Cyber Security in Delaware
 

CYBER SECURITY NEWS

hero image

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

11/19/2019

An advertisement posted on the cybercrime store Joker's Stash is for a new batch of ~4 million credit/debit cards stolen from four different restaurant chains across the midwest and eastern United States.

Louisiana Government Recovering From Ransomware Attack

11/19/2019

Governor Describes 'Aggressive' Incident Response Efforts.

Interested in protecting your data from ransomware? Following these cyber hygiene approaches could prevent disaster:

  1. Install the latest software and app updates on your devices.
  2. Install anti-virus software on your devices and configure it to automatically update.
  3. Have long, strong passphrases and don't use the same passphrase for everything.
  4. Don't open attachments in unsolicited emails, even if they come from people in your contact list.
  5. Never click on a URL contained in an unsolicited email, even if you think it looks safe. Instead, close out the e-mail and go to the organization's website directly.
  6. Backup your important data offline.

For more information on Ransomware and what to do if you are a victim, visit Digiknow Ransomware.

The Language of Cybercrime

11/18/2019

Romance scam victims are people who have been grifted by fake love interests, usually people they meet online. At first they're asked for loans, but later they can find themselves pressured to help the cybercrime network launder its money. Romance scams are lucrative. The FBI says Americans reported losing $362 million to romance and confidence scams last year, a big jump over the $211 million reported the year before.

Cybercrime Booms As Scammers Hack Human Nature To Steal Billions

11/18/2019

By now, cybercrime is a routine danger. But as ordinary as it seems, it's still really bad for businesses. A company can lose thousands, even millions to a single deceptive email to an employee. And as NPR's Martin Kaste reports, business has never been better for the scammers.

BlueKeep Attacks Arrive, Bearing Cryptomining Malware

11/04/2019

The cybersecurity community had been holding its breath in anticipation of mass attacks targeting the severe BlueKeep vulnerability in Windows, which Microsoft has patched. The first in-the-wild exploits have now arrived, although experts say they don't constitute an emergency - at least yet.

Interested in avoiding malware? Follow these cyber hygiene approaches:

  1. Be vigilant for phishing. Spam and Phishing are the primary vectors by which malware infects computers.
  2. Keep all systems patched and up to date.
  3. Backup your files and store them in an encrypted state

17 iPhone apps have been removed from the Apple App Store for delivering malware

10/25/2019

Uncovered by researchers at security company Wandera, the 17 applications cover a range of categories including productivity, platform utilities, and travel. All 17 were found to be communicating with the same command-and-control server, which uses strong encryption in an effort to hide investigation into the malicious activity.

Interested in avoiding malicious apps? Following these cyber hygiene approaches could prevent disaster:

  1. Only download apps from trusted sources.
  2. Research an app before downloading it.
  3. Start with looking at the app reviews. Look for bad reviews that are consistently referenced by other users.
  4. Be mindful that some developers pay for fake reviews.
  5. Don't be fooled by apps with similar names.
  6. Look for apps with a large number of downloads and positive reviews.
  7. If you do download an app, be sure to limit the personal information given to the app.

For more information on Ransomware and what to do if you are a victim, visit Digiknow Ransomware.

Johannesburg Struggles to Recover From Ransomware Attack

10/25/2019

Johannesburg has been hit with a ransomware attack that is crippling municipal services, according to South African news media reports and the city's Twitter feed. City Power, an electric utility owned by the city that was hit by a similar attack in July - also was affected by the latest attack.

Interested in protecting your data from ransomware? Following these cyber hygiene approaches could prevent disaster:

  1. Install the latest software and app updates on your devices.
  2. Install anti-virus software on your devices and configure it to automatically update.
  3. Have long, strong passphrases and don't use the same passphrase for everything.
  4. Don't open attachments in unsolicited emails, even if they come from people in your contact list.
  5. Never click on a URL contained in an unsolicited email, even if you think it looks safe. Instead, close out the e-mail and go to the organization's website directly.
  6. Backup your important data offline.

For more information on Ransomware and what to do if you are a victim, visit Digiknow Ransomware.

Are You Cyber Safe?

10/24/2019

Join the Department of Technology and Information on October 24, 2019 from 10:30am – 11:30am and 1pm to 2pm at the Modern Maturity Center at 1121 Forrest Ave., Dover, DE 19904 for practical advice on using smart phones and tablets safely. Hands-on help for the topics covered will be provided free of charge.

Ransomware Attacks Map chronicles a growing threat

10/22/2019

Many government officials had already keyed into the ransomware threat, but Liska’s research lent new insight to just how broad, aggressive and increasingly common this type of malware had become.

