April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Federal | Agencies | Legislative

WannaCry showed that firms need a stronger line of cyber defense

The current editorial focus surrounding WannaCry is on the technological vulnerabilities which allowed the ransomware to breach so many devices and systems, but the fact that the attack most probably entered into organisations via a phishing attack on end users is also very important to consider.

Friday 12 May will live long in the memory of cyber security professionals. That was the date that computer screens across the world began to flash scarlet with an ominous message: “Ooops, your files have been encrypted.”

The following days brought misery for hundreds of thousands of organisations globally including many in the NHS, impeding patient care and inconveniencing countless customers and employees.

The WannaCry ransomware attack has left industry practitioners with much to think about. Not least, how to transform your employees from a corporate cybersecurity risk to an alert and solid barrier to online threats.

Record-breaking ransomware

Considering the damage this attack campaign managed to wreak, it was certainly aptly named. Also known as WannaCrypt, WanaCrypt0r 2.0, and Wanna Decryptor, it seemed to strike at will, locking down PCs and servers in organisations as diverse as Nissan, Telefonica and even the Russian Interior Ministry.

In reality, it only affected firms which had failed to patch a known vulnerability in Windows (MS17-010). WannaCry used the NSA’s own EternalBlue exploit – recently released by hackers – to spread worm-like inside infected organisations and outwards across port 445 to other IT systems also running vulnerable installations of the Windows Server Message Block (SMB) file sharing protocol.

Europol boss Rob Wainwright claimed shortly after it struck that WannaCry had affected 200,000 targets in 150 countries, including over 60 NHS organisations. Whatever the target, it locked users out of their machines while IT teams struggled to protect key data. The cost to those organisations hit by the ransomware is almost incalculable.

Some may have been fortunate to store back-ups of their mission critical data offline, but there still remains the long and costly process of clean-up, remediation and restore. In the meantime, staff downtime and service outages continue, which in the case of the NHS, means cancelled operations, patient treatments and other vital appointments.

Phishing 101

The best guess for how WannaCry gained an initial foothold on targeted systems is through unsolicited phishing emails which tricked users into clicking through, kick-starting the initial malware download. If that’s true, this outbreak has elevated effective user education and awareness training to an issue of critical importance.

Phishing has been around for years but today is more popular than ever before. Many attacks are designed to trick users into handing over personal and financial details which can then be monetised by the hackers on darknet forums.

However, increasingly they’re combined with malicious links and/or attachments with a view to downloading malware onto the victim’s machine. In fact, malware infection accounted for over a quarter (27%) of phishing attacks spotted last year, according to Wombat’s State of the Phish 2017 report.

The Anti Phishing Working Group (APWG) saw just 1,609 phishing attacks each month in Q4 2004 versus a staggering 92,564 per month on average in Q4 2016, an increase of 5,753% over 12 years. And Wombat Security has learned that the APWG doesn’t include ransomware attacks like Wannacry in their phishing statistics, which in its opinion significantly underestimates the actual volume of phishing emails.

This shows the sheer scale of the challenge facing IT departments in turning their staff into a strong line of defence. Yes, technology solutions can help to mitigate the threat. But with phishing click rates as high as 30% in some sectors, according to Wombat data, end users are very much the weakest link in many organisations.

Continuous learning

This all makes user education and training vital. The good news is that 92% of organisations claim they run such programmes, up from 86% two years previously, according to our data. However, as WannaCry and numerous other ransomware and cyberattack campaigns have shown, they aren’t always effective. With targeted spear phishing – which hit 61% of firms we spoke to last year – end users have to be more diligent than ever to recognise, avoid, and report attacks.

So what approaches work best? Effective training and awareness programmes must start with some form of baselining to see how susceptible employees are to phishing – something 33% of UK and US firms still weren’t doing last year. Then it’s all about choosing the right kind of curriculum.

Programs which include the simulation of real world attacks, and in-depth, yet brief, computer based training modules are most useful as they can help evaluate and educate staff without exposing the organisation to unnecessary risk.

