News & Information       http://info.owt.com

Security

04/26/2018   Security Focus Vulnerabilities
[SECURITY] [DSA 4180-1] drupal7 security update
04/26/2018   Security Focus Vulnerabilities
Secunia Research: Oracle Outside In Technology Use-After-Free Vulnerability
04/26/2018   Security Focus Vulnerabilities
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4)
04/26/2018   Security Focus Vulnerabilities
APPLE-SA-2018-04-24-2 Security Update 2018-001
04/26/2018   SecurityFocus News
Enterprise Intrusion Analysis, Part One
04/26/2018   SecurityFocus News
Responding to a Brute Force SSH Attack
04/26/2018   SecurityFocus News
Data Recovery on Linux and <i>ext3</i>

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909
04/26/2018   SecurityFocus News
WiMax: Just Another Security Challenge?
04/26/2018   SecurityFocus News
Time to Squish SQL Injection
04/26/2018   SecurityFocus News
Lazy Workers May Be Deemed Hackers

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909
04/26/2018   SecurityFocus News
The Scale of Security
04/26/2018   SecurityFocus News
Hacker-Tool Law Still Does Little
04/25/2018   Department of Homeland Security
Release Date: 
April 25, 2018

WASHINGTON – Secretary of Homeland Security Kirstjen M. Nielsen released the following statement on the arrival of the Central American ‘Caravan’ at the U.S.-Mexico border:

“DHS is currently monitoring the travel of the so-called ‘caravan’ towards our Southern border and is doing everything within our authorities to secure our borders and enforce the law.

“Let me be clear: we will enforce the immigration laws as set forth by Congress. If you enter our country illegally, you have broken the law and will be referred for prosecution. If you make a false immigration claim, you have broken the law and will be referred for prosecution.  If you assist or coach an individual in making a false immigration claim, you have broken the law and will be referred for prosecution.

“DHS, in partnership with DOJ, has taken a number of steps to ensure the necessary resources are in place to promptly adjudicate all cases and claims, through either our civil immigration system or through criminal prosecution, consistent with our laws.

“Individuals of the 'caravan' seeking asylum or other similar claims should seek protections in the first safe country they enter, including Mexico.

“The smugglers, traffickers, and criminals understand our legal loopholes better than Congress and are effectively exploiting them to their advantage. This President fully understands the threat this poses to Americans and has been crystal clear since the beginning of his Administration that we will protect our borders and our sovereignty.

“I, again, ask Congress to work with me to quickly pass legislation to close the legal loopholes that prevent us from securing our borders and protecting Americans. I stand ready to work with any member who in good faith seeks to support DHS’s mission and secure our country.”

Keywords: 
04/25/2018   Forbes Security
The recent MyEtherWallet hack demonstrates the security vulnerabilities of cryptocurrencies. Even though the underlying blockchain technologies are secure, there are still risks. Security officials weigh on in why cryptocurrencies are prone to hacks and ways to secure digital money.
04/25/2018   Forbes Security
Tthe ASUS Lyra Trio consists of a threesome of Wi-Fi routers that link together to form a mesh network. Once installed, devices connected to the network are automatically routed to the station with the best signal and are seamlessly shuffled off to the next router as you move around the home.
04/25/2018   Trend Micro Security
Activism has found a new outlet in the digital realm.

The digital realm has become a critical space for individuals to express their opinions and further their causes.

The post Graffiti in the digital world: How hacktivists use defacement appeared first on .

04/25/2018   Forbes Security
While Initial Coin Offerings (ICOs) saw mixed fortunes in 2017 and data shows that almost half met less than favorable outcomes and failed despite jointly raising north of $6 billion, many large and established enterprises are now entering the blockchain and distributed ledger technology landscape.
04/25/2018   Trend Micro Security

Emails. Web forms. Events. [Oh my!] These marketing tactics are all designed to gather, store, and evolve relationships with your prospects, customers, and partners. Often times, they are the first point of contact for your organization from the outside world—and they all feed into your marketing automation systems. With the General Data Protection Regulation (GDPR)...

The post Customer data & marketing operations: Keeping your data safe on the journey to GDPR compliance appeared first on .

04/25/2018   Forbes Security
North Korea's elite used to love Facebook, but now they're fleeing the social network, according to a cybersecurity firm.
04/25/2018   Trend Micro Security
The typical enterprise has more than 500 applications in place.

Bio-IoT: Internet of Things applied to biological systems, such as pharmaceutical delivery systems, implanted medical devices, intelligent prosthetics, surgical assistants, and remote patient monitoring. IoT 2.0, with ample processing resources and OSI-conformant networking, promises vast improvements in health care. A recent paper from the IEEE describes a bright future for medical IoT (The Internet of...

The post The Risks of Bio-IoT appeared first on .

04/25/2018   Forbes Security
Here's how it was done and how the company that created the hack worked with Amazon to make sure it can't be done by others.
04/25/2018   Sophos Security
Chinese security company announces Internet Explorer zero-day exploit that's triggered by Word. So far... that's all she wrote.
04/25/2018   Sophos Security
If you control, collect or share any personal data belonging to EU citizens, you'd better be!
04/25/2018   Sophos Security
It's only telling people now because an investigation has been under way
04/25/2018   Forbes Security
Forbes Exclusive: Webstresser.org promised massive DDoS attacks to as many as 136,000 users. It's now been dismantled in a global police operation.
04/25/2018   Security Focus Vulnerabilities
Apple iOS and macOS Multiple Security Vulnerabilities
04/25/2018   Security Focus Vulnerabilities
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/25/2018   Sophos Latest Virus Alerts
04/24/2018   Department of Homeland Security
04/24/2018   Department of Homeland Security
Release Date: 
April 24, 2018

On April 24, Secretary of Homeland Security Kirstjen M. Nielsen continued her participation at the G7 Security Ministerial in Toronto, Canada.

Secretary Nielsen met with her foreign counterparts from Canada, France, Germany, Italy, Japan, and the United Kingdom as well as representatives from the European Union to discuss how to protect our nations against persistent and emerging threats. The G7 participants also discussed joint efforts to combat human trafficking worldwide.

The Secretary covered a range of topics with her counterparts, including raising the bar globally on aviation security, enhancing information sharing, and working with our allies on soft-target security to better protect crowded places and public venues against attack. Additionally, Secretary Nielsen discussed what the Department is doing to combat terrorist use of the internet, and later G7 officials met with representatives of the companies leading the Global Internet Forum to Counterterrorism (GIFCT).  They lauded the technology companies for actions taken to fight back against online terrorist recruitment and radicalization but also urged that more needed to be done.  She stressed the urgency of this issue in the United States and the importance of working with G7 partners to thwart these threats.

Later today, the group will meet to discuss cybersecurity and the best practices to combat cyber risks.

Secretary Kirstjen M. Nielsen at G7 Security Ministerial

                 (DHS Official Photo/Madina Turdieva)

# # #

04/24/2018   Forbes Security
The scamsters are tricking victims into believing they are legit by having real phone numbers for local IRS Taxpayer Assistance Centers appear on Caller ID.
04/24/2018   Trend Micro Security

The latest version of the macOS operating system, macOS High Sierra, was released on Monday, September 25, 2017. In this article, we will explain how to upgrade mac to macOS High Sierra.     Why Should We Upgrade to macOS High Sierra?  Apple released the latest macOS, High Sierra, and added some new features including...

The post How to Upgrade Mac to macOS High Sierra appeared first on .