Small Business Cybersecurity Workshop

10/17/2019

In an effort to strengthen the security posture of local businesses, DTI has partnered with the University of Delaware’s Cybersecurity Initiative, Cybersecurity Scholars, to host a workshop of small businesses on cybersecurity essentials. Event will be held October 17th from 2PM-6:30 PM at the iSuites on Floor 1 of Evans Hall, 139 The Green, Newark, DE 19716. Register Today

From Ohio's "baby bot" to driver's ed in Delaware: How states are using AI

10/15/2019

"AI is an integral part of our vision going forward," Utah CIO Mike Hussey says in the NASCIO report. "For now, we're just getting our feet wet as we try to increase our understanding of this new technology. But as AI continues to mature, the technology will become pervasive throughout everything we do."

Xbox Live to Get Optional Chat Filters to Stop Toxic Trash Talk

10/14/2019

This fall, Microsoft will roll out automated filters that'll let you screen out offensive remarks made in text-based chats on Xbox Live. The filters will come in four tiers: Friendly, Medium, Mature, and Unfiltered.

Top Tax Scams to Watch out For

10/13/2019

Diligent taxpayers are being increasingly targeted by con artists who are well-versed in manipulating the revenue system. The crooks usually impersonate IRS (U.S. Internal Revenue Service) officials, sending fake emails or . . .

Information Event

10/10/2019

Join the Department of Technology and Information on Birthday Day day, October 10, 2019 from 10am – 2pm at the Modern Maturity Center at 1121 Forrest Ave., Dover, DE 19904 for cyber security information and tips for all citizens.

Paper Shredding Event

10/02/2019

Join the Department of Technology and Information in partnership with the Delaware Solid Waste Authority for a paper shredding event on October 2, 2019 at the Delaware Recycling Center 1101 Lambson Lane, New Castle, DE 19720. Residents can bring up to 2 file boxes of personal confidential papers for shredding (financial and legal documents, receipts, and tax and medical records). Papers with staples or paper clips are accepted. Event is restricted to Delaware residents and will be held rain or shine. The Department of Technology and Information will be providing information to citizens about how to recover from a data breach and restore your identity.

A Ransomware Tale: Mayor Describes City's Decisions

09/05/2019

The mayor of New Bedford, Massachusetts, took the unusual step this week of holding a press conference to describe a recent ransomware attack and explain why the city decided not to pay the $5.3 million ransom that was demanded.

Interested in protecting your data from ransomware? Following these cyber hygiene approaches could prevent disaster:

  1. Install the latest software and app updates on your devices.
  2. Install anti-virus software on your devices and configure it to automatically update.
  3. Have long, strong passphrases and don't use the same passphrase for everything.
  4. Don't open attachments in unsolicited emails, even if they come from people in your contact list.
  5. Never click on a URL contained in an unsolicited email, even if you think it looks safe. Instead, close out the e-mail and go to the organization's website directly.
  6. Backup your important data offline.

For more information on Ransomware and what to do if you are a victim, visit Digiknow Ransomware.

Delaware State Police phone number used in scam calls

08/20/2019

The Delaware State Police was made aware of multiple incidents in which individuals have received phone calls which appear on their caller ID as coming from the DSP. To further convince the recipient that the caller is an official representative of the DSP, victims are advised to look up the phone number where the call is originating from. When the victim researches the number, it does appear to be a working DSP phone number.

Ransomware Attack Hits 22 Texas Towns, Authorities Say

08/20/2019

Computer systems in 23 small Texas towns have been hacked, seized and held for ransom in a widespread, coordinated cyberattack, the authorities said this week. The Texas Department of Information ...

Interested in protecting your data from malware? Following these cyber hygiene approaches could prevent disaster:

  1. Install the latest software and app updates on your devices.
  2. Install anti-virus software on your devices and configure it to automatically update.
  3. Have long, strong passphrases and don't use the same passphrase for everything.
  4. Don't open attachments in unsolicited emails, even if they come from people in your contact list.
  5. Never click on a URL contained in an unsolicited email, even if you think it looks safe. Instead, close out the e-mail and go to the organization's website directly.
  6. Backup your important data offline.

For more information on Ransomware and what to do if you are a victim, visit Digiknow Ransomware.

