DOCSLIB.ORG

Attacks and Counterattacks (I.E., Response and Prevention) Presented by Nora E

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Attacks and Counterattacks (I.E., Response and Prevention) Presented by Nora E Cyberwars: Attacks and Counterattacks (i.e., Response and Prevention) Presented by Nora E. Wetzel League of California Cities October 16, 2020 4 Nora E. Wetzel Nora is a commercial litigation attorney in Burke’s San Francisco office with a focus in data privacy matters. Nora has been designated as a Certified Information Privacy Professional, United States (CIPP/US) by the International Association of Privacy Professionals (IAPP). www.bwslaw.com 5 This presentation will identify forms of attack, such as ransomware, malware, phishing, and Introduction business email compromise, as well as inadvertent exposure through loss of paperwork, sending data to the incorrect recipient, and loss of encrypted or un-encrypted devices. www.bwslaw.com 6 Overview of cyber incidents inthe public sector Remote Desktop Protocol Email Phishing Campaigns Software Vulnerabilities Vulnerabilities www.bwslaw.com 7 Other methods of Cyber Attacks Advanced Persistent Malware 01 04 Threats Denial of Service (DOS) Password 02 05 Attacks Attacks Insider Man in the Middle 03 06 Attacks (MITM) Attacks We Learn From The Best In 2020, bad actors have made use of the Covid 19 pandemic to deploy cyber-attacks. www.bwslaw.com 8 Bad actors are sending out spam attacks based on Covid-19 a sextortion scheme threatening to infect the recipient’s family with Covid 19 if the recipient does not pay the amount demanded a fundraising request purporting to be from the World Health Organizing (WHO) requesting donations in Bitcoin to fund Covid 19 research messages purportedly coming from WHO but including documents with malware www.bwslaw.com FBI Warnings An e-mail from an unknown The recipient is accused of The e-mail or letter threatens The recipient is instructed to party and, many times, will be visiting adult websites, to send a video or other pay the ransom in Bitcoin written in broken English with cheating on a spouse, or being compromising information to grammatical errors involved in other family, friends, coworkers, or compromising situations social network contacts if a ransom is not paid 01 03 05 07 02 04 06 The recipient's personal The e-mail or letter includes a The e-mail or letter provides a information is noted in the e- statement like, "I had a short window to pay, typically mail or letter to add a higher serious spyware and adware 48 hours degree of intimidation to the infect your computer," or "I scam. For example, the have a recorded video of you" recipient's user name or as an explanation of how the password is provided at the information was allegedly beginning of the e-mail or gathered letter www.bwslaw.com 10 In 2019, cyber- attacks cost entities $3.5 billion in losses FBI 2019 Internet Crime Report 11 an increase in BEC attacks to divert payroll funds • The Bogus Invoice Scheme • CEO Fraud • Account Compromise • Attorney Impersonation • Data Theft Business Email Compromise A BEC attack begins with a cybercriminal hacking and spoofing emails to impersonate your company's supervisors, CEO, or vendors. 12 • Criminal claiming to provide technical support or service in an effort to defraud unwitting individuals • May pose as support or service Tech Support representatives offering to resolve such issues as a compromised e-mail or bank Fraud account • Recent examples included attackers posing as customer support for travel industry companies, financial institutions, or virtual currency exchanges www.bwslaw.com “CALIFORNIA WAS THE STATE WITH THE MOST VICTIMS AND HIGHEST LOSSES CAUSED BY CYBER ATTACKS” 8 Types of Cyber Attacks Small to Medium-Sized Businesses Face 14 Ransomware In 2019, 205,280 organizations submitted files that had been hacked in a ransomware attack EXAMPLES OF — a 41 percent increase from the year before CYBER ATTACKS Cyber Insurance ON CITIES Some businesses and city governments are taking out insurance to be ready for ransomware demands www.bwslaw.com 15 Hartford, Connecticut Attacked in early September 2020 by ransomware that affected 200 of the city’s servers, including those used by the school system, the police department, and emergency dispatchers. According to the city, it quickly shut down servers and froze its technology systems. It continued to run all the city’s first responder systems, though reopening of its school system was delayed, and the city did not have to pay a ransom to regain access to its servers, though the city did not explain how it was able to avoid doing so. 16 Lafayette, Colorado Suffered a cyber attack in late July 2020, which resulted in disrupting the city’s phone, email, online payment, and reservations systems. Ransomware called “Snatch” infiltrated the city’s computer network through a phishing or brute force attack and started locking down computer files. This