04/24/2018   Forbes Security
BGP hijacking is the "blind spot" of the internet.
04/24/2018   Forbes Security
Last week, it was Cisco’s turn at the plate to take a swing. The biggest question I had going in was, does Cisco Systems have what it takes to compete with Microsoft, Google, Slack, and small upstart, Flock? For the most part, I got that question answered. Let’s take a look at what was announced.
04/24/2018   Forbes Security
With the amount of data people provide to companies like Facebook, it’s essential to have ways to protect information and keep sensitive data safe. And zk-SNARKs are a valuable weapon in the battle for privacy and security.
04/24/2018   Forbes Security
Fraudsters ramped up their attacks last year. Microsoft logged more than 150,000 scam reports from Windows users.
04/24/2018   Sophos Security
The practice doesn't require a warrant but it left relatives feeling "disrespected and violated."
04/24/2018   Sophos Security
"[Reddit] is awful and it’s gonna get worse."
04/24/2018   Sophos Security
Are VPNs about privacy, about anonymity, or about both?
04/24/2018   Sophos Security
Google goes public with Windows 10 S bypass flaw after Microsoft misses another patching deadline
04/24/2018   InfoWorld Security
Google's Android OS sometimes gets unfairly maligned as being weak on security. Computerworld blogger JR Raphael explains why that's a misconception and how users can keep their devices safe.
04/24/2018   Security Focus Vulnerabilities
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
04/24/2018   Security Focus Vulnerabilities
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
04/23/2018   Department of Homeland Security
Release Date: 
April 24, 2018

226 Dirksen Senate Office Building

Chairman Grassley, Ranking Member Feinstein, and distinguished Members of the Committee, thank you for the opportunity to appear today to discuss the role of U.S. Customs and Border Protection (CBP) in preventing the abduction of children by their parents from the United States.

As America’s unified border security agency, CBP plays an important role in the nation’s efforts to prevent children from being abducted and taken abroad by their parents. CBP works in close coordination with the Department of State (DOS) to leverage CBP targeting capabilities as part of our multi-layered, risk-based approach to enhance the security of our borders and America’s children.

Preventing Departure in International Child Abduction Cases

As the nation’s largest law enforcement agency, CBP remains committed to preventing the illegal abduction of children across our Nation’s borders. CBP works every day to act on intelligence received from our partners across law enforcement, including intelligence warning of potential perpetrators of child abductions through our nation’s 328 ports of entry and exit.

The Sean and David Goldman International Child Abduction Prevention and Return Act (ICAPRA) was signed into law on August 8, 2014. CBP’s early commitment to close coordination with DOS resulted in the development and implementation of an early warning mechanism in which notification of travel is made to requesting agencies for minors considered at risk of international parental child abduction (IPCA).

Information Sharing and Operational Coordination

Substantive and timely information sharing is critical to preventing the abduction of children. CBP contributes to the whole-of-government effort by sharing critical information on individuals with law enforcement partner agencies at the federal, state, local, and tribal levels.

These efforts yield results. From FY 2014 to the present,1 CBP has received 605 requests from DOS to prevent the departure of minor children at risk for IPCA. The program has yielded 10 criminal arrests related to IPCA, and 24 international departures of minor children at risk for parental abduction have been prevented. These results were only possible thanks to the close collaboration between CBP, DOS, and our law enforcement partners in the U.S. and around the world.

Conclusion

Tackling this threat involves a united, comprehensive strategy and an aggressive approach by multiple entities across all levels of government. With continued support from Congress, CBP, in coordination with our partners, will continue to contribute to the safety and security of America’s children.

Thank you again for the opportunity to testify today. I look forward to your questions.


1 Effective 04/04/2018

 

Keywords: 
04/23/2018   Department of Homeland Security
Release Date: 
April 24, 2018

342 Dirksen Senate Office Building

Chairman Johnson, Ranking Member McCaskill, and members of the Committee, thank you for the opportunity to testify before you today. The Department of Homeland Security (DHS) serves a critical role in safeguarding and securing cyberspace, a core homeland security mission. The National Protection and Programs Directorate (NPPD) at DHS leads the Nation’s efforts to ensure the security and resilience of our cyber and physical infrastructure. Last month, this Committee reported favorably on H.R. 2825, the Department of Homeland Security Authorization Act (as amended). This bill includes the language from H.R. 3359, the Cybersecurity and Infrastructure Security Agency Act of 2017. If enacted, this language would mature and streamline NPPD and rename our organization to reflect clearly our essential mission and our role in securing cyberspace. The Administration strongly supports establishing the Cybersecurity and Infrastructure Security Agency within DHS, and we will continue working with this Committee and the rest of the Senate to get the necessary legislation enacted.

NPPD is responsible for protecting civilian Federal government networks and collaborating with other Federal agencies, as well as State, local, tribal, and territorial governments, and the private sector to defend against cyber threats. We endeavor to enhance cyber threat information-sharing across the globe to stop cyber incidents before they start and help businesses and government agencies to protect their cyber systems and quickly recover should such an attack occur. By bringing together all levels of government, the private sector, international partners, and the public, we are taking action to protect against cybersecurity risks, improve our whole-of-government incident response capabilities, enhance information sharing of best practices and cyber threats, and to strengthen resilience.

Threats

Cyber threats remain one of the most significant strategic risks for the United States, threatening our national security, economic prosperity, and public health and safety. Malicious cyber activity causes impacts to infrastructure across both the virtual and physical domains. We have recently experienced a turning point in the cyber domain, at least in the public consciousness. We have long been confronted with myriad attacks against our digital networks. Americans have seen advanced persistent threat actors, including hackers, cyber criminals, and nation states, increase the frequency and sophistication of these attacks. Our adversaries have been developing and using advanced cyber capabilities to undermine critical infrastructure, target our livelihoods and innovation, steal our national security secrets, and threaten our democracy.

Global cyber incidents, such as the “WannaCry” ransomware incident and the “NotPetya” malware incident in May and June 2017, respectively, are examples of malicious actors leveraging cyberspace to create disruptive effects and cause economic loss. These incidents exploited known vulnerabilities in software commonly used across the globe. Prior to these events, NPPD had already taken actions to help protect networks from similar types of attacks. Through requested vulnerability scanning, NPPD helped stakeholders identify vulnerabilities on their networks so they could be patched before incidents and attacks occur. Recognizing that not all users are able to install patches immediately, NPPD shared additional mitigation guidance to assist network defenders. As the incidents unfolded, NPPD led the Federal government’s incident response efforts, working with our interagency partners, including providing situational awareness, information sharing, malware analysis, and technical assistance to affected entities.

In a series of incidents since at least May of last year, working with U.S. and international partners, DHS and FBI have identified Russian government actors targeting government entities and businesses in the energy, nuclear, water, aviation, and critical manufacturing sectors. DHS assesses that this campaign ultimately collected information pertaining to industrial control systems with the intent to gain access to industrial control systems environments. The intrusions have targeted two distinct categories of victims: staging and intended targets. In other words, through the Department’s incident response actions, we have observed this advanced persistent threat actor target certain entities that then become pivot points, leveraging existing relationships between the initial victim and the intended targets to hide their activity, as part of a multi-stage intrusion campaign to gain access to networks of major, high-value assets that operate components of our Nation’s critical infrastructure. Based on our analysis and observed indicators of compromise, DHS has confidence that this campaign is still ongoing, and threat actors are actively pursuing their ultimate long-term campaign objectives. DHS and the FBI continue to conduct incident response related to this activity and have published a joint technical alert to enable network defenders to identify and take action to reduce exposure to this malicious activity.

Cybersecurity Priorities

This Administration has prioritized protecting and defending our public and economic safety from the range of threats that exist today, including those emanating from cyberspace. Last year, the President signed Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. This Executive Order set in motion a series of assessments and deliverables to understand how to improve our defenses and lower our risk to cyber threats. This order also emphasized the importance of accountability–clarifying that department and agency heads are responsible and will be held accountable for the security of their networks and systems. NPPD plays an important role in providing capabilities, services, and direction to Federal agencies.

Across the Federal Government, agencies have been implementing action plans to use the industry-standard National Institute of Standards and Technology (NIST) Cybersecurity Framework. Agencies are reporting to DHS and the Office of Management and Budget (OMB) on their cybersecurity risk mitigation and acceptance choices. In coordination with OMB, DHS is evaluating the totality of these Agency reports in order to comprehensively assess the adequacy of the Federal Government’s overall cybersecurity risk management posture.