Louisiana Declares Emergency After Malware Attacks

07/26/2019

Interested in protecting your data from malware? Following these cyber hygiene approaches could prevent disaster:

  1. Install the latest software and app updates on your devices.
  2. Install anti-virus software on your devices and configure it to automatically update.
  3. Have long, strong passphrases and don't use the same passphrase for everything.
  4. Don't open attachments in unsolicited emails, even if they come from people in your contact list.
  5. Never click on a URL contained in an unsolicited email, even if you think it looks safe. Instead, close out the e-mail and go to the organization's website directly.
  6. Backup your important data offline.

For more information on Ransomware and what to do if you are a victim, visit Digiknow Ransomware.

NASCIO Endorses State and Local Government Cybersecurity Act

07/11/2019

"State and local governments are responsible for safeguarding everything from election systems to an increasing amount of sensitive personal data – from social security numbers and credit card information to detailed medical records,” Peters said when the legislation was introduced.

Certain Insulin Pumps Recalled Due to Cybersecurity Issues

06/27/2019

The Food and Drug Administration warns patients and healthcare providers the medical device manufacturer Medtronic has issued a voluntary recall of certain wireless insulin pumps due to cybersecurity vulnerabilities that cannot be adequately patched and therefore pose safety concerns.

Scam Alert: Delaware Department of Revenue Warns Taxpayers of Fraudulent Letters

04/29/2019

The Delaware Division of Revenue wants to alert citizens to a new taxpayer scam that is happening in Delaware. Victims may receive a letter from "The Bureau of Tax Enforcement" that threatens property seizure and wage garnishment unless they call a toll-free number to "avoid enforcement."

State police warn of phone spoofing scam

02/07/2019

Delaware State Police said they were made aware of multiple incidents in which individuals received a phone call advising that they were under investigation. The caller, they said, asked the individuals to verify all of their information, and threatened to “put a hold on their Social Security number” if they did not comply.

Could The 10-Year Challenge Be Putting Your Data At Risk?

01/20/2019

In the latest social media craze, people are sharing photos comparing how they looked 10 years ago with how they look today. Dubbed the "10-Year Challenge," the viral fad has attracted everyone from celebrities like Mariah Carey and Justin Baldoni, to environmentalists seeking to highlight the impacts of climate change.

Patch Tuesday, January 2019 Edition

01/09/2019

Microsoft on Tuesday released updates to fix roughly four dozen security issues with its Windows operating systems and related software. All things considered, this first Patch Tuesday of 2019 is fairly mild, bereft as it is of any new Adobe Flash updates or zero-day exploits. But there are a few spicy bits to keep in mind. Read on for the gory details.

Data breaches affected more than a billion people in 2018

01/04/2019

The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe.

DSP issues warning about Dover-related phone scam

12/18/2018

DOVER — Delaware State Police issued an advisory Monday in response to a recent phone scam involving a 'spoofed phone number.' Authorities were made aware of two incidents in which individuals received a phone call from a female claiming to be an agent from Dover. The caller identified herself as agent Lisa Smith and provided a badge number #K4L14799, police said.

Don't Get Scammed out of a Gift Card This Season

12/07/2018

Gift cards are a notoriously popular item to give during the holidays, and scammers know this. Scammers use multiple tactics to steal money off of gift cards without the card holder even knowing.

Marriott announces data breach impacting 500 million hotel guests

11/30/2018

The company has determined that hackers had unauthorized access on Starwood’s guest database dating back to 2014. Hackers copied and encrypted guest information, then “took steps towards removing it,” the company said. Marriott acquired Starwood in 2016.

Ohio Enacts First Cybersecurity Safe Harbor

11/07/2018

Effective November 2, 2018, Ohio's Data Protection Act (DPA) has been supplemented with an incentive-based mechanism to strengthen cybersecurity business practices.

Internet-Exposed HMIs Put Energy, Water Facilities at Risk: Report

10/30/2018

Malicious actors could cause serious damage to organizations in the energy and water sectors by targeting their human-machine interfaces (HMIs), according to a report released by Trend Micro on Tuesday.

Yahoo Class Action Settlement: A $50 Million-Plus Sting

10/24/2018

A proposed agreement that would settle a class action suit against Yahoo over record-breaking data breaches could see the company pay as much as $85 million.

Connecticut City Pays Ransom After Crypto-Locking Attack

10/23/2018

A tale of two different ransomware victims' responses: One town in Connecticut says it was left with little choice but to pay a ransom after attackers crypto-locked its systems. But a water utility in North Carolina, which was hit by a similar attack, says it will rebuild its systems rather than give attackers any money.