type of ransomware typically uses remote desktop protocol, brute force methods, and/or take advantage of an unplugged hole in a computer network. The city paid a $45,000 ransom to unlock its data 17 Florence, Alabama Experienced a ransomware attack in June 2020 that shut down the city’s email system, and the city decided to pay over $250,000 from the city’s insurance fund to recover data encrypted in the attack, though the city was able to negotiate down the ransom demand from the initial amount of $378,000 18 Torrance, CA Attacked in March 2020 when its computer systems were compromised, interrupting the functioning of its email accounts and servers. City documents including city budget financials, various accounting documents, document scans, and an archive of documents belonging to the City Manager were leaked to the dark web. The hackers claiming responsibility, DoppelPaymer operators, stated that they erased the City's local backups and then encrypted approximately 150 servers and 500 workstations. The hackers demanded a 100 bitcoin ($689,147) ransom for a decryptor, to take down files that have been publicly leaked, and to not release more stolen files 19 Durham, North Carolina The City and County of Durham, North Carolina was struck with ransomware Ryuk in March 2020, which was thought to be the same one responsible for the 2019 New Orleans attack noted below. This attack was actually two separate attacks, and though they were detected and contained, they caused most city networks and phones to remain offline during the recovery process, and resulted in 80 servers needing to be rebuilt and 1,000 compromised computers to be reimaged 20 North Miami Beach Police Department North Miami Beach Police Department was hit with a ransomware attack in February 2020 demanding $5 million to get the department’s information back 21 Colonie, New York Suffered a cyber attack in January 2020. Though it could not determine how the ransomware infected its systems, the city had reliable backups that allowed it to continue operation without having to pay the $400,000 bitcoin ransom demanded to retrieve the files the ransomware unlocked 22 Las Vegas, Nevada suffered a cyber-attack on January 7, 2020. The city commented that it was likely bad actors gained access to the city’s network via a malicious email. The city had taken a public position not to pay a ransom back in July, though it is unclear if the attack involved ransomware. The city reportedly caught the attack early and claims that it does not believe any data was lost or taken 23 New Orleans, Louisiana New Orleans fell victim to a cyberattack in December 2019. It detected suspicious activity on the City’s network, investigated and discovered there was a ransomware attack affecting roughly 4,000 City computers. The city’s IT department ordered all employees to power down computers and disconnect from Wi- Fi. All city servers were also powered down, and employees told to unplug any of their devices. The city had cyber insurance and expected it to cover nearly $1,000,000 in costs the city has incurred since the onset of the attack, though it did not cover the costs of paying a ransom 24 Pensacola, Florida Was hit by a cyberattack in December 2019, affecting city email and landlines, a customer service line, and online bill payments for energy and sanitation. As a result of the incident, staff disconnected computers from the city’s network until the issue could be resolved. Pensacola did not reveal any further information about how the cyberattack first occurred, what type of personal data was breached, or whether the attack stemmed from malware or ransomware 25 San Marcos, California Was targeted in October 2019 by a suspected cyber attacker. San Marcos’s email system used by city employees was affected, leaving employees unable to communicate with some of the public. Employees discovered the problems, and the city manager confirmed the city was victim of a suspected hacking. 26 Baltimore, Maryland Baltimore fell victim to ransomware known as "RobbinHood" -- attacks some experts say involved a tool developed by the National Security Agency. The attack locked the city out of its computer servers for ransom. City systems are reported to be slowly recovering from the attack, which officials said cost Baltimore more than $18 million 27 Atlanta, Georgia Atlanta’s computer networks were targeted in March 2018. The hackers demanded $51,000 in Bitcoins, and held the city hostage for nearly a week, while the city refused to pay. Apparently, some city services used hardcopy paper to continue operations. The city reportedly did not want to reward and encourage more ransomware attacks, and considered there was no guarantee that systems would be restored even if it paid. This stance has hit the city hard—costs associated with the attack are estimated to be as high as $17 million. Now, the U.S. Justice Department reports that two Iranian hackers were behind the attack on Atlanta.