Although Federal agencies have primary responsibility for their own cybersecurity, DHS provides a common set of security tools that helps agencies manage their cyber risk. NPPD’s assistance to Federal agencies includes (1) providing tools to safeguard civilian executive branch networks through the National Cybersecurity Protection System (NCPS), which includes “EINSTEIN” and Continuous Diagnostics and Mitigation (CDM) programs, (2) measuring and motivating agencies to implement policies, directives, standards, and guidelines, (3) serving as a hub for information sharing and incident reporting, and (4) providing operational and technical assistance, including threat information dissemination and risk and vulnerability assessments, as well as incident response services. NPPD’s National Cybersecurity and Communications Integration Center (NCCIC) is the civilian government’s hub for cybersecurity information sharing, asset incident response, and coordination for both critical infrastructure and the Federal government.

EINSTEIN refers to the Federal Government’s suite of signature-based intrusion detection and prevention capabilities that protects agencies’ unclassified networks at the perimeter of each agency. EINSTEIN provides situational awareness of civilian executive branch network traffic, so threats detected at one agency are shared with all others providing agencies with information and capabilities to more effectively manage their cyber risk. The Federal Government could not achieve such situational awareness through individual agency efforts alone.

Moving forward, leveraging existing investments, our non-signature based pilot efforts to move beyond current reliance on signatures are yielding positive results in the discovery of previously unidentified malicious activity. DHS is demonstrating the ability to capture data that can be rapidly analyzed for anomalous activity using technologies from commercial, government, and open sources. The pilot efforts are also defining the future operational needs for tactics, techniques, and procedures as well as the skill sets and personnel required to operationalize the non-signature based approach to cybersecurity.

State, local, tribal, and territorial governments are able to access intrusion detection and analysis services through the Multi-State Information Sharing and Analysis Center (MS-ISAC). MS-ISAC’s service, called “Albert,” closely resembles some EINSTEIN capabilities. While the current version of Albert cannot actively block known cyber threats, it does alert cybersecurity officials to an issue for further investigation. DHS worked closely with MS-ISAC to develop the program and considers MS-ISAC to be a principal conduit for sharing cybersecurity information with state and local governments.

EINSTEIN, the Federal Government’s tool to address perimeter security, will not block every threat; therefore, it must be complemented with systems and tools working inside agency networks—as effective cybersecurity risk management requires a defense-in-depth strategy that cannot be achieved through only one type of tool. CDM program provides cybersecurity tools and integration services to all participating agencies to enable them to improve their respective security postures by reducing the attack surface of their networks as well as providing DHS with enterprise-wide visibility through a common federal dashboard.

CDM is helping us achieve two major advances for federal cybersecurity. First, agencies are gaining visibility, often for the first time, into the extent of cybersecurity risks across their entire network. With enhanced visibility, they can prioritize the mitigation of identified issues based upon their relative importance. Second, with the summary-level agency-to-federal dashboard feeds, the NCCIC will be able to identify systemic risks across the civilian executive branch more effectively and closer to real-time. For example, the NCCIC currently tracks government-wide progress in implementing critical patches via agency self-reporting and manual data calls. CDM will transform this, enabling the NCCIC to immediately view the prevalence of a given software product or vulnerability across the federal government so that the NCCIC can provide agencies with timely guidance on their risk exposure and recommended mitigation steps. Effective cybersecurity requires a robust measurement regime, and robust measurement requires valid and timely data. CDM will provide this baseline of cybersecurity risk data to drive improvement across the civilian executive branch.

DHS conducts a number of activities to measure agencies’ cybersecurity practices and works with agencies to improve risk management practices. The Federal Information Security Modernization Act of 2014 (FISMA) provided the Secretary of Homeland Security with the authority to develop and oversee implementation of Binding Operational Directives (BOD) to agencies. In 2016, the Secretary issued a BOD on securing High Value Assets, or those assets, federal information systems, information, and data for which unauthorized access, use, disclosure, disruption, modification, or destruction could cause a significant impact to U.S. national security interests, foreign relations, the economy, or to the public confidence, civil liberties, or public health and safety of the American people. NPPD works with interagency partners to prioritize High Value Assets for assessment and remediation activities across the federal government. For instance, NPPD conducts security architecture reviews on these High Value Assets to help agencies assess their network architecture and configurations.

As part of the effort to secure High Value Assets, DHS conducts in-depth vulnerability assessments of prioritized agency assets to determine how an adversary could penetrate a system, move around an agency’s network to access sensitive data, and exfiltrate such data without being detected. These assessments include services such as penetration testing, wireless security analysis, and “phishing” evaluations in which DHS hackers send emails to agency personnel and test whether recipients click on potentially malicious links. DHS has focused these assessments on federal systems that may be of particular interest to adversaries or support uniquely significant data or services. These assessments provide system owners with recommendations to address identified vulnerabilities. DHS provides these same assessments, on a voluntary basis upon request, to private sector and State, local, Territorial, and Tribal partners. DHS also works with the General Services Administration to ensure that contractors can provide assessments that align with our HVA initiative to agencies.

Another BOD issued by the Secretary directs civilian agencies to promptly patch known vulnerabilities on their Internet-facing systems that are most at risk from their exposure. The NCCIC conducts cyber hygiene scans to identify vulnerabilities in agencies’ internet-accessible devices and provides mitigation recommendations. Agencies have responded quickly in implementing the Secretary’s BOD and have sustained this progress. When the Secretary issued this directive, NPPD identified more than 360 “stale” critical vulnerabilities across federal civilian agencies, which means the vulnerabilities had been known for at least 30 days and remained unpatched. Since December 2015, NPPD has identified an average of less than 40 critical vulnerabilities at any given time, and agencies have addressed those vulnerabilities rapidly once they were identified. By conducting vulnerability assessments and security architecture reviews, NPPD is helping agencies find and fix vulnerabilities and secure their networks before an incident occurs.

In addition to efforts to protect government networks, Executive Order 13800 continues to examine how the government and industry work together to protect our nation’s critical infrastructure, prioritizing deeper, more collaborative public-private partnerships in threat assessment, detection, protection, and mitigation. In collaboration with civilian, defense, and intelligence agencies, we are identifying authorities and capabilities that agencies could employ, soliciting input from the private sector, and developing recommendations to support the cybersecurity efforts of those critical infrastructure entities at greatest risk of attacks that could result in catastrophic impacts. DHS coordinates closely with the Sector Specific Agencies across all 16 critical infrastructure sectors by leveraging their sector expertise to improve cybersecurity resiliency and risk management.

For instance, by sharing information quickly and widely, we help all partners block cyber threats before damaging incidents occur. Equally important, the information we receive from partners helps us identify emerging risks and develop effective protective measures.

Congress authorized the NCCIC as the civilian hub for sharing cyber threat indicators and defensive measures with and among federal and non-federal entities, including the private sector. As required by the Cybersecurity Act of 2015, we established a capability, known as Automated Indicator Sharing (AIS), to automate our sharing of cyber threat indicators in real-time. AIS protects the privacy and civil liberties of individuals by narrowly tailoring the information shared to that which is necessary to characterize identified cyber threats, consistent with longstanding DHS policy and the requirements of the Act. AIS is a part of the Department’s effort to create an environment in which as soon as a company or federal agency observes an attempted compromise, the indicator is shared in real time with all of our partners, enabling them to protect themselves from that particular threat. This real-time sharing capability can limit the scalability of many attack techniques, thereby increasing the costs for adversaries and reducing the impact of malicious cyber activity. An ecosystem built around automated sharing and network defense-in-depth should enable organizations to detect and thwart the most common cyber-attacks, freeing their cybersecurity staff to concentrate on the novel and sophisticated attacks. More than 129 agencies and private sector partners have connected to the AIS capability. Notably, partners such as information sharing and analysis organizations and computer emergency response teams further share with or protect their customers and stakeholders, significantly expanding the impact of this capability. AIS is still a new capability and we expect the volume of threat indicators shared through this system to substantially increase as the technical standards, software, and hardware supporting the system continue to be refined and put into full production. This information sharing environment will become more robust and effective as more indicators are shared from other federal agencies; State, local, Territorial, and Tribal governments; and the private sector.

