Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label cybersecurity risks. Show all posts
Voters List
cybersecurity risks Data Breach Government Senate Democrats Voters Voters List

Data Breach: Georgia Voter Information Accidentally Displayed Online

 


Despite an effort by the Georgian government to provide a new web portal that allows Georgians to cancel their voter registration, the website has come under fire after a technical problem caused personal data to be displayed on users' screens. It was announced on Monday that Georgia's Secretary of State Brad Raffensperger has launched a new website designed to give Georgians the ability to easily and quickly cancel their voting registrations if they move out of the state, or if they lose a loved one who recently passed away. 

During the registration process, users are asked to enter the first letter of their last name, their county of residence, and their date of birth. It will then ask them to provide a reason for their cancellation, followed by a request to provide their driver's license information. After answering the question, the person is prompted to enter their license number if the answer to the question is yes. 

There is a possibility that the voter will be asked to enter their social security number, if they do not already have one, or they will be asked to complete a form that needs to be mailed or emailed to the registration office for their local county. The problem, which Mike Hassinger, Raffensperger spokesman, said lasted less than an hour and has now been resolved, highlighted Democratic concerns that the site could be used by outsiders to unjustifiably cancel voter registrations without the voter's permission. 

There is another example of how states should be aggressive in purging their registration rolls of invalid names. In Georgia, there has been a long-running dispute between Democrats and Republicans over this issue, but it has recently gained new urgency because of an extensive national effort coordinated by Trump party allies to remove names from voter rolls that have garnered new attention. 

There are activists inflamed by the false allegations that the 2020 election was stolen, and they are arguing that the state's existing efforts to clean it up are inadequate and that the inaccuracies invite fraud to take place. In Georgia, as well as throughout the country, there have been very few cases of voters casting ballots improperly from out of state. To counter efforts by disinformation campaigns that are aimed at making people distrust the democratic process, four prominent former government officials from Georgia have joined an organization that is hoping to counter the efforts of disinformation campaigns. 

Despite the launch of the Democracy Defense Project, which was announced by Georgia Republican lawmakers Nathan Deal and Saxby Chambliss, and once again by two Democrat politicians, Roy Barnes the former governor of Georgia, and Shirley Franklin the former mayor of Atlanta, the project seems to have picked up two Georgia Republicans and two Democrats. The Georgia board members are part of a national initiative that aims to raise money for advertisements so that they can push back against efforts to undermine elections and to get people to move beyond talking about "polarizing rhetoric" to increase their chances of getting news coverage and raising votes. 

A new skirmish has arisen over the issue of how aggressively states should purge incorrectly registered citizens from their registration rolls. Democrat and Republican congressional leaders in Georgia have been engaged in a bitter and protracted battle over this issue, but the debate has now gained new urgency due to a campaign launched by Donald Trump's allies to remove names from the voter rolls on a national level. 

According to activists fueled by Trump's false claims that the 2020 election was rigged, there is no way to clean up the mess in an accurate way, and inaccuracies invite fraud into the process. Neither in Georgia nor nationwide have there been any instances of improper out-of-state voting that can be verified scientifically. There have been relatively few cancellations of registrations to date. Typically, cancelling a voter registration in Georgia requires mailing or emailing a form to the county where the voter previously resided. 

The removal of deceased individuals or those convicted of felonies from the voter rolls can be processed relatively swiftly. However, when individuals relocate and do not request the cancellation of their registration, it may take years for them to be removed from the rolls. The state must send mail to those who appear to have moved, and if there is no response, these individuals are moved to inactive status. Despite this, they retain the ability to vote, and their registration is not removed unless they fail to vote in the next two federal general elections. 

Georgia has over 8 million registered voters, including 900,000 classified as inactive. Similar to other states, Georgia allows citizens to challenge an individual's eligibility to vote, particularly when there is personal knowledge of a neighbour moving out of state. Recently, however, residents have increasingly been using impersonal data, such as the National Change of Address list maintained by the U.S. Postal Service, to challenge large numbers of voters. Additionally, some individuals scrutinize the voter rolls to identify people registered at non-residential addresses. 

For instance, a Texas group called True the Vote challenged 364,000 Georgia voters before the two U.S. Senate runoffs in 2021. Since then, approximately 100,000 more challenges have been filed by various individuals and groups. Voters or relatives of deceased individuals can enter personal information on a website to cancel registrations. County officials receive notifications from the state's computer system to remove these voters, and counties will send verification letters to voters who cancel their registrations.