Load more

Recommended publications
  • Apocalypse Now? Initial Lessons from the Covid-19 Pandemic for the Governance of Existential and Global Catastrophic Risks
    journal of international humanitarian legal studies 11 (2020) 295-310 brill.com/ihls Apocalypse Now? Initial Lessons from the Covid-19 Pandemic for the Governance of Existential and Global Catastrophic Risks Hin-Yan Liu, Kristian Lauta and Matthijs Maas Faculty of Law, University of Copenhagen, Copenhagen, Denmark [email protected]; [email protected]; [email protected] Abstract This paper explores the ongoing Covid-19 pandemic through the framework of exis- tential risks – a class of extreme risks that threaten the entire future of humanity. In doing so, we tease out three lessons: (1) possible reasons underlying the limits and shortfalls of international law, international institutions and other actors which Covid-19 has revealed, and what they reveal about the resilience or fragility of institu- tional frameworks in the face of existential risks; (2) using Covid-19 to test and refine our prior ‘Boring Apocalypses’ model for understanding the interplay of hazards, vul- nerabilities and exposures in facilitating a particular disaster, or magnifying its effects; and (3) to extrapolate some possible futures for existential risk scholarship and governance. Keywords Covid-19 – pandemics – existential risks – global catastrophic risks – boring apocalypses 1 Introduction: Our First ‘Brush’ with Existential Risk? All too suddenly, yesterday’s ‘impossibilities’ have turned into today’s ‘condi- tions’. The impossible has already happened, and quickly. The impact of the Covid-19 pandemic, both directly and as manifested through the far-reaching global societal responses to it, signal a jarring departure away from even the © koninklijke brill nv, leiden, 2020 | doi:10.1163/18781527-01102004Downloaded from Brill.com09/27/2021 12:13:00AM via free access <UN> 296 Liu, Lauta and Maas recent past, and suggest that our futures will be profoundly different in its af- termath.
    [Show full text]
  • Ransoming Government What State and Local Governments Can Do to Break Free from Ransomware Attacks About the Authors
    A report from the Deloitte Center for Government Insights Ransoming government What state and local governments can do to break free from ransomware attacks About the authors Srini Subramanian | [email protected] Srini Subramanian is a principal in Deloitte & Touche LLP’s Cyber Risk Services practice and leads the Risk & Financial Advisory practice for the State, Local Government and Higher Education (SLHE) sector. He has more than 30 years of technology experience, and more than 20 years of cyber risk services experience in the areas of information security strategy, innovation, governance, identity, access management, and shared services. Subramanian is a member of the National Association of State CIOs (NASCIO) Security and Privacy subcommittee. He is an active participant in the National Governors Association (NGA) Policy Council for State Cybersecurity formed in February 2013. Subramanian is the coauthor of the biennial Deloitte—NASCIO Cybersecurity Study publication with NASCIO since 2010. The recent two publications include the 2016 Deloitte-NASCIO Cybersecurity Study—State governments at risk: Turning strategy and awareness into progress and the 2018 Deloitte-NASCIO Cybersecurity Study—State governments at risk: Bold plays for change. Pete Renneker | [email protected] Pete Renneker is a managing director in Deloitte & Touche LLP’s Cyber practice and serves as the Technical Resilience Offering leader. In this capacity, his focus is on the development and delivery of cross-industry services which help clients develop the ability to withstand disruptions to critical business technology. This work includes helping clients respond to cyberattacks, accelerate business recovery from these events, and transform cyber and resiliency programs in anticipation of emerging threats.