Another part of the Department’s overall information sharing effort is to provide federal network defenders with the necessary context regarding cyber threats to prioritize their efforts and inform their decision making. DHS’s Office of Intelligence and Analysis has collocated analysts within the NCCIC responsible for continuously assessing the specific threats to federal networks using traditional all source methods and indicators of malicious activity so that the NCCIC can share with federal network defenders. Analysts and personnel from the Departments of Energy, the Treasury, Health and Human Services, and Defense join the FBI and others who are also collocated within the NCCIC and working together to understand the threats and share information with their sector stakeholders, pursuant to NPPD policies that provide appropriate privacy, civil liberties and confidentiality protections.

Mitigating Cyber Risks

We continue to adapt to the evolving risks to critical infrastructure, and prioritize our services to mitigate those risks. For instance, the Department recently took action regarding specific products which present a risk to federal information systems.

After careful consideration of available information and consultation with interagency partners, BOD 17-01 was issued that directed Federal Executive Branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities. The BOD called on departments and agencies to identify any use or presence of Kaspersky products on their information systems in the next 30 days, to develop detailed plans to remove and discontinue present and future use of the products within 60 days, and at 90 days from the date of the directive, unless directed otherwise by DHS based on new information, to begin to implement the agency plans to discontinue use and remove the products from federal information systems. This action is based on the information security risks presented by the use of Kaspersky products on federal IT systems.

The Department provided an opportunity for Kaspersky to submit a written response addressing the Department’s concerns or to mitigate those concerns, and Kaspersky submitted a written response. The Department wanted to ensure that the company had a full opportunity to provide any evidence, materials, or data that may be relevant. This opportunity was also available to any other entity that claimed its commercial interests will be directly impacted by the directive.

While the information and communications technology supply chain is not the source of all cyber risk, it presents an opportunity for creation of threats and vulnerabilities. Commercial technology is ubiquitous in federal networks, even those that handle the most sensitive information and support essential functions of the government. DHS—through its work with the Department of Defense and the intelligence community to identify key supply chain risks—has established a Cyber Supply Chain Risk Management initiative. Due to the increasing connectivity of the world and the growing sophistication of threats, this initiative will identify and mitigate supply chain threats and vulnerabilities related to High Value Assets.

Election Security

NPPD is committed to ensuring a coordinated response from DHS and its federal partners to plan for, prepare for, and mitigate risk to election infrastructure. We understand that working with election infrastructure stakeholders is essential to ensuring a more secure election. Based on our assessment of activity observed in the 2016 elections, NPPD and our stakeholders are increasing awareness of potential vulnerabilities and providing capabilities to enhance the security of U.S. election infrastructure as well as that of our democratic allies.

As mentioned before, under the Constitution and our system of laws, federal elections are administered by state and local election officials in thousands of jurisdictions. Security awareness for election officials did not begin in 2016, State and local election officials across the country have a long-standing history of working both individually and collectively to reduce risks and ensure the integrity of their elections. In partnering with these officials through both new and existing, ongoing engagements, NPPD is working to provide value-added–yet voluntary–services to support their efforts to secure elections.

This year our Nation is in the midst of primary and special elections as well as the general election in November. We have been working with election officials in all states to enhance the security of their elections by offering support and by establishing essential lines of communications at all levels–public and private–for reporting both suspicious cyber activity and incidents. This information sharing is critical and our goal is to enhance transparency and have visibility of aggregated elections-related cybersecurity efforts. We are also working with election officials, vendors, the Election Assistance Commission (EAC), and NIST to characterize risk to election systems and ensure appropriate mitigations are understood and available in the marketplace. As a part of this process, we work with these stakeholders to recommend best practices to ensure a secure and verifiable vote.

Over the course of the last year, DHS has made tremendous strides and has been committed to working collaboratively with those on the front lines of administering our elections—state and local election officials and the vendor community—to secure election infrastructure from risks. The establishment of government and sector coordinating councils will build the foundations for this enduring partnership not only in 2018, but for future elections as well. We will remain transparent as well as agile in combating and securing our physical and cyber infrastructure. However, we recognize that there is a significant technology deficit across State and local governments, and State and local election systems, in particular. It will take significant and continual investment to ensure that systems are upgraded and secure or vulnerable systems are retired.

We recognize the fundamental link between public trust in our election infrastructure and the confidence the American public places in basic democratic functions. Ensuring the security of our electoral process is a vital national interest and one of our highest priorities at DHS. Our voting infrastructure is diverse, subject to local control, and has many checks and balances. As the threat environment evolves, DHS will continue to work with federal agencies, state and local partners, and private sector entities to enhance our understanding of the threat; and to make essential physical and cybersecurity tools and resources available to the public and private sectors to increase security and resiliency.

Conclusion

In the face of increasingly sophisticated threats, NPPD stands on the front lines of the federal government’s efforts to defend our nation’s critical infrastructure from natural disasters, terrorism and adversarial threats, and technological risk such as those caused by cyber threats. Our infrastructure environment today is complex and dynamic with interdependencies that add to the challenge of securing and making it more resilient. Technological advances have introduced the “Internet of Things” and cloud computing, offering increased access and streamlined efficiencies, while increasing our footprint of access points that could be leveraged by adversaries to gain unauthorized access to networks. As our nation continues to evolve and new threats emerge, we must integrate cyber and physical risk in order to understand how to effectively secure it. Expertise around cyber-physical risk and cross-sector critical infrastructure interdependencies is where NPPD brings unique expertise and capabilities.

We must ensure that NPPD is appropriately organized to address cybersecurity threats both now and in the future, and we appreciate this Committee’s leadership in working to establish the Cybersecurity and Infrastructure Security Agency. As the Committee considers these issues, we are committed to working with Congress to ensure that this effort is done in a way that cultivates a safer, more secure and resilient Homeland.

Thank you for the opportunity to testify, and we look forward to any questions you may have.

Topics: 
04/23/2018   Department of Homeland Security
Release Date: 
April 23, 2018

On April 23, Secretary of Homeland Security Kirstjen M. Nielsen joined her foreign counterparts in Toronto, Canada for the G7 Security Ministerial. While in Toronto, Secretary Nielsen met with allies from Canada, France, Germany, Italy, Japan, and the United Kingdom as well as representatives from the European Union to discuss joint efforts to combat terrorism, bolster democratic institutions against outside interference, and hold Russia accountable.

Specifically, the group discussed efforts to identify and disrupt terrorist travel, as well as the importance of information sharing to protect our people from emerging threats. The G7 participants also outlined their strong opposition to foreign efforts to undermine democracy and discussed Russian malign activity overseas, online, and within G7 nations. Secretary Nielsen pressed G7 nations to continue calling out foreign adversaries for misbehavior—especially in cyberspace—and to deliver consequences to deter it.

Additionally, Secretary Nielsen held bilateral meetings with her counterparts from the EU, France, and Canada.

Later this evening, the group will meet regarding efforts to combat human trafficking worldwide.

Secretary Nielsen shaking hands

(DHS Official Photo/Stephanie Lake)

Secretary Nielsen with G7 Allies

(DHS Official Photo/Stephanie Lake)

# # #

Keywords: 
04/23/2018   Forbes Security
Uppersafe is an internet privacy company protecting its customers from hackers who hack into your home’s video security system and then post those as live streams on the internet for all to see. To build awareness for this problem Uppersafe chose to stage a stunt, one inspired by dark altruism.
04/23/2018   Department of Homeland Security
Release Date: 
April 23, 2018

WASHINGTON -- Today, Secretary of Homeland Security Kirstjen M. Nielsen released the following statement on the Central American 'Caravan':

“DHS continues to monitor the remnants of the ‘caravan’ of individuals headed to our Southern border with the apparent intention of entering the United States illegally. A sovereign nation that cannot – or worse, chooses not – to defend its borders will soon cease to be a sovereign nation. The Trump Administration is committed to enforcing our immigration laws – whether persons are part of this ‘caravan’ or not.

