Apparent 'single threat actor' conducts statewide ransomware attack of local governments in TexasRead More…
BTS HelpDesk: 503-823-5199
111 SW Columbia St, Suite 400, Portland, OR 97201
Welcome to our blog. Here we will let you know the latest happenings in the information security world.
May 14th, 2019 report of district-wide cyber attack via Ransomware
Attackers Exploit WhatsApp Flaw to Auto-Install Spyware
WhatsApp vulnerability (within the VOIP stack) that is leveraged by the audio call feature allows a bad actor to install spyware without any user action. The bad actor call also erases any trace of their malware-laden call.
--> If you use WhatsApp, please install the latest software update via your app store.
Baltimore says the "RobinHood" virus did not come through Spam or phishing email.
The City of Baltimore copes with ransomware for a second time in 14 months.
Public breach in the public sector
A school district in Scott County KY loses $3.7M. Read more here.
Drive Encryption solution
Over the last 2 years, The City of Portland has rolled out a new-to-us control to protect city information from physical device theft or loss. This control meets requirements in our various compliance standards and is required in our policies.
The City of Portland must meet the following compliance standards:
Each of those have requirements to protect their information/data while it is "at rest" or stored on a computer system. Having Bitlocker on all workstations and laptops ensures the City meets requirements for each of the above standards.
Bitlocker is a software product provided by Microsoft on all Windows 10 machines. Bitlocker encrypts the whole computer's storage device (hard drive). The only way to extract the information in a Bitlocker encrypted device is to decrypt it by supplying the Bitlocker key (which is done by the hardware device), then supply a valid username and password to the computer.
Encryption is used to scramble the information such that no-one can read or use the information unless they know the secret key to decrypt the information first. Bitlocker ensures only authorized City employees can access the keys.
Other vendors have done the same thing within their systems. Some examples:
What happens if the City loses the key? Well, the data is lost. This is one reason why BTS requires all data to be stored on servers and not workstations. If someone loses a workstation or laptop, the City does not want to lose City information.
The City has experienced a number of issues with BitLocker, where the system stops accessing the key and BTS has to manually intervene and sometimes replace the hardware. In these cases, there can be hours where the City user cannot access their computer or do work. BTS is working with Microsoft and our hardware vendor to resolve these issues.