    [Show full text]
  • COVID-19: Make It the Last Pandemic
    COVID-19: Make it the Last Pandemic Disclaimer: The designations employed and the presentation of the material in this publication do not imply the expression of any opinion whatsoever on the part of the Independent Panel for Pandemic Preparedness and Response concerning the legal status of any country, territory, city of area or of its authorities, or concerning the delimitation of its frontiers or boundaries. Report Design: Michelle Hopgood, Toronto, Canada Icon Illustrator: Janet McLeod Wortel Maps: Taylor Blake COVID-19: Make it the Last Pandemic by The Independent Panel for Pandemic Preparedness & Response 2 of 86 Contents Preface 4 Abbreviations 6 1. Introduction 8 2. The devastating reality of the COVID-19 pandemic 10 3. The Panel’s call for immediate actions to stop the COVID-19 pandemic 12 4. What happened, what we’ve learned and what needs to change 15 4.1 Before the pandemic — the failure to take preparation seriously 15 4.2 A virus moving faster than the surveillance and alert system 21 4.2.1 The first reported cases 22 4.2.2 The declaration of a public health emergency of international concern 24 4.2.3 Two worlds at different speeds 26 4.3 Early responses lacked urgency and effectiveness 28 4.3.1 Successful countries were proactive, unsuccessful ones denied and delayed 31 4.3.2 The crisis in supplies 33 4.3.3 Lessons to be learnt from the early response 36 4.4 The failure to sustain the response in the face of the crisis 38 4.4.1 National health systems under enormous stress 38 4.4.2 Jobs at risk 38 4.4.3 Vaccine nationalism 41 5.
    [Show full text]
  • COVID-19 Critical Infrastructure Cyber Threat Brief
    Digital Intelligence Securing the Future COVID-19 Critical Infrastructure Cyber Threat Brief CLIENT CONFIDENTIAL Cyjax Purpose This Cyber Threat Brief is intended to help mitigate the risk of cyberattacks against UK critical infrastructure during the coronavirus pandemic. We have defined critical infrastructure as: food supplies, medical supplies, transportation, security services, telecommunications, utilities and financial services. This report provides a broad overview of all relevant coronavirus-related digital threats, alongside more general vulnerabilities that attackers could exploit. We at Cyjax hope this will help organisations and their staff protect themselves from digital threats during this national crisis. If you require any further assistance or advice, please contact us. Overview of malicious cyber activity We have witnessed a significant uptick in cyberattacks exploiting fear of the coronavirus to compromise victims. Notably, however, there has not been a surge in the total number of attacks. Instead, existing cybercriminal operations have been rethemed with COVID-19 lures. Attackers have not gained more resources, but are instead repurposing their existing phishing, ransomware, and malware infrastructure to include COVID-19-themed keywords in a bid to infect more users. [1] All sectors are being targeted with COVID-19-themed attacks, including those operating in the critical infrastructure space. Attacks have ranged from generic “spray and pray” attacks to highly targeted advanced persistent threat (APT) operations. A broad array of nation-state actors have been involved from China, Russia, North Korea and Iran, among others. Sophisticated cybercriminals are also staging coronavirus-themed attacks. Most notably, organised ransomware gangs, who have continued to compromise, encrypt and leak data from a diverse group of organisations.
    [Show full text]
  • Relation Between Sunspots and Covid19 – a Proof for Panspermia
    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 11 | Nov 2020 www.irjet.net p-ISSN: 2395-0072 RELATION BETWEEN SUNSPOTS AND COVID19 – A PROOF FOR PANSPERMIA Janani T1 1Department of Biotechnology, Kumaraguru College of Technology, Coimbatore, Tamilnadu, India ---------------------------------------------------------------------***---------------------------------------------------------------------- Abstract - The novel viral or the bacterial pandemics and epidemics are not new to this earth. Often these disease-causing pathogens are of unknown origin and often identified as an infection which is transmitted from other animals. They are frequently found as the mutated form of the original strain or completely a newly developed strain. The causes for this mutation are many which comprises of both natural and artificial sources. The time of occurrence of these pandemic and epidemic astonishingly coincides with the sun spot extremum (often minimum). It is observed that whenever there is a sun spot extremum there was a novel microbial pandemic or epidemic. The current COVID19 pandemic is also suggested to be due to such sunspot extremum as the sun cycle is currently at its sun spot minimum. This review aims at providing the facts of relation between sunspots and the novel corona virus pandemic and there by stating this occurrence as a proof for panspermia. Key Words: Pandemic, Epidemic, COVID19, Sunspot, Solar Cycle, Solar minimum, Panspermia 1. INTRODUCTION 1.1 SUNSPOTS: Sunspots are the dark regions in the sun’s surface due to the concentration of magnetic field in that region. These regions are relatively colder to the other regions of the sun’s surface. Hotter region emits more light than the colder region hence these regions appear to be darker and called the spots of the sun.
