Weekly Security Sprint EP 56. IC3 Report, Information Ops, Religious Holidays, Domestic Threats

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

In this Week’s Security Sprint, Dave and Andy talked about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].

• Health-ISAC: Facing a major incident? Don’t navigate it alone. Here’s how Health-ISAC’s community stepped up during the recent Change Healthcare event…
• Opinion: Conflicting government cyber mandates risk undermining US security. “Our nation faces a complex range of cyber threats
• Quote of the week: Risky Biz News: The aftermath of Microsoft’s SVR hack is rearing its ugly head. In an update on the same incident posted late Friday afternoon—as is the practice of every respectable corporate company—Microsoft says it found new evidence over the past weeks that the Russian hackers were now weaponizing the stolen information. 😑
• TribalHub hosts online Tribal Cybersecurity Summit March 7. Gate 15 is grateful to have contributed to Tribal-ISAC and the Opening Welcome and Keynote: Cybersecurity Organizational Structures and Best Practices Based Upon Tribe Size and Cyber Maturity Level!

Main Topics

FBI IC3 2023 Internet Crime Report

• FBI: Critical infrastructure suffers spike in ransomware attacks
• Americans lost a record $12.5 billion to online fraud last year

Info Ops: Spate of Mock News Sites With Russian Ties Pop Up in U.S

• Proliferating ‘news’ sites spew AI-generated fake stories
• TAG Bulletin: Q1 2024
• AI Tools Are Still Generating Misleading Election Images
• Fake U.S. local news network exposed as Russia-linked propaganda front: report
• ElevenLabs Block on Cloning Biden’s Voice Easily Bypassed
• Russian influence operations against Baltic states and Poland having ‘significant impact’ on society
• A New Playbook for Addressing Health Misinformation
• AI will likely increase energy use and accelerate climate misinformation – report

Upcoming Holiday Security Awareness

Domestic Threats

• Inspired Terror: In Video Uploaded To Internet, Teenage Stabber Of Jew In Zürich Swears Allegiance To Islamic State (ISIS), Calls On Muslims To Target Jews And Christians Everywhere

• Insider Threats: Air Force Employee Indicted for Unlawful Disclosure of Classified National Defense Information. 
• Air National Guardsman Agrees to Plead Guilty to Unlawfully Disclosing Classified National Defense Information. 
• Chinese National Residing in California Arrested for Theft of Artificial Intelligence-Related Trade Secrets from Google

Quick Hits

• 4 tabletop exercises every security team should run. “Every organization should run tabletop exercises that answer key questions about their preparedness for ransomware and DDoS attacks, third-party risks, and insider threats.” Considering cyber or physical exercises? Gate 15 can support your discussion based and operational exercise requirements across all-hazards resilience, with years of experience delivering ransomware exercises to executive teams, security teams, other corporate departments and across the information sharing community.

• European Environment Agency: Europe is not prepared for rapidly growing climate risks
  • Read the full report (UNEDITED)
  • Europe is not prepared for the growing climate extremes it faces, its first risk assessment finds
• Ransomware tracker: The latest figures [March 2024]
• Learning Lessons from The Cyber-Attack: British Library cyber incident review, March 2024
• The Week in Ransomware – March 8th 2024 – Waiting for the BlackCat rebrand
• The clowns and fools behind ransomware attacks
• BlackCat ransomware shuts down in exit scam, blames the “feds”
• No security issues as Super Tuesday draws to a close, CISA official says
• Canadian Centre for Cyber Security Security tips for organizations with remote workers – ITSAP.10.016
• Canadian Centre for Cyber Security Cyber security tips for remote work – ITSAP.10.116
• UK NPSA: Security on Your Side
• NSA Releases Maturity Guidance for the Zero Trust Network and Environment Pillar
• UK NPSA: Insider Events – Communications Guidance
• CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices
• NSA Releases Top Ten Cloud Security Mitigation Strategies
• CISA Announces New Efforts to Help Secure Open Source Ecosystem
• European court favors strong encryption, calling it key to privacy rights
• Update to national cybersecurity strategy implementation plan coming before the end of summer
• JetBrains TeamCity under attack by ransomware thugs after disclosure mess
• CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog
• International: 
  • As gangs attack a critical port, ‘Haiti will go hungry soon’
  • Tabletop exercise hosted by Europol to disrupt terrorist content online
  • Tesla Berlin Gigafactory to be without power for another week following eco-terrorist attack
  • Germany: Sabotage case launched against Tesla protesters
  • German police carry out raids against people suspected of posting misogynistic hate speech online
  • Sweden officially joins NATO, ending decades of post-World War II neutrality
  • Statement from President Joe Biden Welcoming Sweden to NATO
  • Sweden police arrest suspected Islamists believed to prepare attack
  • U.S. Embassy & Consulates in Russia Security Alert: Avoid Large Gatherings over the Next 48 Hours
  • U.S. warns of imminent Moscow attack by ‘extremists,’ urges citizens to avoid crowds
  • Russia says it thwarted planned attack on synagogue
  • Russia adds chess legend Kasparov to ‘terrorists and extremists’ list

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at: [email protected], and also on X, the platform formerly known as Twitter.