If personal information is unavailable, the system offers a blank copy of a sworn statement of cancellation. However, for a brief period after the website was unveiled, the system inadvertently preprinted the voter's name, address, birth date, driver's license number, and the last four digits of their Social Security number on the affidavit. This error allowed anyone with access to this information to cancel a registration without sending in the sworn statement. 

Butler expressed her alarm, stating she was "terrified" to discover that such sensitive information could be accessed with just a person's name, date of birth, and county of registration. Hassinger explained in a Tuesday statement that the temporary error was likely due to a scheduled software update, and it was detected and resolved within an hour. 

Although Butler commended the swift action by Raffensperger's office, she, along with other Democrats, argued that this issue highlighted the potential for the site to be exploited by external parties to cancel voter registrations. Democratic Party of Georgia Executive Director Tolulope Kevin Olasanoye emphasized that the portal could be misused by right-wing activists already engaged in mass voter challenges to disenfranchise Georgians. Olasanoye called on Raffensperger to disable the website to prevent further abuse.
Read more »
water system security
Cyber Hackers Cyber Security cybersecurity risks data security digital safety Environment IRGC Operational Technology water supply water system security

EPA Report Reveals Cybersecurity Risks in U.S. Water Systems

 

A recent report from the Environmental Protection Agency (EPA) revealed that over 70% of surveyed water systems have failed to meet key cybersecurity standards, making them vulnerable to cyberattacks that could disrupt wastewater and water sanitation services across the United States. 

During inspections, the EPA identified critical vulnerabilities in numerous facilities, such as default passwords that had never been updated from their initial setup. In response, the agency issued an enforcement alert, urging water system operators to improve their cybersecurity measures. Recommended actions include conducting an inventory of operational assets, implementing cybersecurity training programs, and disconnecting certain systems from the internet to enhance security. 

The EPA has announced plans to increase inspections of water infrastructure and, when necessary, take civil and criminal enforcement actions to address any imminent and substantial threats to safety. Under Section 1433 of the Safe Water Drinking Act, community water systems serving over 3,300 people are required to perform comprehensive safety assessments and update their emergency response plans every five years. 

The high failure rate reported by the EPA indicates potential violations of this section, highlighting missed opportunities to protect these essential services through risk and resilience evaluations. This alert follows a series of cyber incidents over the past year, where nation-state hackers and cybercriminal groups have targeted water systems. These attacks have included unauthorized access to water treatment control systems, manipulation of operational technology, and other forms of sabotage. The regulatory environment for U.S. water systems is complex, often involving state and local government oversight.

Many rural water operators, unlike their federal counterparts, lack sufficient resources to bolster their digital defenses. While the EPA has attempted to enforce stricter security mandates, these efforts have faced legal challenges from GOP-led states and industry groups. In October, the EPA rescinded a directive that would have required water providers to assess their cybersecurity measures during sanitation surveys. Nation-state adversaries, including Chinese and Iranian hacking groups, have frequently breached U.S. water infrastructure. 

China's Volt Typhoon group has been particularly active, infiltrating critical infrastructure and positioning themselves for further attacks. In one instance, Iranian Revolutionary Guard Corps-backed hackers targeted industrial water treatment systems, and more recently, Russia-linked hackers breached several rural U.S. water systems, posing significant safety risks. In March, the EPA and the National Security Council issued a joint alert, urging states to remain vigilant against cyber threats targeting the water sector. The alert emphasized that drinking water and wastewater systems are attractive targets for cyberattacks due to their critical role and often limited cybersecurity capabilities. 

Moreover, a Federal Energy Regulatory Commission (FERC) official recently testified about the vulnerability of dam systems to cyberattacks, indicating that new cybersecurity guidelines for dams could be developed within the next nine months. The EPA's report underscores the urgent need for improved cybersecurity measures in U.S. water systems to protect these vital resources from potential cyber threats.
Read more »
Phishing Prevention
Cyber Security cybersecurity risks data security edge computing Gen Z Millennials Multi-factor authentication Phishing Prevention

Cybersecurity Risks and Solutions for Millennials and Gen Z

 

Millennials and Gen Z are the most concerned generations about the risk of cyber attacks on their organizations. They also worry about potentially leaving their organizations vulnerable and feel less prepared to handle such cyber threats. Research from Ernst & Young LLP (EY US) indicates that 53% of US employees are concerned about their organization being targeted by cyber attacks, with 34% worried that their actions might make their organization vulnerable.

