Weekly Security Sprint EP 83. Helene recovery, Crimes report, and CSAM

Please enjoy our newest podcast, the weekly Security Sprint, on Spotify, Apple, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

Join the new Gate 15 Resilience and Intelligence Portal – the GRIP! and get our daily report, the SUN, TARGET reports, our ransomware digest, partner reports, and more – including our new Generative AI version of the SUN! Join the GRIP! Share the Gen AI SUN! Our new TLP:GREEN Gen AI version of the SUN highlights a few notable items from the complete SUN in a 3-4 minute video that can be easily shared and digested across your organization! An easy security win, you can share the Gen AI SUN as a daily security awareness update with your security teams and even across your entire team. Take the easy win!

---

On this week’s Security Sprint, Dave and Andy covered the following:

Water, Water, Everywhere!

• WaterISAC – EPA: National Security Information Sharing Bulletin
• WaterISAC – Cybersecurity Fundamentals for Water and Wastewater Utilities
• WaterISAC: Incident Awareness – Ransomware Attackers Target Kansas Water Treatment Facility
• Kansas water plant cyberattack forces switch to manual operations
• WaterISAC: EPA’s Hazard Mitigation for Natural Disasters: A Starter Guide for Water and Wastewater Utilities
• Fears of Weakness in Water Cybersecurity Grow After Kansas Attack
• WaterISAC: Potential Supply Chain Impacts from East Coast and Gulf Coast Labor Negotiations (Updated September 26, 2024)
• Deluge of Threats to Water Utilities: Securing Operational Technology Against Cyberattacks

INC Ransomware had a very active weekend! GRIP subscribers saw some of that in the SUN, and see more in this week’s Ransomware and Data Breach Digest and a special Bricklayer AI-informed TARGET Report on INC Ransomware.

Main Topics

Severe Weather, Hurricane Helene, and Resilience Planning.

Crime

• FBI Releases 2023 Crime in the Nation Statistics. The FBI released detailed data on over 14 million criminal offenses for 2023 reported to the Uniform Crime Reporting (UCR) Program by participating law enforcement agencies. More than 16,000 state, county, city, university and college, and tribal agencies, covering a combined population of 94.3% inhabitants, submitted data to the UCR Program through the National Incident-Based Reporting System (NIBRS) and the Summary Reporting System. The FBI’s crime statistics estimates, based on reported data for 2023, show that national violent crime decreased an estimated 3.0% in 2023 compared to 2022 estimates:  
  • Murder and non-negligent manslaughter recorded a 2023 estimated nationwide decrease of 11.6% compared to the previous year.  
  • In 2023, the estimated number of offenses in the revised rape category saw an estimated 9.4% decrease.  
  • Aggravated assault figures decreased an estimated 2.8% in 2023. 
  • Robbery showed an estimated decrease of 0.3% nationally.  
  • In 2023, 16,009 agencies participated in the hate crime collection, with a population coverage of 95.2%.
  • ADL: New FBI Data Reflects Record-High Number of Anti-Jewish Hate Crimes

• FBI Releases 2024 Quarterly Crime Report and Use-of-Force Data Update. On Monday, September 30, 2024, the FBI’s Uniform Crime Reporting (UCR) Program released the Quarterly Uniform Crime Report (Q2), January-June 2024, and the National Use-of-Force Data Collection Update, June 2024, on the FBI’s Crime Data Explorer (CDE) at https://cde.ucr.cjis.gov. The Quarterly Uniform Crime Report (Q2), January-June 2024, provides a preliminary look at crime trends for January through June 2024 compared to January through June 2023. A comparison of data from agencies that voluntarily submitted at least three or more common months of data for January through June 2023 and 2024 indicates reported violent crime decreased by 10.3%. Murder decreased by 22.7%, rape decreased by 17.7%, robbery decreased by 13.6%, and aggravated assault decreased by 8.1%. Reported property crime also decreased by 13.1%. Information released from the National Use-of-Force Data Collection in September 2024 reflects data from 72% of the law enforcement population participating in the collection. The following is a breakdown of the types of use-of-force events reported from July 1, 2023, through June 30, 2024:
  • Death—33%
  • Serious Bodily Injury—55%
  • Discharge—13%
  • The number of incidents will be publicly released when 80% participation levels are met.

A Proclamation on Cybersecurity Awareness Month, 2024. During National Cybersecurity Month, we recognize the important role that cybersecurity plays in keeping Americans safe, protecting our institutions, and upholding our democracy.  We honor all of the cybersecurity professionals, who are working tirelessly to defend our digital world.  And we look forward to all that we will accomplish as we work together to advance cybersecurity.

• Derek Johnson. T-Mobile reaches $31.5 million settlement with FCC over past data breaches. While half of that total will take the form of a traditional fine, the other half will be invested into fulfilling a consent decree mandating that T-Mobile put in place a series of mandatory data security and cybersecurity improvements over the next two years. Those include implementing phishing-resistant multifactor authentication protections throughout the company, segmenting its network to limit the data exposure in future breaches, adopting regular data minimization and deletion procedures and submitting to third-party security audits. The company must also designate and empower a chief information security officer to provide regular briefings to the board of directors.t we will have an extreme heat wave and an extended blackout in the United States.”
• T-Mobile Required to Change Business Practices After Data Breaches. FCC Reaches Multi-Million Dollar Settlement of Investigations Into T-Mobile Data Breaches with Significant Improvements to Company’s Cybersecurity; All Major Wireless Carriers Now Required to Make Investments to Protect Consumer Data and Privacy (PDF)

Quick Hits

• JCAT First Responders Toolbox: Enhancing Bystander Reporting to Prevent Terrorism
• UK NCSC: Multi-factor authentication for your corporate online services
• NZ NCSC – Joint Guidance: Detecting and mitigating Active Directory compromises
• CISA Warns of Hurricane-Related Scams. As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events. CISA encourages users to review the following resources to avoid falling victim to malicious cyber activity: 
• Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity, 
• Consumer Financial Protection Bureau’s Frauds and scams, and 
• CISA’s Phishing Guidance, Stopping the Attack Cycle at Phase One to help organizations reduce likelihood and impact of successful phishing attacks. 
• Wifi suspended at big UK train stations after ‘cybersecurity incident.’
• Israel issues warnings, guidelines for travel abroad ahead of Jewish holidays
• Indictment Alleges the Activity Was a More Recent Phase of a Wide-Ranging Hacking Conspiracy in Support of IRGC Targeting of Current and Former U.S. Officials
• Iranian hackers indicted Friday allegedly sought to impersonate Ginni Thomas as they targeted Trump campaign
• Treasury Sanctions Iranian Regime Agents Attempting to Interfere in U.S. Elections
• Rewards for Justice: Election interference Individual – IRGC Hackers, up to $10 Million
• Election Security Update as of Mid-September 2024: 45 Days Until Election 2024. 
• Staying a Step Ahead: Mitigating the DPRK IT Worker Threat
• Iran was behind thousands of text messages calling for revenge over Quran burnings, Sweden says
• Maryland Woman Sentenced for Conspiring to Destroy the Baltimore Region Power Grid
• Patch for Critical CUPS vulnerability: Don’t Panic
• Neo-Nazis are using AI to rebrand Hitler for a new generation
• Axios Vibes: Americans blame politicians for misinformation
• Neo-Nazi Telegram Users Panic Amid Crackdown and Arrest of Alleged Leaders of Online Extremist Group
• Man threw explosive device inside California courthouse on day of arraignment
• Republican Homeland Security Committee bill set to combat CCP cyber threats, boost cyber resilience

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community. 
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at [email protected].