The next 10 days till the election will be brutal: Scams, misinformation, election security and more in this October 27th News of the Week

This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.

Stan’s Corner

There are several points to be made about election security. Most vitally, our election systems — our votes — are being protected as never before. That’s the message from Jen Easterly , the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Also critical to an open, honest, and fair election is the rapid response of CISA, the FBI, and the intelligence agencies in identifying attempts by America’s adversaries to influence the election by spreading disinformation and otherwise meddling in our election.

For us, we the people, it’s important to treat everything we see and read as at least somewhat suspect. We are all being targeted with stories that confirm our biases about how bad the other side is.

Always be suspicious. Rule #3 in our guide How Hackable Are You? The more the story appeals to what we want to believe about the other side, the more important it is that we treat it with suspicion.? This includes being very suspicious about what we donate to.

Don’t fall victim to election fundraising scams like the people in the CNN story in Section 2.

Whichever side you’re on, know that the next 10 days are going to be brutal.

• U.S. cybersecurity chief says election systems have ‘never been more secure’: Amid widespread concerns of outside interference influencing the results this year’s presidential election, the head of the country’s cybersecurity agency says election infrastructure is more secure than ever. … State and local election officials across the country have made big improvements to strengthen both physical and cyber security at polling and voting locations to preserve election integrity, said Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency, in an interview with Weekend Edition.
• Foreign threats to the US election are on the rise, and officials are moving faster to expose them: A presidential candidate’s phone is hacked. A fake video falsely shows ballots burned in Pennsylvania. National security officials warn that U.S. adversaries may incite violent protests after Election Day. … These developments — all revealed in the past week — show how Russia, China and Iran have increased the pace of efforts to meddle in American politics ahead of next month’s election, just as intelligence officials and security analysts had predicted. … At the same time, officials, tech companies and private researchers have adopted a more aggressive defense by swiftly exposing foreign election threats, highlighting the lessons learned from past election cycles that revealed America’s vulnerability to disinformation and cyberespionage.
• US intelligence says Russia is behind video of ballots being destroyed in Pennsylvania: U.S. intelligence officials have confirmed that a viral video spreading online showing mail-in ballots being destroyed in the key battleground suburb of Bucks County, Pennsylvania, is a hoax perpetrated by Russia as part of its covert effort to help elect former President Donald Trump.
• FBI, CISA investigating China-linked telecom hacks following reports of intrusions on Trump, Harris phones: U.S. agencies are investigating allegations that hackers connected to the government of China breached the systems of multiple telecommunications companies following reports that devices belonging to Vice President Kamala Harris’ campaign, former President Donald Trump and vice presidential candidate JD Vance were targeted in a broad campaign.?

From SecureTheVillage

• November 21: 9th Annual Official Los Angeles Cybersecurity Summit, Fairmont Century Summit.
• January 30, 2025: A Reasonable Approach to Reasonable Security.?SecureTheVillage’s 5th Annual Reasonable Security Summit. Mark your calendars for this all-day hybrid event!
• Smaller business? Nonprofit? Take your security to the next level. If you’re a small business or nonprofit in the greater Los Angeles area, apply NOW for LA Cybersecure?. Protect your organization with our innovative team-based learn-by-doing program with coaching and guidance that costs less than two cups of coffee a week.
• IT Service Provider / MSP? Grow revenues. Take your client’s security to the next level. Apply Now! If you’re an IT service provider in the greater Los Angeles area, apply NOW for LA Cybersecure?. With our innovative team-based learn-by-doing program, you’ll have both that “seat at the table” and the peace of mind that you’re providing your clients with the reasonable IT security management they need. … The LA Cybersecure? Program is funded in part by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.
• SecureTheVillage Cybersecurity News of the Week & Weekend Patch Report. Our award winning newsletter. Essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Subscribe
• SecureTheVillage Family Protection Newsletter: Our monthly newsletter for non-cyber experts. For your parents, friends, and those who need to protect themselves in a digital world. Subscribe
• How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basic controls and download our free updated 13-step guide.
• Support SecureTheVillage: We need your help if we’re to build a world of CyberGuardians TM. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village?

Cybersecurity Nonprofit of the Week: Sightline Security

Our kudos this week to Sightline Security, a nonprofit that helps nonprofits secure and protect their critical information. Sightline’s mission is to equip, empower, and support nonprofits to navigate and embed cybersecurity into their organizations with confidence.?Kudos to Sightline Security for their cyber support to the vital under-served nonprofit community. Sightline Security played a major role in the development of LA Cybersecure?. Like SecureTheVillage, Sightline Security is a fellow-member of Nonprofit Cyber .

Section 2: Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.?

Here’s an excellent piece on staying safe from scams. Stay suspicious. And a sad piece about seniors with dementia being victimized in election scams. … I omitted the Party and Candidate names in the piece below. … The story isn’t about this Party or that Party. It’s about the pain and devastation felt by those who have lost everything through deceit.