Among Millennials and Gen Z, 58% and 64% respectively fear losing their jobs if they leave their organization exposed to a cyber attack. This anxiety can negatively impact cybersecurity, as it may lead to unreported cyber incidents due to fear of repercussions. Considering that 68% of cyber attacks involve a non-malicious human element, such as clicking on a phishing email link, addressing this fear is crucial.

To boost cyber confidence and improve response to cyber attacks, here are five steps to enhance cybersecurity for both individuals and their organizations. Phishing, a common cyber attack method, involves hackers sending deceptive emails to trick recipients into clicking on a link, downloading a file, or performing other actions that compromise security. Variants of phishing include smishing (via text), vishing (via phone call), and quishing (via QR codes).

Phishing attacks leverage psychological tactics to manipulate victims. Knowing how to respond to suspicious texts, emails, or calls is key to preventing these attacks. EY US research found that only 31% of Gen Z employees feel very confident in identifying phishing attempts, compared to 51% of Millennials, indicating a need for better employee training.

Here are some tips to identify and prevent phishing attacks:

1. Don't act immediately: Phishing emails often create a sense of urgency. Even if the email claims you must click a link or download a file, pause and evaluate its legitimacy.
2. Read the message carefully: Look for urgent language, differences from typical emails, grammatical mistakes, or unusual requests, such as resetting passwords or buying gift cards, which are signs of phishing.
3. Check the sender: Hackers may impersonate colleagues or executives. Verify the sender’s email address by hovering over the contact name and comparing it with known details. If unsure, contact the person directly.
4. Check the link: Hover over any links to reveal the actual URL. Be cautious, as hackers can create convincing fake websites. 
5. Report phishing attempts: Reporting suspected phishing attempts helps protect your organization by alerting others to potential threats.

Implementing these strategies can protect both individuals and organizations from phishing attacks.

Set Up Multi-Factor Authentication (MFA)
MFA enhances security by requiring users to verify their identity with a code sent via text, email, or an authentication app. This not only confirms legitimate logins but also alerts the company to unauthorized access attempts. The importance of MFA is highlighted by incidents like the cyber attack on Change Healthcare, where the lack of MFA on a Citrix profile allowed hackers to infiltrate their network. While MFA might not completely prevent cyber attacks, it can significantly delay them and provide early warnings.

Use Strong Passwords
Weak passwords are a common security risk, with research showing that 37% of people have risky workplace security habits and 39% use weak login credentials. Strong passwords are crucial as the first line of defense against unauthorized access. If remembering secure passwords is challenging, using a password manager can help generate and store strong passwords. Some regions, like the UK, are moving towards making weak default passwords illegal, a measure that may extend to workplace security in the future.
Read more »
security alerts
Cyber Security cybersecurity risks data security decentralized framework edge computing IoT vulnerabilities Network Security security alerts

Top Cybersecurity Risks in Edge Computing : Here's All You Need to Know

 

Managing a large number of endpoints poses considerable challenges, especially in handling security logs. Over half of chief information security officers find the volume of daily alerts overwhelming, and monitoring a decentralized framework further heightens cybersecurity risks.

Currently, 56% of security professionals dedicate at least 20% of their workday to reviewing and addressing security alerts. Moving storage and processing to the network's edge is likely to increase daily alerts, raising the risk of missing critical threats and wasting time on false positives.

1.Data Vulnerabilities
Securing every IoT device in a decentralized setup is less practical than in a centralized data center. Data at the edge is more susceptible to man-in-the-middle and ransomware attacks, such as sniffing attacks where unencrypted data is intercepted. Edge devices often lack the processing power for robust encryption, and encrypting data can slow down operations, conflicting with edge technology's primary goal.

2.Expanded Attack Surface
Edge computing, aimed at reducing latency, increasing bandwidth, and improving performance, requires placing devices near the network's edge, expanding the attack surface. Each device becomes a potential entry point for attackers. Research shows AI outperforms humans in this area, with one study noting an algorithm achieving a 99.6% recall rate for high-priority notifications and a 0.001% false positive rate, which is significant given the typical volume of alerts.

3.Device and User Authentication
Authenticating edge devices is crucial to ensure each endpoint is verified before accessing networks, preventing compromised machines from connecting and helping trace unusual activity back to specific devices.