The emphasis throughout should be on serving up short but focused 15-minute-or-so bursts of training throughout the year, which will provide a continuous learning approach. This philosophy crucially also works well in industries like healthcare where busy staff may have irregular and unpredictable schedules.

The bottom line is that the decisions end users make could have a huge impact on the security of your organisation. If you don’t educate them continuously to spot the ever-changing ways cybercriminals are looking to get past your cyber defences, it could have far-reaching consequences.

Sourced by Colin McTrusty, director of EMEA at Wombat Security

Netwrix Auditor saves Danish local authority up to 40 hours per month on Compliance Monitoring

Netwrix Corporation, provider of a visibility platform for data security and risk mitigation, announced today that the Municipality of Roskilde in Denmark leverages the visibility provided by Netwrix Auditor to manage security risks and assure continuous compliance.

The Municipality of Roskilde is located in East Denmark and has a total population of 87,000 people. Its IT department is tasked with storing a range of sensitive data, including citizens’ personal identification numbers relating to the national Civil Registration System, which it must safeguard across a complex IT infrastructure that includes 270 servers and 640 applications. Further challenges are the need to prove compliance with Danish state regulations while spending less time on annual audits so that the IT department can focus more on their core responsibilities. Failure to ensure the safety of data and continuous compliance could expose the municipality to large penalties.

Roskilde’s IT department deployed Netwrix Auditor because it significantly simplifies tracking of user activity across all critical systems. With the help of the software, the municipality achieved the following results:

  • Visibility into critical actions. Netwrix Auditor delivers concise and actionable information about user activity across Active DirectoryExchange and Windows Servers, and also alerts the IT team about actions that could turn into a security breach.

  • Streamlined compliance. With the deep insight into user activity, the IT department can now validate its security controls, as required by the standards. Moreover, Netwrix Auditor keeps the entire audit trail in a long-term archive, so it can be easily retrieved during compliance checks to show auditors what happened in the past.

  • Time savings and easier troubleshooting. Netwrix Auditor saves the IT department at least 2 hours a day on manual monitoring of user activity across Roskilde’s complex IT infrastructure. On top of that, the actionable intelligence helps the team investigate and resolve user issues faster than before.

"Prior to deploying Netwrix Auditor, we had to manually monitor user activity in our environment. You could be looking at 5–6 domain controllers without even knowing what you are searching for. Netwrix Auditor consolidates everything, so it is very easy to understand what is going on in the infrastructure. We receive a report, skim it through very fast and get the answer. Sometimes things are nice to have and sometimes they are a necessity. Netwrix Auditor is a necessity, like a Swiss Army knife of monitoring solutions that is able to do so many things," said Finn Horn, IT specialist at the Municipality of Roskilde.

"Government institutions need to be able to react immediately to any modifications in the IT infrastructure in order to maintain data security and carry out their fundamental duty — safeguarding the interests of citizens. Uncontrolled processes in the infrastructure are inadmissible. Complete visibility into the IT environment is essential to efficient and convenient monitoring and ongoing review of user activities. This ensures the security of the large amounts of sensitive information and facilitates compliance with federal regulations," said Michael Fimin, CEO and co-founder of Netwrix.

Netwrix Auditor is a visibility platform for data security and risk mitigation that enables state and local government agencies to detect security threats, efficiently resolve user issues and streamline compliance processes.

To read the complete case study, please visit: www.netwrix.com/go/roskilde

About Netwrix Corporation

Netwrix Corporation was the first vendor to introduce a visibility and governance platform for hybrid cloud security. More than 160,000 IT departments worldwide rely on Netwrix to detect insider threats on premises and in the cloud, pass compliance audits with less effort and expense, and increase productivity of IT security and operations teams. Founded in 2006, Netwrix has earned more than 100 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S. For more information, visit www.netwrix.com


FBI intelligence analysts send letter to Trump with recommendations for bureau's next leader

WASHINGTON May 18, 2017 The FBI Intelligence Analysts Association — which seeks to elevate the importance of the FBI’s intelligence mission and to represent the professional interests of the FBI’s 3,100 plus Intelligence Analysts (IAs) — recently requested the President, members of the Senate and House of Representatives, and the Attorney General to consider the association’s views on the critical matter of selecting the next Director of the Federal Bureau of Investigation (FBI).

