Cybersecurity Saturday - Ermer and Suter PLLC

From the cyberthreats front, ABC News reports

A top Justice Department official issued a stark warning Thursday [February 17] to companies in the U.S. and abroad, calling on them to immediately shore up their cybersecurity defenses amid a potential Russian invasion of Ukraine.
“Given the very high tensions that we are experiencing, companies of any size and of all sizes would be foolish not to be preparing right now as we speak — to increase their defenses, to do things like patching, to heighten their alert systems, to be monitoring in real-time their cybersecurity,” deputy attorney general Lisa Monaco said in remarks at the Munich Cybersecurity Conference. “They need to be as we say, ‘shields up’ and to be really on the most heightened level of alert that they can be and taking all necessary precautions.”

Here is a link to CISA website with advice on how to place your Shields up.

Last Tuesday February 15, the FEHBlog ran across the following government announcement:

The Federal Bureau of Investigation (FBI) and the United States Secret Service (USSS) have released a joint Cybersecurity Advisory (CSA) identifying indicators of compromise associated with BlackByte ransomware. BlackByte is a Ransomware-as-a-Service group that encrypts files on compromised Windows host systems, including physical and virtual servers.
CISA encourages organizations to review the joint FBI-USSS CSA and apply the recommended mitigations.

What’s more, here is our link to Bleeping Computer’s The Week in Ransomware:

The big news this week is that the Conti ransomware gang has recruited the core developers and managers of the TrickBot group, the developers of the notorious TrickBot malware.
This recruitment drive now allows the Conti ransomware gang to focus on developing further stealthy malware, such as BazarBackdoor, while letting the TrickBot malware slowly wane away due to its easy detection by antivirus software.
With this “merger,” Conti has evolved into an actual cybercrime syndicate with different groups focusing on developing malware for each leg of a ransomware attack, ranging from initial access to encrypting.

From the cyber protection front –

Health IT Security offers a useful review of the HIPAA Security Rule’s technical safeguard provisions.

Bleeping Computer informs us about CISA’s list of free cybersecurity tools and services.

The FEHBlog also ran across a comprehensive HHS HC3 PowerPoint presentation on protecting electronic health records.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Subscribe to FEHBlog