This space will share important security and cybersecurity information from reputable sources.  ALMR takes cyber and physical security seriously to ensure continued operation of this critical system.  We encourage all ALMR users to disseminate cybersecurity information and best practices throughout your organization.

ALMR System Security:

ALMR is a closed system and provides the highest level of security to protect federal government agencies and assets operating on the system. All other agencies on the system benefit from this strict policy. In order to maintain the level of security required for federal agencies to operate on ALMR, no new products or infrastructure may be added to the system without completing the System Change Request process (see procedure 400-3), having the request reviewed from a security and technical standpoint, and obtaining approval from the Executive Council. Agencies should never purchase a product without contacting the Operations Management Office or the System Management Office first, completing the change request form, and receiving the required approval.

 


2/27/2024

Quarterly Cybersecurity Webinars Schedule

 

10/19/23

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint guide to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. This will help to reduce the impact of phishing attacks in obtaining credentials and deploying malware.

Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. Malicious actors primarily leverage phishing for:

  • Obtaining login credentials. Malicious actors conduct phishing campaigns to steal login credentials for initial network access.
  • Malware deployment. Malicious actors commonly conduct phishing campaigns to deploy malware for follow-on activity, such as interrupting or damaging systems, escalating user privileges, and maintaining persistence on compromised systems.

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint guide to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. This will help to reduce the impact of phishing attacks in obtaining credentials and deploying malware.

The guidance for network defenders is applicable to all organizations but may not be feasible for organizations with limited resources. Therefore, this guide includes a section of tailored recommendations for small-and medium-sized businesses and agencies  that may not have the resources to hire IT staff dedicated to a constant defense against phishing threats.

Phishing Guidance: Stopping the Attack Cycle at Phase One | CISA

 

10/4/23

On September 28, the Cybersecurity and Infrastructure Security Agency (CISA) kicked off the 20th Cybersecurity Awareness Month. In tandem, CISA also launched a new, enduring cybersecurity awareness program known as “Secure Our World.” The Secure Our World program promotes behavioral change in all Americans, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on four critical actions: using strong passwords and a password manager, turning on multifactor authentication (MFA), recognizing and reporting phishing, and updating software. It also asks technology manufacturers to Secure our Products by designing products that are cybersecure right out of the box. Secure Our World is the theme for this year’s Cybersecurity Awareness Month and will remain the enduring theme for future awareness month campaigns.

 This October and year-round, CISA challenges everyone to help secure our world by adopting four simple steps that everyone can take to stay safe online:

 ·       Use strong passwords that are long, random, and unique to each account, and use a password manager to generate them and to save them.

·       Turn on multifactor authentication on all accounts that offer it. We need more than a password on our most important accounts, like email, social media, and financial accounts.

·       Recognize and report phishing, as we like to say, think before you click. Be cautious of unsolicited emails or texts or calls asking you for personal information, and don’t click on links or open attachments from unknown sources.

·       Update software. In fact, enable automatic updates on software so the latest security patches keep devices we are connected to continuously up to date.

Additionally, as part of the effort to Secure Our World, we offer resources and tips:

 ·       For individuals and families, the Secure Our World program emphasizes the importance of securing personal accounts, offering guidance on personal device safety, safe internet browsing practices, social media usage, and protecting personal information online. 

·       Small and medium-sized businesses (SMBs) face unique challenges, so we are working to help them Secure Our World by offering tools and resources that can help keep their businesses, employees, customers and, ultimately, our communities safer.

·       Tech manufacturers can Secure Our World by implementing security features built-in by design. Default settings should have the highest security measures implemented, and individuals can manually bypass security features if they don’t want them. Users should not have to opt-in to necessary security measures to make their products safe to use. Products should be safe for end users right out of the box.

 By committing to safe online behaviors, we can easily minimize or prevent cybercriminals and hackers from infiltrating our devices and online accounts. 

CISA encourages everyone to explore the resources on our Cybersecurity Awareness Month website, which include a toolkit, tip sheets, and animated videos.

 

3/2/23

This Cybersecurity Advisory (CSA) contains recommended actions and mitigations to protect against Royal ransomware
(PDF copy attached here)

A new variation of this ongoing and persistent threat – attached info identified through FBI response activities in 2023.

These steps can help make your agency a MUCH harder target.  Actions to take today to mitigate cyber threats from ransomware:

  • Prioritize remediating known exploited vulnerabilities.
  • Train users to recognize and report phishing attempts.
  • Enable and enforce multifactor authentication.

After gaining access to victims’ networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems.  Royal actors have made ransom demands ranging from approximately $1 million to $11 million USD in Bitcoin.  In observed incidents, Royal actors do not include ransom amounts and payment instructions as part of the initial ransom note.  Instead, the note, which appears after encryption, requires victims to directly interact with the threat actor via the Tor browser, more details in attached bulletin.

 

1/4/23: Latest CISA documents on security threats. (hyperlink attached to each subject)

12/8/22: CISA Releases Phishing Susceptibility Infographic

3/24/22: Click here to view CISA security advisory

The Cybersecurity & Infrastructure Security Agency (CISA) recently shared the following statement with the public as part of the “Shields Up” campaign (hyperlink attached):

While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region. Every organization—large and small—must be prepared to respond to disruptive cyber activity.

This need for heightened cybersecurity awareness and vigilance extends to each of us apply cybersecurity best practices .

  1. Always be alert about emails from unknown senders or with unknown attachments. Do not open attachments unless you know the sender and are expecting the attachment. Even if you know the sender, if the email is suspicious, verify with the sender that it was intentionally sent to you.
  2. Use your work-provided computers and/or mobile devices for official business only.
  3. Remain up to date on security awareness training and safe computing guidelines. Continue to adhere to established security practices and policies.

You are also urged to consider your cybersecurity practices outside of work. Protect yourself, your family, and your devices with tips and resources from the National Cyber Security Alliance. (hyperlink attached)

As part of their continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community.  Free Cybersecurity Services and Tools | CISA

UPDATE:  You can view the most recent interview of Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency, in an interview with 60 Minutes on the challenges of cybersecurity threats to critical infrastructure, public safety, and the national security/emergency preparedness community.

U.S. officials preparing for potential Russian cyberattacks – CBS News (NOTE: This video plays on the CBS news site.)

 

9/21/22: DHS Releases Recommendations to Protect National Public Warning System from EMPs

The Department of Homeland Security (DHS) released a report of operational approaches to protect the National Public Warning System from an electromagnetic pulse (EMP). The report is a collaborative effort between the DHS Science and Technology Directorate (S&T), the Federal Emergency Management Agency (FEMA) Integrated Public Alert and Warning System (IPAWS) Program, and the Cybersecurity & Infrastructure Security Agency (CISA). The report summarizes recommendations that federal, state, local agencies, and private sector critical infrastructure owners and operators can employ to protect against the effects of an EMP event. (click link in heading to be directed to the complete report.)

Related Posts

If you enjoyed reading this, then please explore our other articles below: