Ransomware

Arizona CISO Tim Roemer and Virginia CISO Mike Watson discuss how zero trust can ease cybersecurity concerns over remote work and insider threats, and Watson highlights complicated privacy questions facing states.

Criminal hacking organizations such as Russia-based REvil often use phishing to lure unsuspecting employees into opening innocuous-looking emails containing malicious code that provides access to computer systems.

The online center will host educational resources for organizations to learn about the cybersecurity method and will offer a training for a professional credential in Zero Trust Knowledge.

The group, formally established via executive order, will continue its work with public- and private-sector entities to identify and respond to cybersecurity threats and strengthen the state's critical infrastructure.

Through a recently proposed bill, lawmakers are trying to create a cyber preparedness unit to strengthen the state’s cybersecurity posture. The unit would operate out of the Department of Emergency Management.

China state-backed APT41 hacked at least six states between May 2021 and February 2022. Several of the incidents occurred when hackers exploited flaws in Log4J and the USAHERDS system, reports cybersecurity firm Mandiant.

Artificial intelligence is emerging as a key cybersecurity tool for both attackers and defenders.

As Russian military forces carry out their mission in Ukraine, the President Vladimir Putin has promised “consequences” for nations that interfere. U.S. officials have warned this could come in the form of cyber attacks.

U.S. organizations should up their defenses for the possibility of a Russian cyber attack or misinformation campaign, CISA says. Russian cyber strategies against Ukraine and its allies could evolve.

County government officials in Southern California say they are pushing back against millions of hacking attempts each year. In 2020 alone, Riverside County saw more than 150 million hacking attempts on its network.

An investigation by the South Florida Sun Sentinel uncovered a series of decisions by the district and its lawyers to mislead or delay notifying potential victims, and withhold details and internal correspondences.

The education IT security company ManagedMethods hosted a webinar Thursday to discuss ways that schools and ed-tech vendors can better protect student data amid a rise in cyber attacks against K-12 districts.

Multifactor authentication is a key part of zero-trust security, and a method promoted by the likes of CISA. It aims to block out hackers who — in this age of data breaches — manage to steal users’ passwords.

Adopting a zero-trust approach has helped the courts secure remote and hybrid operations and limit how much damage a potential hacker could wreak, says New Jersey Judiciary CIO Jack McCarthy.

Classes are proceeding as scheduled, but the Washington institution's local servers, website and campus WiFi are down, and officials are unsure whether confidential personal data was compromised.

The Identity Theft Resource Center's 2021 annual report shows a 68 percent increase in data compromises compared to 2020. The report also says ransomware may soon supplant phishing as the dominant cyber attack.

Zero trust contrasts with a “castle and moat” approach to cybersecurity thinking, and recognizes that use of remote workforces and cloud services means there’s no longer a clear perimeter to defend.

The federal government’s newly launched Cyber Safety Review Board will start by investigating the Log4j incident and will recommend system-wide fixes for improving the nation’s cyber posture, says one prominent member.