In its letter to senior government officials, the FBI IAA articulated the need for the selection of a nonpartisan Director who will maintain the FBI’s traditional neutrality and independence. The FBI IAA believes it is vital that the next Director come without attachment to, or a background as, a partisan elected official in a political party. Additionally, the FBI IAA listed three necessary traits for a successor to manage the FBI in the 21st century, specifically that the next Director:

Has Deep Understanding of and Commitment to the FBI’s Dual Intelligence and Law Enforcement Mission;

Has the Ability to Strengthen a Culture of Collaboration within the FBI and Across the Law Enforcement and Intelligence Communities; and

Is Innovative, Adaptable, and Forward-Leaning to Effectively Target the Nation’s Criminal and National Security Threats

The FBI IAA emphasized that it is vital for the next Director continue to build the FBI’s Intelligence Career Service (ICS), with intelligence leadership, and be committed to strengthening a culture of collaboration, which engages the diverse talents of the entire FBI workforce. The next Director must also quickly adapt the FBI’s priorities and develop new ways of doing business, including technology advancements, in the face of an ever-changing set of diverse and sophisticated threats.

While the association chose not to endorse a specific candidate as the ideal successor, the FBI IAA will welcome a Director who will be as strong of an advocate for the FBI’s intelligence mission as former Director Comey.

The letter in its entirety is posted at the FBI IAA’s website: http://www.fbiiaa.org/.

The FBI Intelligence Analysts Association is nonprofit organization. It is led by a Board of Directors, who voluntarily serve the members without compensation of any kind. The FBI’s Intelligence Analysts are an integral part of the FBI’s dual intelligence and law enforcement missions. Totaling more than 3,100 intelligence professionals, they are the FBI’s second largest employee group. The FBI IAA works to represent the views of FBI Intelligence Analysts, develop their profession within the FBI, and advance the FBI's Intelligence Program.

AmeriCorps agency honored for work during disaster response efforts


WASHINGTON May 17, 2017 The Corporation for National and Community Service (CNCS), the federal agency that oversees AmeriCorps and Senior Corps, was selected as the National VOAD Partner of the Year. The award, presented by National Voluntary Organizations Active in Disaster (NVOAD), recognizes the contributions CNCS programs have had in disaster response and recovery efforts throughout the country during the last year. 

NVOAD is a national coordinating body for the major community and faith-based organizations involved in disaster response. The award was presented by National VOAD CEO, Greg Forrester, at the organization's annual conference in Houston on Tuesday evening.

In 2016, CNCS deployed more than 1,300 AmeriCorps members from AmeriCorps Disaster Response Teams to seven nationally-declared disasters. AmeriCorps Disaster Response Teams are CNCS's elite specialty-trained crews deployed at the request of local and federal emergency managers. The teams deployed in 2016 represented the following states: Arizona, California, Colorado, Iowa, Louisiana, Maryland, Mississippi, Missouri, Montana, New Mexico, Texas, Utah, Virginia, and Washington.

AmeriCorps members joined response efforts for the Missouri, West Virginia, Texas, Mississippi, and Louisiana flooding; the Flint water crisis; Hurricane Matthew; and the East Tennessee wildfires. Their efforts led to the mucking and gutting of more than 1,400 homes. Mucking and gutting is essential to returning families and individuals back to their homes. Without these services, houses quickly become unsalvageable, contributing to the devastating loss of available, affordable housing in communities most in need. Other services include debris removal, roof tarping, sandbagging, volunteer and donations management, and the establishment of long-term recovery coalitions, which bring together local organizations to provide critical recovery resources to homeowners.

"CNCS's work in disaster response and recovery cannot be done alone. The AmeriCorps and Senior Corps members deployed become part of the communities in which they serve and stand shoulder to shoulder with their neighbors throughout the recovery process," said Kelly DeGraff, senior advisor for disaster services at the Corporation for National and Community Service. "CNCS is honored to receive this award, and proud to share it with the thousands of AmeriCorps and Senior Corps members who've responded to disasters and all the lives they've touched."