    [Show full text]
  • The Cyberpeace Institute Foreword 2 Acknowledgements 5
    March 2021 The CyberPeace Institute Foreword 2 Acknowledgements 5 Part 1: Setting the Scene 7 Disclaimer Introduction 9 The opinions, findings, and conclusions and recommendations in Signposting – How to read the Report 11 this Report reflect the views and opinions of the CyberPeace Institute Key Findings 15 alone, based on independent and discrete analysis, and do not indicate Recommendations 19 endorsement by any other national, regional or international entity. Part 2: Understanding the Threat Landscape 27 The designations employed and the presentation of the material in this publication do not express any opinion whatsoever on the part of the Chapter 1 Background 29 CyberPeace Institute concerning the legal status of any country, territory, 1.1 A convergence of threats to healthcare 29 city or area of its authorities, or concerning the delimitation of its 1.2 Healthcare as a target of choice 30 frontiers or boundaries. 1.3 Cybersecurity in the healthcare sector 32 Copyright Notice Chapter 2 Victims, Targets and Impact 35 2.1 A diversity of victims – the people 36 The concepts and information contained in this document are the 2.2 A typology of targets – healthcare organizations 38 property of the CyberPeace Institute, an independent non-profit 2.3 A variety of impacts on victims and targets 41 foundation headquartered in Geneva, unless otherwise indicated within the document. This document may be reproduced, in whole or in part, Chapter 3 Attacks 51 provided that the CyberPeace Institute is referenced as author and 3.1 Disruptive attacks – ransomware’s evolving threat to healthcare 52 copyright holder. 3.2 Data breaches – from theft to cyberespionage 57 3.3 Disinformation operations – an erosion of trust 59 © 2021 CyberPeace Institute.
    [Show full text]
  • Global Catastrophic Risks Survey
    GLOBAL CATASTROPHIC RISKS SURVEY (2008) Technical Report 2008/1 Published by Future of Humanity Institute, Oxford University Anders Sandberg and Nick Bostrom At the Global Catastrophic Risk Conference in Oxford (17‐20 July, 2008) an informal survey was circulated among participants, asking them to make their best guess at the chance that there will be disasters of different types before 2100. This report summarizes the main results. The median extinction risk estimates were: Risk At least 1 million At least 1 billion Human extinction dead dead Number killed by 25% 10% 5% molecular nanotech weapons. Total killed by 10% 5% 5% superintelligent AI. Total killed in all 98% 30% 4% wars (including civil wars). Number killed in 30% 10% 2% the single biggest engineered pandemic. Total killed in all 30% 10% 1% nuclear wars. Number killed in 5% 1% 0.5% the single biggest nanotech accident. Number killed in 60% 5% 0.05% the single biggest natural pandemic. Total killed in all 15% 1% 0.03% acts of nuclear terrorism. Overall risk of n/a n/a 19% extinction prior to 2100 These results should be taken with a grain of salt. Non‐responses have been omitted, although some might represent a statement of zero probability rather than no opinion. 1 There are likely to be many cognitive biases that affect the result, such as unpacking bias and the availability heuristic‒‐well as old‐fashioned optimism and pessimism. In appendix A the results are plotted with individual response distributions visible. Other Risks The list of risks was not intended to be inclusive of all the biggest risks.
