The Age of Massive Data Breaches

June 6th, 2017

Cal OES Cyber Guys

From Left to Right in Photo:

ELI OWEN, Deputy Commander, California State Threat Assessment Center

THOR EDEN, California Cyber Security Integration Center

MICHAEL CREWS, Cal OES Information Security Officer

 

For this episode we brought three of California’s cyber security gurus who talk about some of things you and your agency/company can and should be doing to protect yourself from cybercrime.  October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity, but any month, any day is a good day to beef up your own personal protection. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident. (Source: Dept. of Homeland Security)

California Cybersecurity Integration Center’s (CalCSIC) mission is to reduce the likelihood and severity of cyber incidents that may significantly compromise the security and resilience of California’s economy, its critical infrastructure, and information resources. Cal OES executes this mission together with CDT, CHP and CMD. Cal-CSIC is comprised of two key functional components: (1) cyber threat analysis; and, (2) dissemination and coordination of incident response and recovery operations (hereinafter “recovery”). Specifically, Cal-CSIC coordinates the identification, prevention or mitigation of cyber threats, as well as coordinates the response to, and recovery from significant cyber incidents. Cal-CSIC coordinates the production of threat assessments for the State, and facilitates analysis and exchange of cyber threat information with all affected organizations.

Terms Used:

Cyber Crime – Crime conducted via the Internet or some other computer network

APT – Advanced Persistent Threat

Social Engineering –  a line of attack that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. (Source: TechTarget)

Spycraft – (aka Tradecraft) Within the intelligence community, this refers to the techniques, methods and technologies used in modern espionage (spying) and generally, as part of the activity of intelligence.

Polymorphic – Polymorphic malware is harmful, destructive or intrusive computer software such as a virus, worm, Trojan or spyware that constantly changes ("morphs"), making it difficult to detect with anti-malware programs. Evolution of the malicious code can occur in a variety of ways such as filename changes, compression and encryption with variable keys. (Source: TechTarget)

Spear phishing – An email that appears to be from an individual or business that you know. But it isn't. It's from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC.

Ransomware – There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC. They can target any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider.

Ransomware can:

Prevent you from accessing your computer.

Encrypt files so you can't use them.

Stop certain apps from running (like your web browser).

Ransomware will demand that you pay money (a “ransom”) to get access to your PC or files. We have also seen them make you complete surveys.

There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again. (Source: Microsoft)

Links:

Cal-CSIC Announcement

https://www.gov.ca.gov/news.php?id=19083

For more information on partnering with Cal-CSIC

state.cybersecurity@caloes.ca.gov

Cal OES Cal-CSIC

http://www.caloes.ca.gov/cal-oes-divisions/law-enforcement/california-cybersecurity-integration-center

IT Peer Network Article

https://itpeernetwork.intel.com/california-to-establish-a-cybersecurity-integration-center/

Stop Think Connect

www.stopthinkconnect.org

Interpol

www.NoMoreRansom.org

Ransomware Help

www.NoMoreRansom.org

Share | Download

Cal OES Cyber Guys’ Protection Advice for October as Cyber Security Awareness Month

October 11th, 2016

CyberGuysPodcast.jpg

From Left to Right in Photo:

ELI OWEN, Deputy Commander, California State Threat Assessment Center

THOR EDENS, California Cyber Security Integration Center

MICHAEL CREWS, Cal OES Information Security Officer

For this episode we brought three of California’s cybersecurity gurus who talk about some of things you and your agency/company can and should be doing to protect yourself from cybercrime. October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity, but any month, any day is a good time to beef up your own personal protection. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident. (Source: Dept. of Homeland Security)

California Cybersecurity Integration Center’s (CalCSIC) mission is to reduce the likelihood and severity of cyber incidents that may significantly compromise the security and resilience of California’s economy, its critical infrastructure,and information resources. Cal OES executes this mission together with CDT, CHP and CMD. Cal-CSIC is comprised of two key functional components: (1) cyberthreat analysis; and, (2) dissemination and coordination of incident response and recovery operations (hereinafter “recovery”). Specifically, Cal-CSIC coordinates the identification, prevention or mitigation of cyber threats, as well as coordinates the response to, and recovery from significant cyber incidents. Cal-CSIC coordinates the production of threat assessments for theState, and facilitates analysis and exchange of cyber threat information with all affected organizations.

Terms Used:

Cyber Crime – Crime conducted via the Internet or someother computer network

APT – Advanced Persistent Threat

Social Engineering –  A line of attack that relies heavily on humaninteraction and often involves tricking people into breaking normal securityprocedures. (Source: TechTarget)

Spycraft – (aka Tradecraft) Within the intelligencecommunity, this refers to the techniques, methods and technologies used inmodern espionage (spying) and generally, as part of the activity ofintelligence.

Polymorphic – Polymorphic malware is harmful, destructiveor intrusive computer software such as a virus, worm, Trojan or spyware thatconstantly changes ("morphs"), making it difficult to detect withanti-malware programs. Evolution of the malicious code can occur in a varietyof ways such as filename changes, compression and encryption with variablekeys. (Source: TechTarget)

Spear phishing – An email that appears to be from anindividual or business that you know. But it isn't. It's from the same criminalhackers who want your credit card and bank account numbers, passwords, and thefinancial information on your PC.

Ransomware – There are different types of ransomware.However, all of them will prevent you from using your PC normally, and theywill all ask you to do something before you can use your PC. They can targetany PC users, whether it’s a home computer, endpoints in an enterprise network,or servers used by a government agency or healthcare provider.

Ransomware can:

  • Prevent you from accessing your computer.
  • Encrypt files so you can't use them.
  • Stop certain apps from running (like your web browser).
  • Ransomware will demand that you pay money (a “ransom”) toget access to your PC or files. We have also seen them make you completesurveys.
  • There is no guarantee that paying the fine or doing whatthe ransomware tells you will give access to your PC or files again. (Source:Microsoft) 

Links:

Stop Think Connect

www.stopthinkconnect.org 

Interpol

www.NoMoreRansom.org

Ransomware Help

www.NoMoreRansom.org

CalCSIC Announcement

https://www.gov.ca.gov/news.php?id=19083

https://itpeernetwork.intel.com/california-to-establish-a-cybersecurity-integration-center/

California Cyber Security 

STATE.CYBERSECURITY@CALOES.CA.GOV

Share | Download

-