4. Encrypting Network Traffic
While encryption is essential for cybersecurity, it can be too resource-intensive for widespread use in edge computing. To mitigate this, data classification should be employed to prioritize which endpoints and data require encryption. Encrypting data both at rest and in transit, using suitable key sizes, can balance security and performance. Edge computing's appeal lies in its ability to enable low-latency, high-efficiency, real-time operations by moving storage and processing to the network's boundary. However, this shift from centralized data centers comes with significant cybersecurity concerns.

Major Cybersecurity Risks of Edge Computing

Despite its benefits, edge computing brings five primary cybersecurity risks.

1. IoT-specific vulnerabilities: Internet-connected devices are prone to man-in-the-middle attacks and botnets due to limited built-in security controls. In 2022, IoT attacks surpassed 112 million, up from 32 million in 2018, posing significant risks as encryption is resource-intensive and often insufficiently supported by these devices. The process of encrypting data also slows operations, countering the primary advantage of edge technology.

2. Expansive attack surface: To reduce latency, increase bandwidth, and improve performance, edge devices must be placed near the network's edge, expanding the attack surface. Each device becomes a potential entry point for attackers.

3. New budget limitations: Edge computing's complexity requires substantial investments in telecommunications and IT infrastructure. Even with a significant upfront investment, maintenance and labor costs can strain budgets, leaving less room for handling failures, recovery, or deploying additional defenses.

Mitigation Strategies for Edge Computing Risks

Strategic planning and investments can help overcome numerous cybersecurity risks associated with edge computing.

1. Utilize authentication controls: Multi-factor authentication, one-time passcodes, and biometrics can prevent unauthorized access, reducing the risk of data breaches caused by human error, which accounts for 27% of such incidents.

2. Deploy an intrusion detection AI: A purpose-built intrusion detection system using deep learning algorithms can recognize and classify unknown attack patterns and cyber threats. Such AI can manage most endpoints without integration into each one, offering scalability and ease of deployment, making it ideal for edge computing environments.
Read more »
Security Concerns
Chinese-made surveillance cameras Cyber Security cybersecurity risks Dahua data vulnerabilities Hikvision National Security NATO alliance Romanian military sites Security Concerns

Security Concerns Arise Over Chinese-Manufactured Surveillance Cameras Deployed at Romanian Military Locations

 

A routine procurement made by the Romanian military on January 16 for surveillance equipment manufactured in China has sparked concerns regarding national security implications.

Valued at under $1,000, an employee of the Romanian Defense Ministry purchased an eight-port switch and two surveillance cameras from Hikvision, a Chinese company with purported ties to the Chinese military. Notably, both the United States and Britain have blacklisted Hikvision due to identified data and security vulnerabilities.

Although there is currently no evidence of breaches at the Deveselu military base, an investigation by RFE/RL's Romanian Service revealed that Hikvision and Dahua, another Chinese company partly owned by the government, supply surveillance equipment to at least 28 military facilities and numerous other public institutions involved in national security across Romania.

While Romanian authorities assert that the equipment is used in closed-circuit systems without internet connectivity, experts argue that vulnerabilities in firmware could still pose risks, enabling remote access, data interception, and network attacks. Despite these concerns, Romania does not impose restrictions on the use of Hikvision or Dahua equipment, unlike some NATO allies such as the United States and Britain.

Both Hikvision and Dahua refute allegations of being security risks and claim to promptly address vulnerabilities. However, critics like Romanian parliament member Catalin Tenita argue that existing legislation could justify banning these companies' products.

The Romanian Defense Ministry maintains that its surveillance systems are secure, emphasizing strict testing and evaluation procedures. Similarly, the Deveselu Naval Facility, operated by U.S. forces, declined to comment on Romanian military purchases but emphasized their commitment to regional security.

NATO, while not formally banning third-country equipment, encourages vigilance against potential security risks. Secretary-General Jens Stoltenberg cautioned against reliance on Chinese technology in critical infrastructure, echoing concerns about Hikvision and Dahua's involvement.

Despite assurances from Romanian authorities, the history of vulnerabilities associated with Hikvision and Dahua equipment raises concerns among experts. Romanian institutions, including law enforcement and intelligence agencies, defend their procurement decisions, citing compliance with national legislation and technical specifications.

Some Romanian lawmakers, like Senator Adrian Trifan, advocate for further investigation and scrutiny into the prevalence of Hikvision and Dahua equipment in national security sites, underscoring the need for immediate clarification and review of procurement procedures.
Read more »
Subscribe to: Posts (Atom)