“If members of the ‘caravan’ enter the country illegally, they will be referred for prosecution for illegal entry in accordance with existing law. For those seeking asylum, all individuals may be detained while their claims are adjudicated efficiently and expeditiously, and those found not to have a claim will be promptly removed from the United States.

“DHS, in partnership with DOJ, is taking a number of steps to ensure that all cases and claims are adjudicated promptly – including sending additional USCIS asylum officers, ICE attorneys, DOJ Immigration Judges, and DOJ prosecutors to the Southern border.

“Again, if you enter the United States illegally, let me be clear: you have broken the law. And we will enforce the law through prosecution of illegal border crossers.

“DHS encourages persons with asylum or other similar claims to seek protections in the first safe country they enter, including Mexico. While we are committed to doing everything we can on the border to secure our nation, we need Congress to do their job as well.  I join the President in asking Congressional leadership to work with the Administration to pass legislation to close the legal loopholes that prevent us from securing our borders and protecting Americans. I stand ready to work with any member who in good faith seeks to support DHS’s mission and secure our country.”

# # #

Topics: 
04/23/2018   Forbes Security
Gmail does a very good job of keeping spam out of your inbox. This weekend someone figured out a sneaky way to avoid Google's filters.
04/23/2018   Forbes Security
'Orangeworm' hackers worm their way onto computers controlling X-Ray and MRI machines. Though they haven't done anything destructive so far, researchers warn they could.
04/23/2018   Sophos Security
The hacker exposed half a billion Yahoo accounts on behalf of Russia's FSB
04/23/2018   Sophos Security
Anyone could have drained their users' LinkedIn profile data
04/23/2018   Forbes Security
In our connected and automated society, it's vital that infrastructure leaders recognize the role that digital can play in evolving and protecting the physical world. The digital transformation of infrastructure won’t be easy, but it's necessary to ensure physical security in the years to come.
04/23/2018   Sophos Security
A teen is being charged for downloading 7k records, 250 of which weren't properly redacted. Who's to blame?
04/23/2018   Forbes Security
After a series of fake ads featuring celebrities' names and faces, one British broadcaster is suing the company for defamation.
04/23/2018   Forbes Security
You can still get a VPN, a secure tunnel between at leas two devices, in China despite a March 31 ban on virtual private networks. That's especially true for academics and foreign companies.
04/22/2018   Forbes Security
While artificial intelligence (AI) can help the world’s militaries minimize human loss, there are some AI experts who warn of the damage that can be inflicted if lethal autonomous weapons fall into the hands of a rogue state or terrorist organization.
04/22/2018   Department of Homeland Security
Release Date: 
April 23, 2018

Staten Island, New York

Chairman Donovan, Ranking Member Payne, distinguished members of the Committee, thank you for the opportunity to testify today – along with my colleagues from the Federal Emergency Management Agency and the Federal Bureau of Investigation. The men and women of the Department of Homeland Security’s (DHS) Office of Intelligence and Analysis (I&A) work diligently to produce timely, actionable intelligence and information to help keep the homeland safe, secure, and resilient, and I am proud to speak to you on their behalf.

In my testimony today, I will describe the current threat environment and how I&A shares intelligence with our state and local partners to support their important work of keeping local communities safe. Each year, I&A works with FEMA’s Grant Programs Directorate to support the Department’s annual Homeland Security Grant Programs (HSGP) counterterrorism grant programs to provide threat analysis and data to inform their Homeland counterterrorism risk assessments. I&A reviews shared intelligence reporting produced by the intelligence community (IC) along with state and local threat reporting and other sources to provide FEMA with a relative threat ranking for the top 100 Metropolitan Statistical Areas and states and territories in the Homeland. This threat ranking allows FEMA to ensure limited funds are allocated to the cities with the highest risk and informs the Secretary’s decisions regarding funding allocations. The State Homeland Security Program (SHSP) and Urban Area Security Initiative (UASI), grant programs within HSGP, are important components in supporting state and local efforts to prevent terrorist attacks and other catastrophic events, and helps our state and local partners prepare for and response to significant threats to our nation.

Protecting the Nation in an Evolving Threat Environment

The threats we face from terrorism today are much more diverse than in the time immediately following the September 11th attacks. We face a serious, persistent, and varied terror threat, which will not diminish in the near future.

While we have made it harder for terrorists to execute complex, large-scale attacks, changes in technology have made it easier for our adversaries to plot attacks generally, to radicalize new followers to commit acts of violence, and to recruit beyond our borders. The problem is further compounded by the use of simple, “do-it-yourself” terrorist tactics conveyed via highly sophisticated terrorist marketing campaigns to a global audience.

Similarly, the threat from transnational criminal organizations has and continues to grow. These organizations are highly mobile, maintain sophisticated cross-border networks, and are involved in a wide-range of criminal activities including human smuggling, and the trafficking of drugs and firearms. These criminal organizations will likely continue to employ and improve their intelligence capabilities through a variety of methods including human, technical, and cyber means. These activities all have a significant impact on the safety, security, and health of citizens in our homeland.

The dangers we face as a people are becoming more dispersed with threat networks proliferating across borders. This shifting landscape constantly challenges our security; as such, we must move past traditional defense and non-defense mindsets. For this reason, the Department is overhauling its approach to integrating intelligence with operations --changing how we proactively address threats. Success in proactively addressing threats depends on support between and collaboration with our partners, which is the lifeblood of successful intelligence efforts.

One of the Department’s top priorities to address this evolving threat environment is to more effectively integrate intelligence equities into our operational mission. DHS is utilizing valuable information uncovered by our warfighters, the IC, and law enforcement professionals to adapt quickly to an ever-evolving threat at home and abroad. Driving multi-directional information exchanges with our state, local, tribal, and territorial (SLTT) partners to fill critical information and intelligence gaps is a unique part of I&A’s mission. We are the only member of the IC explicitly charged in statute to share intelligence and threat information with SLTT partners, and are also responsible for developing intelligence from those partners for DHS and the IC. In support of this mission, we work closely with our DHS operational components, including the Countering Weapons of Mass Destruction (CWMD) Office, U.S. Immigration and Customs Enforcement (ICE), and U.S. Customs and Border Protection (CBP); as well as interagency partners, including the Federal Bureau of Investigation and the National Counterterrorism Center to support the integration of SLTT partners into the overall national capability. We also share intelligence that helps front-line operators identify, disrupt, and respond to known and unknown threats. We are committed to continuing our efforts, along with our colleagues in the Intelligence Community, to ensure that our partners have the threat information they need to protect our communities.

I&A deploys intelligence professionals dedicated to providing intelligence and information sharing support to SLTT partners. These professionals in the field are one of our most unique and valuable assets. We deploy them across the country to enable regular, direct engagement with SLTT partners for collaboration, production, and dissemination of timely, actionable intelligence. Their involvement spans the spectrum of activities, from the development of joint intelligence products with SLTT partners, to the collection and reporting of locally generated information that we share with federal partners and the IC. For example, our intelligence professionals covering the New York City (NYC) area work closely with the New York City Police and Fire Departments to provide timely intelligence and access to IC capabilities. At least bi-weekly, our intelligence officer briefs the NYPD on cyber threats and threats specific to New York.

The collaboration I have discussed is enhanced through FEMA’s Homeland Security Grants Program. While only a portion of fusion centers’ budgets are supported through homeland security grants, the HSGP plays a critical role in helping build and sustain fusion centers and our decentralized information sharing capability. In fact, Fusion Center investments from the UASI and SHSP have totaled more than $300 million over the past five years. The HSGP has also been an instrumental tool in helping drive consistency and standardization in the way in which fusion centers operate. For example, the annual HSGP guidance identifies a suite of requirements for fusion centers as a requirement for receiving funding. This criteria-based approach allows DHS to influence the operations of the fusion centers, which are owned and operated by state and local entities. Driving toward common and consistent operation of fusion centers across the country will provide long term, and sustainable benefits, to our collective homeland security efforts.