    [Show full text]
  • Covid-19 Response and Recovery
    COVID-19 RESPONSE AND RECOVERY Nature-Based Solutions for People, Planet and Prosperity Recommendations for Policymakers November 2020 Nicole Schwab Elena Berger Co-Director Executive Director 1t.org Bank Information Center Patricia Zurita M. Sanjayan CEO CEO Birdlife International Conservation International Mark Gough Kathleen Rogers CEO President Capitals Coalition Earth Day Network Andrea Crosta Carlos Manuel Rodriguez Founder and Executive Director CEO and Chairperson Earth League International Global Environment Facility Wes Sechrest Paul Polman Chief Scientist and CEO Chair Global Wildlife Conservation Imagine Azzedine Downes Karen B. Strier President and CEO President International Fund for Animal Welfare International Primatological Society II Sylvia Earle Lucy Almond President and Chair Director and Chair Mission Blue Nature4Climate Jennifer Morris Bonnie Wyper CEO President The Nature Conservancy Thinking Animals United Justin Adams Cristián Samper Executive Director President and CEO Tropical Forest Alliance Wildlife Conservation Society Peter Bakker President and CEO Andrew Steer World Business Council for President and CEO Sustainable Development World Resources Institute Jodi Hilty Marco Lambertini President and Chief Scientist Director General Yellowstone to Yukon WWF International Conservation Initiative III Executive Summary COVID-19 highlights the critical connection between the health of nature and human health. This connection must be better reflected in our priorities, policies and actions. The root causes of this pandemic are common to many root causes of the climate change and biodiversity crises. Confronting these intertwined crises requires an integrated approach and unprecedented cooperation to achieve an equitable carbon-neutral, nature-positive economic recovery and a sustainable future. Our organizations’ recommendations to policymakers for meeting this challenge are offered below.
    [Show full text]
  • ESET THREAT REPORT Q3 2020 | 2 ESET Researchers Reveal That Bugs Similar to Krøøk Affect More Chip Brands Than Previously Thought
    THREAT REPORT Q3 2020 WeLiveSecurity.com @ESETresearch ESET GitHub Contents Foreword Welcome to the Q3 2020 issue of the ESET Threat Report! 3 FEATURED STORY As the world braces for a pandemic-ridden winter, COVID-19 appears to be losing steam at least in the cybercrime arena. With coronavirus-related lures played out, crooks seem to 5 NEWS FROM THE LAB have gone “back to basics” in Q3 2020. An area where the effects of the pandemic persist, however, is remote work with its many security challenges. 9 APT GROUP ACTIVITY This is especially true for attacks targeting Remote Desktop Protocol (RDP), which grew throughout all H1. In Q3, RDP attack attempts climbed by a further 37% in terms of unique 13 STATISTICS & TRENDS clients targeted — likely a result of the growing number of poorly secured systems connected to the internet during the pandemic, and possibly other criminals taking inspiration from 14 Top 10 malware detections ransomware gangs in targeting RDP. 15 Downloaders The ransomware scene, closely tracked by ESET specialists, saw a first this quarter — an attack investigated as a homicide after the death of a patient at a ransomware-struck 17 Banking malware hospital. Another surprising twist was the revival of cryptominers, which had been declining for seven consecutive quarters. There was a lot more happening in Q3: Emotet returning 18 Ransomware to the scene, Android banking malware surging, new waves of emails impersonating major delivery and logistics companies…. 20 Cryptominers This quarter’s research findings were equally as rich, with ESET researchers: uncovering 21 Spyware & backdoors more Wi-Fi chips vulnerable to KrØØk-like bugs, exposing Mac malware bundled with a cryptocurrency trading application, discovering CDRThief targeting Linux VoIP softswitches, 22 Exploits and delving into KryptoCibule, a triple threat in regard to cryptocurrencies.
    [Show full text]
  • Ready Or Not 2021: Protecting the Public's Health from Diseases
    ISSUE REPORT Ready or Not: PROTECTING THE PUBLIC’S HEALTH FROM DISEASES, DISASTERS, AND BIOTERRORISM 2021 MARCH 2021 Acknowledgements The National Health Security Preparedness Index (NHSPI) is a joint Trust for America’s Health (TFAH) is a nonprofit, nonpartisan initiative of the Robert Wood Johnson Foundation, the University public health policy, research, and advocacy organization that of Kentucky, and the University of Colorado. TFAH wishes to promotes optimal health for every person and community and recognize and thank Glen Mays and Michael Childress of the makes the prevention of illness and injury a national priority. NHSPI for their collaboration and expertise as well as the Robert The Ready or Not report series is supported by generous Wood Johnson Foundation for its continued funding support. grants from the Robert Wood Johnson Foundation, with Ready or Not and the NHSPI are complementary projects that additional support from The California Endowment, W.K. work together to measure and improve the country’s health Kellogg Foundation and The Kresge Foundation. Opinions security and emergency preparedness. TFAH looks forward to a in this report are TFAH’s and do not necessarily reflect the continued partnership. views of its funders. TFAH BOARD OF DIRECTORS Gail Christopher, D.N. Stephanie Mayfield Gibson, M.D. Eduardo Sanchez, M.D., MPH Chair of the Board Director Chief Medical Office for Prevention Executive Director U.S. COVID-19 Response Initiative American Heart Association National Collaborative for Health Equity Resolve to Save Lives Umair A. Shah, M.D., MPH Former Senior Advisor and Vice President Cynthia M. Harris, Ph.D. Secretary of the Health W.K.
