Skip to main content

Arizona Counter Terrorism Information Center

0
  • Home
  • About
    • Definitions
    • Operation
    • Mission and Vision Statements
    • Privacy Policy
  • Terrorism: What To Look For
  • Community Liaison Program
  • Links
  • Report Suspicious Activity
  • PSA
Arizona Counter Terrorism Information Center Logo
Arizona Counter Terrorism Information Center
Arizona's Fusion Center
  • Home
  • About
    • Definitions
    • Operation
    • Mission and Vision Statements
    • Privacy Policy
  • Terrorism: What To Look For
  • Community Liaison Program
  • Links
  • Report Suspicious Activity
  • PSA
  • Home
  • Cutting Through the Cybersecurity Noise

Important message regarding COVID-19 potential scams.

Submit a Tip

If this is an emergency, or a crime, please dial 911 immediately. 

 

You can play an important role in homeland security by being vigilant and watching for signs of terrorist, criminal or suspicious activity.

Submit a Tip

Cutting Through the Cybersecurity Noise

Subheadline: 
Here's what's important this week: September 14, 2018
Original Release Date: 
Friday, September 14, 2018
Details: 

Take Action 

Federal and defense contractors: remove all Kaspersky software from your networks by October 1, 2018, as required by the National Defense Authorization Act. Why? There are concerns the Russian anti-virus could be used as a Kremlin spying tool or that Kaspersky could be required to turn over customer information to Kremlin officials. 

Reference: 

  1. https://www.nextgov.com/cybersecurity/2018/09/kaspersky-deadline-approaches-fears-loom-contractors-arent-prepared/151147/ 

Be Aware

In last week's bulletin, I mentioned building your insider threat mitigation program. Tim Casey of Intel, one of the creators of the Threat Agent Library, has created a new Insider Threat Field Guide. These are great resources to help identify risks based on the "bad guys" most likely to harm your organization. 

References: 

  1. https://www.intel.com/content/dam/www/public/us/en/documents/best-practices/a-field-guide-to-insider-threat-paper.pdf 
  2. https://www.first.org/resources/papers/conference2010/casey-mancini-slides.pdf
  3. https://www.researchgate.net/publication/324091298/download

 

Threat actors, including financial crime gang Cobalt Group, have recently shifted tactics to incorporate lightweight modular downloaders that "vet" target machines for their attractiveness before proceeding with a full-fledged attack. In other words, they're planting hard-to-find malware on your systems to check you out to see if you're worth attacking.  

Reference: 

  1. https://threatpost.com/bad-actors-sizing-up-systems-via-lightweight-recon-malware/137364/ 

Reminders

The ACTIC and Urban Area Security Initiative issue this product to increase Arizona's awareness and cyber resilience. It's up to you to make sure you take the proper steps to secure your networks and devices. Although venders, products, and/or services may be mentioned, we do not endorse any specific one. 

Contact [email protected] with any questions, to provide feedback, or to be added/removed from this distribution. Please note, this email is not monitored 24/7. 

Report potential, suspected, and/or confirmed cyber threats to ACTIC via:

  1. https://www.azactic.gov/tips
  2. [email protected]
  3. (602) 644-5808 or (877) 2 S A V E A Z (272-8329)
Arizona State Seal

footer-text

©2018 Arizona Department of Public Safety (DPS) All rights reserved.

Footer Nav

  • Statewide Policies
  • PRIVACY POLICY
  • Site Map
  • CONTACT
  • Website Supported by CSU