Conclusion

Chairman Donovan, Ranking Member Payne, distinguished members of the Committee, thank you again for your continued oversight, support, and the opportunity to testify today. In collaboration with our state and local partners, we will continue to adapt to meet the current threat environment and prepare for the future. I look forward to your questions.

04/22/2018   Department of Homeland Security
Release Date: 
April 23, 2018

Staten Island, New York

Good morning, Chairman Donovan, Ranking Member Payne, and Members of the Subcommittee. I am Thomas DiNanno, and I serve as the Assistant Administrator for Grant Programs at the Department of Homeland Security’s (DHS) Federal Emergency Management Agency (FEMA). On behalf of Secretary Nielsen and Administrator Long, thank you for the opportunity to discuss the critical role of the Department’s homeland security grant programs in assisting the Nation, particularly the Nation’s high-risk urban areas, in preventing, preparing for and responding to terrorist attacks.

Over the past 10 years, the American people have been called upon to respond to and recover from a number of devastating, if not catastrophic, natural disasters and terrorist attacks: Hurricane Sandy in 2012, which affected much of New Jersey, New York City, and Staten Island; the 2013 Boston Marathon Bombing; the 2015 shooting in San Bernardino, California; and the 2016 pipe bomb attacks in New York City’s Chelsea neighborhood and Seaside Park, New Jersey.

More recently, Americans have endured the natural devastation of Hurricanes Harvey, Irma, and Maria, and manmade acts of violence, including the October 2017 Las Vegas shooting; this year’s recent school shootings in Parkland, Florida and St. Mary’s County, Maryland; the October 2017 truck attack in New York City’s Hudson River Greenway; and the December 2017 detonation of a pipe bomb in New York’s Port Authority Bus Terminal. Out of deference and respect, we must also acknowledge that we are only a few miles from the site of the September 11, 2001 attacks on the World Trade Center.

Last December, the President released his “National Security Strategy,” which provides a road map to better protect the homeland, including guidance on responding to the needs of the American people in the event of a natural disaster or terrorist attack. The Strategy aims to build a national culture of preparedness and resilience in conjunction with state, local, tribal, and territorial partners and jurisdictions to enable them to prepare and respond to whatever hazards they may encounter. Fostering preparedness and building resilience is also at the heart of FEMA’s 2018-2022 Strategic Plan.

During any type of incident, state and local first responders play critical roles in keeping our communities safe. In the face of various hazards and threats, FEMA is committed to ensuring that our communities have the resources needed to prevent, prepare for, mitigate, and respond to a wide range of incidents.

Since its inception, DHS, through the Preparedness Grant Programs, has provided funding to state, local, tribal, and territorial governments, as well as transportation authorities, nonprofit organizations, and the private sector, to improve the Nation’s readiness in preventing, protecting against, and responding to terrorist attacks. These grant funds address the Nation’s immediate security needs, enhance public safety, and protect lives and property.

Homeland Security Preparedness Grant Programs

Since 2002, DHS has provided more than $50 billion in preparedness grant funding to state, local, tribal, and territorial governments, non-profits, and other community organizations. In Fiscal Year (FY) 2017 alone DHS distributed over $1.6 billion in preparedness grant funds—with more than $1 billion in funding provided under the Homeland Security Grant Program (HSGP), which includes the State Homeland Security Program (SHSP), the Urban Area Security Initiative (UASI), and Operation Stonegarden (OPSG).

In addition to the HSGP, other FEMA preparedness grant programs, including the Transit Security Grant Program (TSGP), the Port Security Grant Program (PSGP), Intercity Passenger Rail (Amtrak) Program, and the Intercity Bus Security Grant Program (IBSGP) support efforts to protect the traveling public, secure critical infrastructure and key resources and enhance the security of transportation routes, transit systems, and port facilities.

Together, these programs support the development, sustainment, and delivery of core capabilities essential to achieving the National Preparedness Goal of a secure and resilient Nation.

Among these preparedness grant programs, several have provided significant assistance to high-risk urban areas. These include:

  • The Homeland Security Grant Program (HSGP), which includes both the State Homeland Security Program (SHSP) and the Urban Area Security Initiative (UASI). Since FY 2002, the SHSP has provided over $11.2 billion to the various states and territories to build and enhance preparedness and response capabilities. Similarly, since FY 2002, UASI has provided more than $9.4 billion to designated high risk urban areas.
  • The Transit Security Grant Program (TSGP) which, since FY 2002, has provided over $2.1 billion to the Nation’s largest urban mass transit systems to enhance the security of these systems and better protect the traveling public.
  • The Port Security Grant Program (PSGP) which, since FY 2002, has provided more than $2.6 billion to enhance the security of the Nation’s major ports and maritime trading and commercial centers.
  • The Nonprofit Security Grant Program (NSGP) which, since FY 2007 (the first year in which the program was funded), has provided over $182 million to individual nonprofit organizations located in designated urban areas and determined to be at particular risk of terrorist attack. This funding is used to enhance the security of their facilities and their members.

Urban Area Security Initiative (UASI)

Although the Nation’s high-risk urban areas may benefit from a number of the preparedness grant programs, the principal preparedness grant program supporting high-risk urban areas is the Urban Area Security Initiative (UASI). Under UASI, funds are provided to address the unique planning, organization, equipment, training, and exercise needs of high-threat, high-density urban areas. UASI funds assist in building an enhanced and sustainable capacity to prevent, protect against, mitigate, respond to, and recover from acts of terrorism. In FY 2017, $580 million in UASI funds were allocated to the 33 metropolitan statistical areas (MSAs) identified as high-threat, high-density urban areas.

As mandated by the Homeland Security Act of 2002, as amended, and to ensure limited UASI funds are allocated to the cities with the highest risk, the Department conducts yearly risk assessments of the Nations’ 100 most populous MSAs. These risk assessments are based on three major factors: the relative threat, vulnerability, and consequences from acts of terrorism faced by each MSA. Threat scores are derived from intelligence data compiled by the DHS Office of Intelligence and Analysis. Vulnerability scores take into consideration information regarding targeted infrastructure that terrorists are deemed more likely to attack, as well as border crossings by air, land, and sea. Finally, consequence scores consider an MSA’s population, economic, national infrastructure, and national security indices. The results of these risk assessments, including the scores and relative ranking, inform UASI eligibility and the Secretary’s funding allocation decisions.

Over the past year, the Department has conducted a comprehensive review of this risk assessment process to ensure it is keeping pace with evolving threats. Of note, the Intelligence Community has highlighted the interest and intent of terrorists, including Homegrown Violent Extremists (HVEs), to strike soft targets, including public events, mass gatherings and other locations where large crowds congregate. The intelligence community assesses that the threat is more dispersed and not necessarily limited to large urban areas. To address the current threat to soft targets, including crowded places and large public gatherings, FEMA has worked with the Department’s Office of Operations Coordination to better incorporate Special Events Assessment Rating (SEAR) data, which is processed to attribute events to each participating state, territory, and MSA, into the vulnerability component of the methodology. The modifications to the FY 2018 risk assessment methodology are driven by the emerging threat environment, as identified by the intelligence community, and from extensive stakeholder feedback, to ensure that the resulting risk scores most accurately reflect a state or urban area’s relative risk.

Today, we are situated in the midst of two of the Nation’s major UASIs. New York City, along with Westchester, Nassau, and Suffolk Counties in New York, comprise the New York City Urban Area. Newark and Jersey City, along with Bergen, Essex, Hudson, Middlesex, Morris, Passaic and Union Counties in New Jersey, comprise the Newark – Jersey City Urban Area. Since FY 2002, the New York City Urban Area has received over $2.3 billion in UASI funds. And, since FY 2002, the Newark – Jersey City Urban Area has received over $404 million in UASI funds.