Additional 2017 NVOAD winners include the South Dakota VOAD for the Innovative Program of the Year, the North Carolina VOAD for State VOAD of the Year, All Hands for Member of the Year, Christy Smith of UMCOR for the Spirit Award, and Dee Binder of the American Red Cross for the Don Hampton Volunteer of the Year Award. 

Currently, more than 80 AmeriCorps members in Missouri and Texas are assisting local communities in their response to devastating storms and flooding. In Texas, AmeriCorps members from the Texas Conservation Corps have set up a Volunteer Reception Center and are joined by Senior Corps members from the RV Disaster Corps. In Missouri, AmeriCorps St. Louis members are joined by five AmeriCorps NCCC teams to support the 2-1-1 call center, muck-and-gut operations, debris removal, and volunteer management.

Following a disaster, national service acts as a force multiplier, providing key resources and significantly expanding the capacity of existing organizations on the ground. More than 40,000 AmeriCorps and Senior Corps members were deployed in response to Hurricane Katrina. In the decade since, AmeriCorps teams have provided critical support after countless disasters, including the Flint water crisis; 2016 Louisiana flood; 2014 Southeast Michigan flood; Hurricane Sandy; tornadoes in Joplin, Mo., Tuscaloosa, Ala., and Moore, Okla.; the explosion in West, Texas; and the Deepwater Horizon BP oil spill.

The Corporation for National and Community Service, a federal agency, provides strong support, expertise, and trained and dedicated volunteers to help communities to prepare for, mitigate, respond to, and recover from natural and man-made disasters. From forest fires and floods, to hurricanes and tornadoes, to terror attacks and oil spills, participants in CNCS programs have provided critical support to millions of Americans affected by disasters since 1994.

CNCS engages millions of Americans in service through its AmeriCorps, Senior Corps, Social Innovation Fund, and Volunteer Generation Fund programs, and leads volunteer initiatives for the nation. For more information, visit NationalService.gov. 

Homeland Security S&T Directorate to hold cybersecurity industry day

WASHINGTON The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) will introduce its newest research and development solicitation call during a May 25 Industry Day event at the Mayflower Hotel in Washington, D.C.

S&T Cyber Security Division Program Manager Dr. Ann Cox will be briefing interested parties on a new research area called Predict, Assess Risk, Identify (and Migrate) Disruptive Internet-scale Network Events (PARIDINE). This project builds on the work of its Internet Measurement and Attack Modeling (IMAM) research and development effort and will be issued against S&T CSD HSHQDC-17-R-B0002, a five-year Broad Agency Announcement that was announced in February of this year. At this Industry Day, Cox will explain the technical focus of the research project and answer questions posed by representatives from industry, academia and research laboratories that are interested in submitting research proposals.

Thursday, May 25

1:30–4:45 PM EDT DHS S&T will hold an Industry Day to unveil its new Predict, Assess Risk, Identify (and Mitigate) Disruptive Internet-scale Network Events (PARIDINE) research project.

Mayflower Hotel

Grand Ballroom

1127 Connecticut Avenue, NW

Washington, D.C 20036


*Credentialed media representatives who are planning to attend must register by 12 p.m. May 23 and check in at the onsite registration desk the day of the event.

Visit www.cvent.com/d/d5qsmp for event details and to register.

Report: Despite increased focus, insider threats still pose major risk to government systems


ALEXANDRIA, VA May 15, 2017 MeriTalk, a public-private partnership focused on improving the outcomes of government IT, today announced the results of its new report, “Inside Job: The Sequel – The 2017 Federal Insider Threat Report.” Despite an increased focus on insider threats and the significant growth of formal prevention programs, the study, underwritten by Symantec, reveals that the rate of cyber incidents perpetrated by insiders remains relatively stagnant – 42 percent of agencies report incidents over the last year, compared to 45 percent in 2015.

“Inside Job: The Sequel,” which builds on MeriTalk and Symantec’s 2015 “Inside Job: The Federal Insider Threat Report,” surveyed 150 Federal IT cybersecurity professionals to examine how agencies can effectively detect and address suspicious behaviors, how cloud adoption can complicate insider threat protection, and where the major gaps in agency prevention strategies lie.

Federal agencies are increasing their focus on insider threats, with 85 percent of survey respondents saying their agency is more focused on combating insider threats today than one year ago – up from 76 percent in 2015. Additionally, 86 percent say they have a formal insider threat prevention program in place – a big jump from just 55 percent in 2015.

But, despite these efforts, 75 percent of respondents say insider threats are just as or more challenging to identify and mitigate today than one year ago, and nearly a quarter say they lost data to an insider threat incident in the last year. Cloud is a big reason why. Fifty nine percent of the survey respondents say that the growing number of cloud-based systems has made insider threats more difficult to identify – due to increased complexity, endpoint monitoring challenges, lack of preventative measures, and difficulty implementing and enforcing identity and access management policies. Despite the cloud’s impact on the insider threat equation and the serious potential consequences of these incidents, fewer than half of agencies have taken specific steps to ensure cloud adoption does not jeopardize insider threat protection.

“As boundaries dissolve, the threat landscape is becoming more complex. Thanks to cloud adoption, endpoint multiplication, and the ever-growing remote workforce, insider threats are even more difficult to manage and prevent,” said Rob Potter, vice president, public sector, Symantec. “Agencies can establish better control over their cybersecurity programs and manage risk more effectively by leveraging the NIST Cybersecurity Framework (CSF) to identify gaps in their security posture and chart a plan to address them. Formal threat detection and response protocols, as well as systems for reporting and maintaining potential or actual incidents, are critical to preventing data loss.”

Yet, agencies that have lost data to insider incidents are less likely than those that have not to say they use key security technologies agency-wide. Case in point: just 34 percent of agencies that have lost data use data loss prevention (DLP) technology across their environment, compared with 65 percent of agencies that have not. Only a third of agencies give themselves an “A” rating for DLP.

“The recent Vault 7 Wikileaks release shone a harsh spotlight squarely on the insider threat issue,” says Steve O'Keeffe, founder, MeriTalk. “Our study found that half of agencies report that unauthorized employees access protected information at least weekly. It’s time to plug those holes. The potential consequences – from identity theft to national security crisis – are too dire.”

Federal agencies see a clear path to insider threat prevention, the report found. To minimize data loss, respondents say agencies must limit access points (60 percent), adopt multi-factor authentication (50 percent), expand real-time activity monitoring (49 percent), implement data loss prevention capabilities (45 percent), and classify data (45 percent). The top investments planned for the next two years include user behavioral analytics, commercial threat intelligence, and anomaly detection tied with multi-factor authentication.

“Inside Job: The Sequel – The Federal Insider Threat Report” is based on an online survey of 150 Federal IT managers familiar with their agency’s cyber security in March 2017. The report has a margin of error of ±7.97 percent at a 95 percent confidence level. To download the full report, please visit https://www.meritalk.com/study/inside-job-the-sequel/.

About MeriTalk

The voice of tomorrow’s government today, MeriTalk is a public-private partnership focused on improving the outcomes of government IT. Focusing on government’s hot-button issues, MeriTalk hosts Big Data Exchange, Cloud Computing Exchange, Cyber Security Exchange, and Data Center Exchange – platforms dedicated to supporting public-private dialogue and collaboration. MeriTalk connects with an audience of 115,000 government community contacts. For more information, visit www.meritalk.com or follow us on Twitter, @meritalk. MeriTalk is a 300Brand organization.

Federal worker unions join forces to oppose air traffic control privatization proposal


WASHINGTON The American Federation of Government Employees is joining with other employee organizations in opposing any attempts to privatize the Federal Aviation Administration’s air traffic control system.

AFGE is one of seven organizations representing FAA’s rank-and-file employees and managers that sent a joint letter to leaders from the House Transportation and Infrastructure Committee in opposition to privatization.

“Quite simply, overhauling the entire aviation system by removing air traffic control from federal oversight and funding will be a serious setback for its development and growth,” the letter states. “Our air traffic control system is a national public asset and we strongly believe it should remain in the public trust.”

