Security News Roundup: S.C. Breach, Possible Executive Order and Perhaps a Cyber Treaty

We currently have several important security stories and not much public attention.

by / November 4, 2012

We currently have several important security stories and not much public attention.  

As America prepares to vote in a pivotal presidential election on Tuesday, there have been several significant security stories recently. However, they are receiving minimal national attention. Between the coverage of Tropical Storm Sandy, pre-election rallies and the latest unemployment rate coverage, almost all security news has taken a back seat – unless you are talking about the September 11, 2012, Benghazi attack.

South Carolina Data Breach Reactions

Nevertheless, state and local government leaders have been quietly been scurrying around after South Carolina recently revealed the vast scope of their security breach.

From my perspective on the S.C. breach, I have never seen such a wide number of questions and urgent security checks from the business side of the house in many states. Tax officials across state and local governments nationwide seem worried as never before. Everyone is asking some variation of the questions: “Could this happen to us? Has it happened to us?”

For those who have not heard about or followed this story, more data came out mid-week with the announcement that businesses were affected:

As many as 657,000 S.C. businesses had their tax information stolen in the massive security breach at the state Department of Revenue that also claimed the records of up to 3.6 million people, Gov. Nikki Haley said Wednesday….

The discovery came after a two-hour Senate Finance Committee hearing, where Revenue Department director James Etter pointedly was asked whether business records also had been taken by the hackers. State officials still are learning more about the data theft, which is affecting four times as many people as all previous breaches combined in the state over the past seven years.

State governments across the U.S. reacted in a variety of ways following the announcement of what one paper called: “The mother of all security breaches,” and “The largest breach against a state tax agency in the nation.”

But while there were plenty of articles, phone calls and online discussions about what exactly happened and who is (or isn’t) to blame, the exact breach details are still not clear to those outside the sensitive Secret Service investigation in South Carolina. I am confident that we will be hearing much more on this story in the weeks and months to come.

What is clear to me is that this is a big wake-up call for government officials – even more so than after the Utah data breach earlier this year. More and more, government executives are realizing that we face serious global cyberdefense challenges that affect governments at all levels. As I said in April, there are dark clouds over technology, and we are all vulnerable and being targeted.  Action cannot wait. I’ll be back with more on this story in a few weeks.

Is An Executive Order on Cybersecurity Still Coming?

There continues to be a strong chance that an executive order is coming on cybersecurity is coming soon – perhaps in the upcoming lame duck session of Congress.

“[Homeland Security Secretary Janet Napolitano] said that "when" President Obama is reelected, "I think he will have to consider an executive order that covers many of the areas that legislation would cover." 

But a Heritage Foundation blog thinks this is still a bad idea as they pronounced that the more regulation is coming.

“This draft executive order is similar to the failed Cybersecurity Act of 2012 in that it proposes additional regulations as a solution to the U.S.’s cybersecurity woes. A regulatory executive order for cybersecurity is flawed and insufficient, and it ignores the deliberative process of Congress, which has thus far rejected a regulatory approach.”

A similar view is shared by some of my friends over at CIO Magazine.

Still, the Chicago Tribune reported that the Senate likely to revisit cyber bill when Congress returns.

As I hinted back in March while discussing cybersecurity legislation, my guess is that some type of executive order or legislation on cybersecurity may still come in November or December after the election. I continue to hope that a bipartisan compromise can be reached.

A Treaty on Cyber?

Meanwhile, Thehill reports that the United Nations (UN) wants cybersecurity mandates to be in a new telecommunications treaty. Many countries are:

 “Pushing to include cybersecurity proposals in the treaty that could lead to online censorship or put one regulatory body in charge of cybersecurity mandates….

The U.S. submitted a baseline set of proposals for the telecom treaty in August. The latest tranche of proposals it's sending to the U.N.'s International Telecommunications Union are more concrete positions that are in response to proposals discussed by other countries and trade groups.

The treaty will be reviewed for the first time since 1988 at the World Conference on International Telecommunications (WCIT) in Dubai this December....”

I find the timing of this and a variety of other cybersecurity topics to be interesting, in that new proposals are being sent the day after the election. This may just be a coincidence, but one thing is clear: whether for political reasons or more likely because other topics have a higher priority during the election season, quite a few cybersecurity issues are lining up for the November/ December 2012 timeframe.

Tropical Storm Sandy Scams

One more story to point out in this security news roundup. As can now be expected after almost every major global news event, and especially with natural disasters, there are many Tropical Storm Sandy scams being revealed.  

“State attorneys general, business and consumer groups and the Justice Department are among those cautioning consumers to be wary as requests for donations start arriving via email, text message, telephone and Twitter.

‘’Fraud is an unfortunate reality in post-disaster environments,’ said Joe Wehrle, president of the National Insurance Crime Bureau, a nonprofit group which deals with vehicle sales and repairs fraud. ‘As the initial recovery from Hurricane Sandy begins, there are people right now who are planning to converge on the affected areas in order to scam disaster victims out of their money.’”

USA Today reported: Beware: Time is ripe for Hurricane Sandy scams

“A decade ago fraudsters had to rely on phone calls to deliver their high-pressure sales pitches. Then they were able to use e-mail. Now social media adds an entirely new weapon to their arsenal.”

What’s my advice as we head past election day and into the holiday season? No matter who wins the election on Tuesday, watch out for post-election scams to match or exceed the Tropical Storm Sandy scams - beginning this Weds morning. The bad guys will do anything to "tempt the click."

Also, stay informed on the security threats in your corner of cyberspace. We need to be ready – because these hot security stories won’t go away even after the election and the Tropical Storm Sandy cleanup move off of the front pages.

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso

Platforms & Programs