• How elderly dementia patients are unwittingly fueling political campaigns: A CNN investigation reveals how deceptive political fundraising has misled elderly Americans into giving away millions of dollars. … The 80-year-old communications engineer from Texas had saved for decades, driving around in an old car and buying clothes from thrift stores so he’d have enough money to enjoy his retirement years. … But as dementia robbed him of his reasoning abilities, he began making online political donations over and over again — eventually telling his son he believed he was part of a network of political operatives communicating with key <Party> leaders. In less than two years, the man became one of the country’s largest grassroots supporters of the <Party> Party, ultimately giving away nearly half a million dollars to <Presidential Candidate> and other candidates. Now, the savings account he spent his whole life building is practically empty.
• October is Cybersecurity Awareness Month. Here’s how to stay safe from scams: “Scams have become so sophisticated now. Phishing emails, texts, spoofing caller ID, all of this technology gives scammers that edge,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. … As scammers find new ways to steal money and personal information, consumers should be more vigilant about who they trust, especially online. A quick way to remember what to do when you think you’re getting scammed is to think about the three S’s, said Alissa Abdullah, also known as Dr. Jay, Mastercard’s deputy chief security officer. “Stay suspicious, stop for a second (and think about it) and stay protected,” she said. Whether it’s romance scams or job scams, impersonators are looking for ways to trick you into giving them money or sharing your personal information.

Section 3: Cybersecurity and Privacy News for the Cyber-Concerned.

In a positive story, the Treasury Department reports how AI helps them uncover fraud.

• AI helped the feds catch $4 billion of fraud in one year. And it’s just getting started: The federal government’s bet on using artificial intelligence to fight financial crime appears to be paying off. … Machine learning AI helped the US Treasury Department to sift through massive amounts of data and recover $1 billion worth of check fraud in fiscal 2024 alone. That’s nearly triple what the Treasury recovered in the prior fiscal year. … “It’s really been transformative,” Renata Miskell, a top Treasury official, told CNN in a phone interview. … The Treasury Department credited AI with helping officials prevent and recover more than $4 billion worth of fraud overall in fiscal 2024, a six-fold spike from the year before.

In legal action this week, the SEC and Ireland’s Privacy Regulator both had fruitful weeks. And Delta has filed its lawsuit against Crowdstrike for the disruption that allegedly cost the company half a billion dollars.

• SEC charges tech companies for downplaying SolarWinds breaches: The SEC has charged four companies—Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly misleading investors about the impact of their breaches?during the massive 2020 SolarWinds Orion hack. … “The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions,” announces the SEC in a Tuesday press release. … “The SEC also charged Unisys with disclosure controls and procedures violations.” … These companies agreed to pay civil penalties to settle the SEC’s charges. Unisys will pay $4 million,?Avaya will pay $1 million, Check Point will pay?a $995,000 civil penalty, and Mimecast will pay a $990,000 penalty.
• LinkedIn hit with $335 million fine for using member data for ad targeting without consent: Ireland’s top privacy regulator on Thursday fined social media platform LinkedIn €310 million ($335 million) for allegedly using its members’ data for advertising purposes without obtaining their consent. … The Microsoft-owned company violated the European Union’s General Data Protection Regulation (GDPR) when it processed users’ data for behavioral analysis and targeted advertising, Ireland’s Data Protection Commission (DPC) said in its announcement. By unfairly processing the data without transparency or consent, LinkedIn broke the law, it added.? … The hefty fine is one of the largest ever levied against a tech company for violating the GDPR.
• Delta Sues CrowdStrike Over July Operations Meltdown: Airline alleges gross negligence by cybersecurity firm; CrowdStrike says Delta is attempting to shift blame for outdated systems. … Delta Air Lines sued CrowdStrike over the July global technology outage that grounded thousands of flights and preceded a dayslong debacle for the air carrier.?… The lawsuit accused CrowdStrike of gross negligence, alleging that the cybersecurity company is to blame for not only the outage but the rolling disaster that followed for the airline. In the lawsuit filed Friday in a Georgia state court, Delta called the IT breakdown “catastrophic,” citing $500 million in out-of-pocket losses and losses to future revenue.?

In recognition of Halloween, the following story wraps cybercrime into the metaphor of ghosts and goblins. Some fascinating statistics make me think I’d be safer spending Halloween at Stephen King’s Overlook Hotel than on the Internet.

• These cybercrime facts show why cybercriminals are more terrifying than the monsters and ghouls roaming the street on Halloween: Cybercriminals love to give new meaning to the phrase “trick or treat.” … Through cyber attacks, phishing, ransomware, and data breaches, bad guys love causing mayhem for businesses and consumers. But their actions aren’t chalked up to the pranks one would expect on All Hallows’ Eve. Their impacts are far more costly and devastating to victims. … Ransomware Netted Threat Actors More Than $1.1B in Ill-Gotten Gains. 51% of Organizations Lost $5-$25 million to AI-related Threats. True Cost of Fraud to Older Adults to Top $5 billion. … Here’s 10 more 13 cybercrime facts that will make your hair stand on end.