The FAA operates and maintains the National Airspace System, which safely transports two million passengers to and from their destinations on about 70,00 flights per day. The commercial aviation industry is a cornerstone of the American economy, contributing $1.5 trillion to the economy each year and supplying more than 10 million American jobs.

Privatization would jeopardize the FAA’s almost-completed work to develop the nation’s Next Generation Air Transportation System, commonly called NextGen, which is being spearheaded by FAA researchers and engineers at the William J. Hughes Technical Center outside Atlantic City, N.J.

“FAA employees have decades of specialized experience maintaining the National Airspace System that cannot be replaced without great costs to American taxpayers and great risks to the flying public,” said Ron Consalvo, president of AFGE Local 200, which represents more than 340 federal employees at the technical center.

The tech center is a major hub of economic activity in the region, issuing $425 million in contracts to 239 businesses in fiscal 2016 – primarily small businesses and those owned by minorities, women, service-connected veterans, and other disadvantaged groups.

“Considering that aviation accounts for more than 5 percent of the nation’s gross domestic product, we cannot gamble with the future of our air traffic control system,” the joint letter states. “Privatization is unlikely to make the system more efficient or less costly, but would introduce a significant level of uncertainty into the global aviation economy.”

The Congressional Budget Office says privatizing the air traffic control system would increase the nation’s deficit by $20 billion over 10 years and billions more in subsequent decades. The Department of Defense says it has “serious concerns” about the impact privatization would have on national defense – specifically on critical military assets managed jointly by the Pentagon and FAA, including drones, communication systems, and surveillance.

“Privatizing air traffic control will raise costs to taxpayers and the flying public, jeopardize our national security, and throw the FAA’s entire operation into chaos,” AFGE National President J. David Cox Sr. said.

Joining AFGE in signing the letter were the American Federation of State, County and Municipal Employees; the FAA Managers Association, the National Association of Government Employees; the National Federation of Federal Employees; the Professional Association of Aeronautical Center Employees; and the Professional Aviation Safety Specialists.


The American Federation of Government Employees (AFGE) is the largest federal employee union, representing 700,000 workers in the federal government and the government of the District of Columbia.

Comtech Telecommunications among awardees for $2.5B GSA SATCOM IDIQ

MELVILLE, NY May 15, 2017 Comtech Telecommunications Corp. (Nasdaq:CMTL) announced today that its Maryland-based subsidiary, TeleCommunication Systems, Inc. (TCS), through its Command & Control Technologies group, which is part of Comtech’s Government Solutions segment, has been named as an awardee under the General Service Administration (GSA) Complex Commercial SATCOM Solutions (CS3) IDIQ Contract. This is a ten (10) year contract which enables U.S. federal agencies to purchase end-to-end, turnkey solutions which incorporate commercial satellite communication services through the General Services Administration (GSA). The multiple-awardee, Indefinite Delivery – Indefinite Quantity (IDIQ) contract has an estimated value of $2.5 billion over its 10-year term. The CS3 contract is the successor to the Custom SATCOM Solutions (CS2), under which TCS was also an awardee.

“I’m very proud that our team was once again awarded this significant contract vehicle that provides our DoD and federal civilian agency customers the opportunity to purchase our SATCOM solutions and products,” said Fred Kornberg, President and Chief Executive Officer of Comtech Telecommunications Corp.

The Command & Control Technologies group is a leading provider of mission-critical, highly-mobile C4ISR solutions.

Comtech Telecommunications Corp. designs, develops, produces and markets innovative products, systems and services for advanced communications solutions. The Company sells products to a diverse customer base in the global commercial and government communications markets.

Certain information in this press release contains statements that are forward-looking in nature and involve certain significant risks and uncertainties. Actual results could differ materially from such forward-looking information. The Company's Securities and Exchange Commission filings identify many such risks and uncertainties. Any forward-looking information in this press release is qualified in its entirety by the risks and uncertainties described in such Securities and Exchange Commission filings.

