by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : August and September 2016
RANSOMWARE s ransomware exploits and their perpetrators become more sophisticated, hackers are moving beyond targeting local agencies for a few hundred dollars and into the federal ranks and beyond. When it comes to ransomware, there has typically been a dividing line between large federal agencies and smaller local ones, just as there is between Fortune 500 companies and small businesses, said Mark Weatherford, senior vice president of vArmour and former deputy undersecretary for cybersecurity at the Department of Homeland Security. Online criminals often target smaller organizations first because they lack the resources or the experience to fight back. “It’s the result of poor user awareness and social engineering — that’s what makes this easy pickings,” Weatherford said. “If the [agency] needs to pay a few hundred dollars, they can often take that out of petty cash.” But ransomware criminals are getting better at what they do and upping the ante by attacking larger organizations and demanding more money. In February 2016, Hollywood Presbyterian Medical Center in Los Angeles reported that it had paid $17,000 in bitcoins to hackers who had ransomed the hospital’s computer systems. Like a hospital, a government agency depends on its information and systems to operate, said Kristine Trierweiler, assistant town administrator for Medfield, Mass. The hackers are banking on “the importance of our data and the need to have our data at any cost,” she added. By April 2016, ransomware attacks on the U.S. House had reportedly increased so much that the use of third-party email providers such as Yahoo Mail and Gmail were blocked. The previous month, the Justice and Homeland Security departments sent the Senate Homeland Security and Governmental Affairs Committee written responses to questions about what those two agencies are doing to combat such attacks. In the letter from Justice, Assistant Attorney General Peter Kadzik said the Internet Crime Complaint Center has received 7,694 ransomware complaints since 2005, totaling $57.6 million. Although ransom fees “are typically between $200 and $10,000, victims include additional costs they incurred due to the ransomware incidents,” including network migration, countermeasures, loss of productivity, legal fees, IT services and credit- monitoring services for employees or customers. “As actors become more sophisticated,” Kadzik wrote, “it has become paramount for the FBI and DOJ to coordinate and collaborate closely with the private sector and foreign law enforcement partners to understand how the [malware] variant works, what vulnerabilities exist, what legal options can be utilized, and where the actor ’s infrastructure is located. This collaboration is also used to prioritize law enforcement efforts and target the highest priority botnets and malware variants.” In its response to the Senate committee, DHS said it collaborates with the FBI through its National Cybersecurity and Communications Integration Center (NCCIC) to disseminate information about cyberthreats through public alerts; Joint Indicator Bulletins, which are distributed on a more timely basis to cybersecurity stakeholders on a need-to-know basis; and Joint Analysis Reports, which offer a technical evaluation of tactics and procedures for detecting and combating threats. DHS’ letter states that NCCIC coordinates with other federal law enforcement agencies, such as the Secret Service and FBI, and uses the DHS-administered Einstein 3 Accelerated system for detecting and preventing intrusions. E3A conducts email filtering, which protects against malicious file attachments and embedded links, and Domain Name System “sinkholing,” which prevents malware already on government computers from reaching command and control servers. — KAREN EPPER HOFFMAN Ransomware moves to the big time 30 GCN AUGUST/SEPTEMBER 2016 • GCN.COM 0916gcn_028-032.indd 30 9/1/16 9:18 AM
June and July 2016
October and November 2016