    [Show full text]
  • Interim Pre-Pandemic Planning Guidance: Community
    Interim Pre-pandemic Planning Guidance: Community Strategy for Pandemic Influenza Mitigation in the United States— Early, Targeted, Layered Use of Nonpharmaceutical Interventions NT O E F D M E T F R E A N P S E E D U N A I IC TE R D S ME TATES OF A OF TRAN NT SP E O M R T T R A A T P I O E N D U N A I C T I E R D E M ST A ATES OF Page 2 was blank in the printed version and has been omitted for web purposes. Page 2 was blank in the printed version and has been omitted for web purposes. Interim Pre-Pandemic Planning Guidance: Community Strategy for Pandemic Influenza Mitigation in the United States— Early, Targeted, Layered Use of Nonpharmaceutical Interventions February 2007 Page 4 was blank in the printed version and has been omitted for web purposes. Page 4 was blank in the printed version and has been omitted for web purposes. Contents I Executive Summary ........................................................................ 07 II Introduction .................................................................................. 17 III Rationale for Proposed Nonpharmaceutical Interventions .......................... 23 IV Pre-pandemic Planning: the Pandemic Severity Index ............................. 31 V Use of Nonpharmaceutical Interventions by Severity Category ................... 35 VI Triggers for Initiating Use of Nonpharmaceutical Interventions ................... 41 VII Duration of Implementation of Nonpharmaceutical Interventions.......................... 45 VIII Critical Issues for the Use of Nonpharmaceutical Interventions ................... 47 IX Assessment of the Public on Feasibility of Implementation and Adherence ..... 49 X Planning to Minimize Consequences of Community Mitigation Strategy ....... 51 XI Testing and Exercising Community Mitigation Interventions ....................
    [Show full text]
  • North Korean Cyber Activity 03/25/2021
    North Korean Cyber Activity 03/25/2021 TLP: WHITE, ID# 202103251030 Agenda • DPRK National Interests • Timeline of Recent Activity • Overview of DPRK APT Groups • APT Threat Actor Profiles o HIDDEN COBRA o Andariel o APT37 o APT38 o TEMP.Hermit o TEMP.Firework o Kimsuky o Bureau 121 Bureau 325 o Slides Key: • Recommendations Non-Technical: Managerial, strategic and high- • Outlook level (general audience) Technical: Tactical / IOCs; requiring in-depth knowledge (sysadmins, IRT) 2 DPRK National Interests • North Korea, officially the Democratic People’s Republic of Korea (DPRK) • Supreme leader: Kim Jong-un (since 2011) • Primary strategic goal: perpetual Kim family rule via development of economy and nuclear weapons • Primary drivers of security strategy: o Deterring foreign intervention by obtaining nuclear capabilities o Eliminating perceived threats to Kim regime o Belief that North Korea is entitled to respect as a world power • “Cyberwarfare is an all-purpose sword that guarantees the North Korean People’s Armed Forces ruthless striking capability, along with nuclear weapons and missiles.” – Kim Jong-un (2013) • Reportedly has 7,000 cyber warriors • 300% increase in the volume of activity to and from North Korean networks since 2017 3 Timeline of Recent Activity Jan 2020 Feb 2021 Two distinct Aug 2020 Nov 2020 South Korean Feb 2021 clusters of USG exposed North Korean Intelligence North Korean DPRK cyber DPRK hackers claims DPRK Lazarus activity begin malware used targeted a targeted Group targeting in fake job major COVID- COVID-19
    [Show full text]