Both of these urban areas have used these funds to secure and protect their citizens, as well as critical assets and resources. Using UASI funds, the Newark – Jersey City urban area has undertaken the Newark –Jersey City Business District Infrastructure Protection Initiative. This initiative is securing critical areas of Newark’s and Jersey City’s business and downtown districts through increased monitoring and surveillance, enhanced lighting and security fencing at critical sites, and bollards to regulate traffic and protect structures. Similarly, the New York City urban area has used UASI funds to initiate a Domain Awareness System, which utilizes a variety of means, including physical barriers and enhanced surveillance, to better secure key areas of Manhattan, including the financial district, Times Square, Grand Central Station and Penn Station.

The Newark – Jersey City urban area has also used UASI funds to secure and protect the region’s drinking water and water treatment facilities. In 2016, the Newark –Jersey City urban area embarked on and completed a project to harden 13 water treatment and 12 wastewater treatment facilities located within the UASI region against attack. Many of these facilities lacked basic physical protective equipment and were therefore vulnerable. Utilizing UASI funds, all 25 sites have received funding to harden their facilities, including fencing, video assessment systems, and access card systems.

Further, New York City deployed numerous UASI-funded assets in response to the October 31, 2017, terrorist attack in Manhattan’s Hudson River Greenway, including a Bell 429 helicopter utilized by the New York Police Department’s Special Operations Division to provide aerial video surveillance. This asset enabled real-time assessments that assisted command and control coordination. Other UASI-funded assets deployed in the Hudson River Greenway response included cameras, sensor equipment, mapping systems, and aviation life support equipment worn by responding aircrews.

During the December 11, 2017, pipe bomb attack at New York’s Port Authority Bus Terminal, preparedness grant funds contributed to the successful response and apprehension of the suspected bomber. The Port Authority Police Department’s counterterrorism teams, as well as members of the New York National Guard’s Task Force Empire Shield apprehended the suspect and quickly controlled the situation. Both units, as well as their patrol activities, were supported with UASI funds, as well as funds from the SHSP.

Transit Security Grant Program (TSGP)

High-risk urban areas also benefit from funding allocated to mass transit systems under the Transit Security Grant Program (TSGP). Under the TSGP, funds are used to enhance the physical security of transit systems as well as provide “on the ground” law enforcement patrols. TSGP funds are awarded on a competitive basis directly to the Nation’s highest risk transit systems.

In FY 2017, the TSGP provided $88 million to 26 urban transit systems. This included over $16 million to New Jersey Transit, $2.3 million to the Port Authority of New York and New Jersey, and $20.9 million to New York’s Metropolitan Transportation Authority.

In the New York and New Jersey urban areas, TSGP funds have been well used. Using $2 million of FY 2014 TSGP funds, the Port Authority of New York and New Jersey upgraded security at New York’s Port Authority Bus Terminal by installing 35 surveillance cameras. This camera installation was the second phase of a larger, multi-year TSGP funded project that enhanced the terminal’s security by, among other things, upgrading the Port Authority Bus Terminal’s Operations Center with enhanced video monitoring systems and state of the art video management systems.

Using $1.8 million in FY 2013 TSGP funds, the New Jersey Transit Corporation established and continued directed law enforcement patrols, including canine units, throughout the system. TSGP funding enabled New Jersey Transit to continue proactive efforts in advancing its terrorism prevention and detection programs, which are critical to the protection of the mass transit systems serving the New York/New Jersey metropolitan region.

Also providing critical support to the New York and New Jersey urban areas is the Port Security Grant Program (PSGP). The Port of New York – New Jersey is the largest port on the east coast of the United States and receives 12 percent of the international goods arriving into the United States, which equates to 85 million metric tons of general cargo that ultimately reaches an estimated 35 percent of the American population. The Port of New York – New Jersey consists of 240 miles of shipping channels as well as numerous anchorages and port facilities. Maintaining the security of the Port of New York – New Jersey is an essential part of maintaining the overall security of the New York – New Jersey urban area.

In FY 2017, the New York – New Jersey port area received over $20 million in PSGP funding. From FY 2010 through FY 2017, over $145 million in PSGP funds have supported security enhancements throughout the port area. These security enhancements have included increased surveillance systems, installation of security barriers such as fencing and traffic and entry control devices, and specialized training in security awareness and specialized response, including response to incidents involving improvised explosive devices and suicide bombers. In FY 2017, the New York City Police Department utilized PSGP funds to establish a Unified Command Center to serve port facilities and deployed six specialized Radiation Detection Launches for port patrols.

Nonprofit Security Grant Program

A smaller, but nonetheless significant program for its recipients, is the Nonprofit Security Grant Program (NSGP). The NSGP competitively awards grant funding to assist nonprofit organizations that are considered to be at high risk of terrorist attack and located within one of the specific UASI-designated urban areas. NSGP provides up to $75,000 to nonprofit organizations for training and physical security enhancements, including fencing, surveillance systems, security systems, and lighting. It is also designed to promote coordination and collaboration in emergency preparedness activities among public and private community representatives, as well as state and local government agencies.

From FY 2007 through FY 2017, over $182 million in NSGP funds was awarded to 2,591 nonprofit organizations across the Nation. Over that same period, more than $20 million has been awarded under the NSGP to 291 nonprofit organizations within the Newark – Jersey City urban area. Similarly, from FY 2007 through FY 2017, over $45 million has been awarded under the NSGP to nonprofit organizations within the New York City urban area.

A prime example of NSGP funding put to use locally is the FY 2017 grant awarded to the Beth Rachel School for Girls, located in Brooklyn, New York. The Beth Rachel School is a day school with an enrollment of nearly 1,000 students. NSGP funds enabled the school to improve its overall security by enhancing its surveillance system with upgraded closed circuit television capabilities, and new motion sensors, facial recognition software, and automatic alarms. The School also utilized NSGP funds to replace windows with shatter resistant glass and reinforced frames.

Also in FY 2017, NSGP funded security enhancements at Beth Medrash Govaha in Lakewood Township, New Jersey. Unfortunately, Lakewood Township was the site of several acts of anti-Semitic vandalism in 2017, including the defacing of a holocaust memorial. With an enrollment of over 6,000, Beth Medrash Govaha is one of the Nation’s largest Yeshivas. The installation of a NSGP-funded surveillance system not only enhanced the facility’s overall security, but led to the identification of an intruder who was observed committing an act of vandalism.

Law Enforcement and Terrorism Prevention and Support for Fusion Centers

Per Section 2006 of the Homeland Security Act, FEMA ensures that at least 25 percent of grant funding appropriated for State Homeland Security Programs and UASI is used for law enforcement terrorism prevention activities, including support for state and local fusion centers.

Fusion centers, a critical component of our Nation’s homeland security and counterterrorism architecture, provides grassroots intelligence and analytic capabilities within the state and local environment. Fusion center investments represent approximately seven percent of the total annual funding made available under UASI and SHSP. Fusion center funding is reported by the states, and based on recent reporting over $60 million dollars in UASI and SHSP funds were dedicated to fusion center support nationwide in FY 2016. For the FYs 2012 through 2016, this total amounts to more than $309 million.

Under both the SHSP and the UASI, states and urban areas are required to invest preparedness grant dollars into activities supporting their designated fusion centers. States and urban areas must submit a consolidated investment justification describing the performance areas the funding is intended to support based on the Fusion Center Assessment administered annually by the Department’s Office of Intelligence and Analysis (I&A). Each proposed project included in the fusion center investment justification must align to, and reference, specific performance areas of the Assessment that the funding is intended to support. In working with states and urban areas on fusion center support, FEMA maintains a collaborative relationship with I&A. I&A is the government’s executive agent for coordinating engagement with and support to fusion centers and serves as the subject-matter experts on fusion center-related priorities and activities. In turn, FEMA administers and manages preparedness grant programs that make funding available to state and local authorities to increase and sustain the operational capabilities and performance of their designated fusion centers.

Strategic Priorities

The most important lesson from the challenging disasters of 2017 is that that the most successful system is federally supported, state managed, and locally executed. Particularly over the past year, grantees have tested many practices, programs, and ideas that are more appropriately implemented at the state and local level. These experiences have informed FEMA’s 2018-2022 Strategic Plan, which seeks to: 1) Build a Culture of Preparedness; 2) Ready the Nation for Catastrophic Disasters; and 3) Reduce the Complexity of FEMA.

