buddhist temple break-in in just weeks
• Man slugged unconscious outside mosque in Long Island City: NYPD
• MIAMI JEWISH SCHOOL EVACUATED OVER BOMB THREAT
• Experts: Hatred links Jacksonville shooting, antisemitic displays in Central Florida
• Athens neighborhood targeted by anti-Semitic flyers
• Flyers targeting Jewish community, former President Trump found of driveways of Middle Tennessee homes
• Antisemites, Racists and Other Bigots are Hijacking Public Meetings
• Florida Neo-Nazi Demonstrator Arrested After Hanging Swastikas, Antisemitic Banners Over Interstate
• US neo-Nazi says He Fought in Ukraine, Records Place Him in Florida
• Musk expected to meet with Netanyahu as antisemitism controversy rages
• X didn’t take action on 86 percent of hate speech posts: report
• Palermo Baptist Church Vandalized with Pro-Abortion Slogans
• Police issue ‘all-clear’ following worries over suspicious package in Marion
• 2 more synagogues evacuated due to bomb threats ahead of High Holidays – Jewish Telegraphic Agency
• Bomb threats targeting schools, landmarks reported across D.C. metro area
• How to protect your congregation from swatting and bomb threats during High Holiday services
• Anonymous Threats, Swatting, and more

Government Updates

• NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
• CISA: Vulnerability Scanning for Water Utilities
• FBI PSA – Violent Online Groups Extort Minors to Self-Harm and Produce Child Sexual Abuse Material
• CISA Releases its Open Source Software Security Roadmap
• White House urging dozens of countries to publicly commit to not pay ransoms
• CISA panel pitches idea of a National Cybersecurity Alert System

The world just sweltered through its hottest August on record; Both hemispheres saw record-warm seasons.

🇺🇸 🇨🇳

• Identity of NSA hacker behind cyberattack on China’s leading aviation university identified; to be disclosed in due course
• China blacklists US defence companies over Taiwan arms sales
• US to revamp its aerospace forces as it faces China threat
• Speculation grows over whereabouts of China’s Defense Minister Li Shangfu

Automotive Security:

• Stolen Auto Accounts: The $2 Price Tag on Your Car’s Identity
• Nearly 15,000 accounts raided at automaker sites to harvest vehicle IDs, report says
• Car Hackers Are Out for Blood
• EU to probe ‘flood’ of cheap Chinese electric vehicles, sparking trade war fears
• Have a SAFE ride – Cyber Threats in the Automotive Sector

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at: [email protected], and also on Twitter.