Cybersecurity executives: 'Wannacrypt' ransomware attack a wake-up call for industry, government leaders


By Steve Bittenbender
Editor, Government Security News

The ransomware attack that plagued the globe on Friday must serve as a “wake-up call” to both industry and government leaders that the time for urgent action is now. That’s how one of Microsoft’s top executives reacted to the “WannaCrypt” attack that targeted computer systems in various industries worldwide, including healthcare and government systems.

“WannaCrypt,” also dubbed “WannaCry,” was a ransomware attack that paralyzed hospitals in Great Britain and even FedEx in the United States, although the attack seemed to focus mainly on Russian servers based on information provided from Kapersky Labs. A ransomware attack is where a hacker encrypts files and threatens to destroy the data if the ransom – in the case of “WannaCrypt,” it was at least $300 in Bitcoin – is not paid within a certain time.

In a Sunday blog post on Microsoft’s Web site, company President and Chief Legal Officer Brad Smith said the hackers used material stolen from the National Security Agency to perpetrate the attack. The NSA breach had been previously reported, and, in March, Microsoft released a patch to its users to protect them from an attack. While some users updated their systems, others did not, and they were the ones scrambling on Friday.

The ransomware attack “demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers,” Smith said. “The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past.”

Dan Matthews, a sales engineer with Lastline, said network managers had another option to prevent the attack if they were not able to get the patch installed in time.

He, like other experts, said the ransomware attack served as an important reminder of being proactive in managing cybersecurity risks.

“In practice things are often more complicated and there are legitimate reasons for needing more time to implement a patch,” Matthews said. “Organizations who are unable to deploy Microsoft's (or other software vendors’) critical patches in a timely manner can instead implement advanced email and network protections that are capable of detecting ransomware and preventing the delivery of these payloads to unpatched computers.”

Ofer Israeli, CEO and founder of Illusive Networks, said he expects hackers will continue to use the stolen NSA material for other attacks.

“In this case, we are seeing an opportunistic ransomware operation, but we can expect the exploit is already being used for surgical targeted attacks, the outcome of which will only be revealed in a few months, due to the time it takes to execute a sophisticated targeted attack,” he said.

Brian Lord, OBE, managing director for British-based PGI Cyber, said the attacks were “always inevitable.”

Lord also echoed Smith’s comments on this being a wake-up call.

“While organizations are distracted by high profile dramatized threats, such as Russian election hacking, they are neglecting basic cyber hygiene measures which can prevent the mass effectiveness of mass ransomware attacks like this,” said Lord, the former director of deputy director for intelligence and cyber operations for Britain’s Government Communications Headquarters.

Smith added that it’s time government leaders readdress their cybersecurity policies, as attacks like “WannaCrypt” are becoming an emerging problem this year. He equated the NSA losing its coding to the military having a few Tomahawk missiles taken.

“This is one reason we called in February for a new ‘Digital Geneva Convention’ to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them,” Smith said. “And it’s why we’ve pledged our support for defending every customer everywhere in the face of cyberattacks, regardless of their nationality.”

Ross Technology to supply ballistic-resistant doors and windows to State Department

LANCASTER, PA Ross Technology, a global leader in architectural security products, has been awarded the Government Provided Equipment (GPE) contract by the U.S. Department of State to supply Forced-Entry/Ballistic Resistant (FE/BR) windows and doors. The award contract is for one year, with four optional years to follow.

Ross has been the incumbent GPE contract holder for FE/BR windows since 2005, and throughout that time has provided products to over 50 embassies and consulates.

In addition to supplying FE/BR windows, Ross has now been trusted to provide FE/BR doors as part of the new government contract.

Mark Heberlein, Ross Technology’s Architectural Security Product Manager, recognizes the magnitude of the GPE Award. “We’ve worked very hard to provide the highest quality products and service to the Department of State over the past 12 years. It speaks volumes that, in addition to awarding us the window contract again, they’ve entrusted us to fulfill the requirement for the doors as well.”

Ross manufactures FE/BR windows and doors tested to the U.S. Department of State threat mitigation standards. For a full list of available products and more information about the products Ross will supply as part of this contract, please view our webpage.




Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...