Each of these goals represents a major undertaking, and FEMA will not be able to accomplish them without the help of the entire community. While FEMA plays an essential role in achieving this vision of a prepared and resilient Nation, meaningful improvements will occur only when we work in concert across federal departments and agencies, as well as with leaders from state, local, tribal, and territorial governments, non-governmental organizations, and the private sector.

Build a Culture of Preparedness

Resilience is the backbone of emergency management, and the most successful way to achieve disaster resiliency is through preparedness. Building a “Culture of Preparedness” within our communities and our governments will support a national effort to be ready for the worst disasters – at the individual, family, community, state, local, tribal, territorial, and Federal levels.

Everyone should be prepared when disaster strikes. To be prepared, however, we must all understand our local and community risks, reflect the diversity of those we serve, and foster partnerships that allow us to connect with a diverse Nation. People who are prepared will be able to act quickly and decisively in the face of disasters, thereby preventing death and injuries, minimizing loss of property, and allowing for a more rapid and efficient recovery.

Ready the Nation for Catastrophic Disasters

Catastrophic disasters, including low- and no-notice incidents, can overwhelm government at all levels and threaten national security. They are life-altering incidents for those affected, causing a number of fatalities and widespread destruction. Catastrophic disasters, whether natural or manmade, disrupt lives and hurt our communities, both economically and socially. Readiness is critical for FEMA and our partners to ensure that the response and recovery missions are appropriately executed and successful.

This goal builds on preparedness and focuses us on enhancing our collective readiness, which is dependent on emergency managers who execute the mission on behalf of Federal and state, local, tribal, and territorial governments. This requires a scalable and capable national incident workforce that can adapt to a changing risk landscape, integrate with our partners at all levels, and communicate and coordinate effectively in every situation.

Reduce the Complexity of FEMA

FEMA must be a modern agency that can adapt to public and governmental priorities, while creating and using innovative solutions for the emergency management mission. A simplified FEMA streamlines survivor experiences, simplifies processes and policies for disaster staff, and improves stewardship of federal taxpayer dollars.

Connecting with a wide array of experts and stakeholders including academia, religious leaders, and representatives of all types of whole community partners is key to this effort. FEMA will focus on identifying ways to weave preparedness into people’s everyday lives, connecting with individuals at places they frequent, and incentivizing positive behavior change using tools like grants, training, and exercises. Furthermore, the Agency will continue to encourage programs that train and empower responders. FEMA will continue to work with its Federal, state, local, tribal, territorial and other community partners, as well as with Congress, in furtherance of these goals.

Conclusion

Mr. Chairman, Ranking Member Payne, Members of the Subcommittee, thank you again for this opportunity to discuss the assistance provided through the preparedness grant programs, especially assistance that supports the Nation’s high risk urban areas. It is the local responders who are first on the scene that are the most critical partners in preparing for and responding to attacks. FEMA is honored to support first responders through the implementation of these programs, and I am happy to respond to any questions you may have.

04/22/2018   Forbes Security
On Wednesday, a team of seasoned computer scientists was hacking into the computers of teams made of high school students. For three and a half hours five teenagers had to cleanse and protect eight computers plagued by weak passwords, firewall with open ports and routers with default settings on.
04/20/2018   Forbes Security
Following the data breach involving Cambridge Analytica that embroiled Facebook and brought the social media giant CEO’s Mark Zuckerberg to testify on Capitol Hill, are Decentralized Autonomous Organizations (DAOs), run according to rules established through blockchain smart contracts, the future?
04/20/2018   Trend Micro Security

It was a crazy week at this year’s RSA Conference in San Francisco. I always try to get a quick view of the floor to see companies old and new exhibit their wares. Unfortunately, work never sleeps when you attend a conference, and the shortage of seating at this year’s event left many, including myself,...

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 16, 2018 appeared first on .

04/20/2018   Trend Micro Security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, we’re following Ikea’s job marketplace, TaskRabbit, which may have suffered a data breach. Also, the U.S and U.K warn against Russian cyber attacks for individual homes and...

The post This Week in Security News: Warnings and WannaCry appeared first on .

04/20/2018   Department of Homeland Security
Release Date: 
April 20, 2018

WASHINGTON— Secretary of Homeland Security Kirstjen M. Nielsen will travel to Toronto, Canada to participate in the G7 Security Ministerial on Monday, April 23 and Tuesday, April 24. There, Secretary Nielsen will meet with her foreign counterparts to discuss joint efforts to combat terrorism, human trafficking, and cybersecurity threats. Secretary Nielsen will discuss the threats currently facing the United States and G7 partners and how a global approach is necessary to adequately address them.

 

# # #

04/20/2018   InfoWorld Security
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.
04/18/2018   Trend Micro Security

NSS Labs, Inc. has just released the 2018 edition of their Advanced Endpoint Protection testing, and Trend Micro’s endpoint solutions have performed very well, resulting in a “recommended” rating. We had strong performance on “security effectiveness,” meaning that we detected and blocked threats effectively. We also had a low total cost of ownership relative to...

The post Endpoint Security Testing Matters: New NSS AEP Test Results appeared first on .

04/18/2018   Trend Micro Security

Employees are at the center of dealing with the General Data Protection Regulation (GDPR), which is the new European regulation that aims to strengthen and standardize the data pricy rights of European citizens. As we’ve discussed throughout this blog series, the GDPR impacts many organizations processing customer data from outside of the EU, but these...

The post The Human (Resource) Role in the Journey to GDPR Compliance appeared first on .

04/17/2018   InfoWorld Security
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.
04/17/2018   Trend Micro Security
In an age when data breaches are occurring increasingly frequently, it’s critical that chief information security officers and other IT admins don’t disregard the risk employees’ at-home activities can pose to their business security posture.

In an age when data breaches are occurring increasingly frequently, it’s critical that chief information security officers and other IT admins don’t disregard the risk employees’ at-home activities can pose to their business security posture.

The post The connected workforce: The importance of protecting home and corporate networks appeared first on .

04/17/2018   Trend Micro Security

At Trend Micro we’re committed to making the world a safer place in which to exchange digital information. In fact, we’ve been protecting our customers from the ever-evolving threat landscape for nearly 30 years. But we know we can and must do more as an industry to combat the challenges we face today. That’s why...

The post The Cybersecurity Tech Accord: Time to Come Together to Combat Digital Threats appeared first on .

04/13/2018   InfoWorld Security

Enterprises have enough to worry about with the data breaches that seem to occur each week, but now you're learning that social networking systems are gathering and using all sorts of data about everyone. Not only information about you, your friends, and your family, but your peers and employees. Some of that information was not knowingly provided to them. Now the CLOUD Act (the Clarifying Lawful Overseas Use of Data Act) has become law to let law enforcement gather your corporate data from servers overseas.

To read this article in full, please click here

04/13/2018   Trend Micro Malware Top 10
Low
03/27/2018   InfoWorld Security

Internet of things (IoT)-based attacks are now a part of corporate life. A recent Gartner survey found that nearly 20 percent of organizations observed at least one IoT-based attack in the past three years.

“But wait,” you might say, “we’ll just do better at locking things up, right?” Wrong.

To protect against those threats, Gartner forecasts that worldwide spending on IoT security will reach $1.5 billion in 2018, a 28 percent increase from 2017 spending of $1.2 billion. But that is not going to be enough considering the number of IoT-enabled devices in use—and will be in use—and their ability to make attached cloud systems much less secure as well.

To read this article in full, please click here

03/26/2018   InfoWorld Security

For the foreseeable future, developers are going to have to get used to coding for slower hardware. Leaving aside the headline slowdowns seen by some systems with Meltdown patches applied, the longer-lasting problem is Spectre. As its prescient namers realized, this flaw will haunt the IT world for years to come.

To read this article in full, please click here

(Insider Story)