This week in cybercrime:

• Landmark, an administrator for insurance firms, says 800,000 affected by data breach: One of the biggest third-party administrators for several large insurance firms said a cyberattack in May exposed the sensitive information of more than 800,000 people.?… Landmark Admin told regulators in Maine that names, Social Security numbers and tax identification numbers were accessed by the hackers. … For an unknown subset of people, the breach also exposed driver’s license numbers, passport numbers, bank account information, routing numbers and medical information was also leaked. Health insurance policy information and life and annuity policy information. … The Texas-based company works as a third-party administrator for insurance carriers like Liberty Bankers Insurance Group (LBIG), which includes American Monumental Life Insurance Company, Pellerin Life Insurance Company, American Benefit Life Insurance Company, Liberty Bankers Life Insurance Company, Continental Mutual Insurance Company, and Capitol Life Insurance Company.?
• UnitedHealth says data of 100 million stolen in Change Healthcare breach: UnitedHealth has confirmed for the first time that over 100 million people had their personal information and healthcare data stolen in the Change Healthcare ransomware attack, marking this as the largest healthcare data breach in recent years.
• RansomHub gang allegedly behind attack on Mexican airport operator: A hacking group recently spotlighted by U.S. agencies said it is responsible for an attack targeting an operator of 13 airports across Mexico. … Grupo Aeroportuario del Centro Norte announced last Friday that a cyber incident forced its IT team to turn to backup systems in an effort to continue running the airports it controls across central and northern Mexico. Known colloquially as OMA, the company runs airports in Monterrey and other major Mexican cities, handling more than 19 million passengers so far this year.? … On Thursday, the RansomHub operation claimed to be responsible for the incident, and threatened to leak 3 terabytes of stolen data if an undisclosed ransom is not paid. U.S. agencies warned of the group’s attacks in August, saying it was responsible for more than 210 incidents since emerging in February.?

Section 4: Managing cybersecurity in the organization

Two stories on how — in the face of increasingly damaging cyber disruption — the CISO role is becoming increasingly strategic.

• CISO Role Gains Influence: 20% Report Directly to CEOs: Deloitte Global’s Future of Cyber survey reveals how organisations are adapting to a changing threat landscape by enhancing the role of the CISO. The Global Future of Cyber Survey which is currently in its fourth edition has shown the progression of the cybersecurity role in the C-suite.?…? A director general of a government cyber and IT security agency said: “The big shift for us is by bringing in the security discussion before, not after, building the solution.?… “We really want to move into ‘security by design’ as opposed to what often happens – ‘security by assessment’ – which requires security to be more of a strategic part of the overall business.”
• CISOs as Organizational Bridge Builders for Cybersecurity Culture: As of 2023, 100% of Fortune 500 companies had a CISO role or its equivalent. This figure was only 70% in 2018. It marks the unmistakable trend in the business world that CISOs are emerging as vital organizational bridge builders tasked with connecting the often-siloed worlds of security and business to foster a robust cybersecurity culture that permeates all levels of the organization. … However, this does not come without its own challenges. CISOs often encounter resistance from business leaders who may prioritize short-term gains over long-term security investments and grapple with the complexities of aligning security measures with business agility. … In this article, we explore the evolving role of the CISO and examine the key strategies and challenges involved in fostering a robust cybersecurity culture.

As if to emphasize the importance of the strategic cultural shift, the next story demonstrates once again that we are not doing a good enough job helping our users defend themselves against attack. And let’s warn users to be careful about the social engineering attacks on Teams.

• Human error is cybersecurity’s number one concern, Kaseya report finds: User behavior is the biggest cybersecurity challenge facing IT organizations today, new research from Kaseya has found, as threat actors and defenders alike increasingly adopt AI. … The 2024 Kaseya Security Survey quizzed IT professionals across North America, the UK and EU, as well as APAC and New Zealand, working for companies with annual revenue of between $1 million and $10 million, and between 101-500 employees. … It found that a resounding 89% of participants stated bad user behavior or lack of training as their main cybersecurity hurdle in 2024. User-related security issues – such as poor user practices and gullibility – was the largest concern (45%), while lack of end-user security training (44%) followed close behind.
• Black Basta ransomware poses as IT support on Microsoft Teams to breach networks: The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack.

About SecureTheVillage:

The vision of SecureTheVillage is to make Los Angeles the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. Making this happen takes a village.

Follow Stan Stahl, PhD on LinkedIn!

Support SecureTheVillage: We need your help if we’re to build a world of CyberGuardians?. Donate to SecureTheVillage. It takes a village to secure the village.?.