Some Cybersecurity Apps Could Be Worse for Privacy than Nothing at All

10/23/2018

It’s been a busy few weeks for cybersecurity researchers and reporters. There was the Facebook hack, the Google Plus data breach, and allegations that the Chinese government implanted spying chips in hardware components.

Delaware CIO James Collins Elected President of NASCIO Executive Committee

10/21/2018

DOVER, Del. — The Delaware Department of Technology and Information (DTI) is pleased to announce that Chief Information Officer James Collins has been elected to serve as the National Association for State Chief Information Officers (NASCIO) Executive Committee President for the 2018-19 program year. The organization made the announcement Sunday during its annual conference in San Diego. CIO Collins previously served as vice president and succeeds Bo Reese, Chief Information Officer for the State of Oklahoma as president.

(ISC) Report Finds Cybersecurity Workforce Gap Has Increased to More Than 2.9 Million Globally

10/17/2018

Clearwater, FL, October 17, 2018 – (ISC) – the world’s largest nonprofit association of certified cybersecurity professionals – today announced the findings of the 2018 (ISC) Cybersecurity Workforce Study. The research shows a widening of the global cybersecurity workforce gap to nearly three million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA).

Three Members of Notorious International Cybercrime Group “Fin7” In Custody for Role in Attacking Over 100 U.S. companies

08/01/2018

Three high-ranking members of a sophisticated international cybercrime group operating out of Eastern Europe have been arrested and are currently in custody facing charges filed in U.S. District Court in Seattle, announced Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney Annette L. Hayes for the Western District of Washington and Special Agent in Charge Jay S. Tabb Jr. of the FBI Seattle Field Office.

It’s time to stop laughing at Nigerian scammers — because they’re stealing billions of dollars

06/12/2018

On Monday, the FBI announced the arrest of 74 people across the world — including 29 people in Nigeria and 41 in the United States — who authorities say were part of complex international networks that combed filings by the Securities and Exchange Commission, spoofed CEO emails and successfully targeted even hardened employees whose jobs are to safeguard their companies from financial mismanagement.

Facebook Gave Data Access to Chinese Firm Flagged by U.S. Intelligence

06/05/2018

Facebook has data-sharing partnerships with at least four Chinese electronics companies, including a manufacturing giant that has a close relationship with China’s government, the social media company said on Tuesday.

Facebook defends sharing user data with phone makers

06/04/2018

A New York Times investigation published late Sunday revealed the scope of data-sharing deals Facebook (FB) struck over the years with companies like Apple (AAPL), Samsung (SSNLF) and Microsoft (MSFT). The partnerships give some device makers access to Facebook users' education history, relationship status, work, religion, political leaning and upcoming events, the Times reported.

Microsoft's 'DigiGirlz Day' comes to Wilmington University to teach young women about tech careers

05/08/2018

The more than 200 attendees were from all across the state, from Northern Wilmington to Delmar, and all different educational backgrounds, from 31 different public, private, charter, and home schools . They spent a full school day at the University of Wilmington-Dover campus.

Governor Carney Honors “Kids Safe Online” Poster Contest Winners

04/26/2018

For the first time in the ten year history of the contest there was a complete sweep of winners from the same school. Art teacher Kelly Walzl’s fourth grade students Aubrie Rodriguez, Clayton Starkey, and Catalina Syto placed first, second and third, respectively. These students’ posters were judged to be the best among 1,400 submissions.

After Detailing Russian Hack, White House Cyber 'Czar' Announces Departure

04/17/2018

"Serving as the White House's cybersecurity coordinator for the last 14-months has been a tremendous opportunity to work on some of our nation's most important cyber challenges," Joyce said in a statement, according to The Washington Post. "I look forward to continuing to serve our nation at the agency I've called home for the last 27 years."

3 Days Of War Games Test Government Response To Serious Cyberattacks

04/12/2018

What would happen if an unfriendly nation tried to take down the power grid, or the air traffic control system, or blow up a chemical plant with a cyberattack? How would government agencies respond to such a threat?

Meet the Padua students who rocked the Girls Go CyberStart competition

04/04/2018

The five-time Cybersecurity State Champs showed up big time during a 24-hour "sleepover hackathon" that earned one Padua team the No. 1 rank in Delaware.

What you need to know about credit card skimming devices

03/15/2018

The Delaware State Police are working to inform the public about the dangers of credit card skimming devices. The devices, which fit simply and inconspicuously over top of credit card readers, have been found throughout the state, primarily at ATMs and gas stations. Police are working with both businesses and banks to get the situation under control.

Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors

03/15/2018

DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).

Police warn of multiple card skimming devices

03/07/2018

State police say the devices, which can steal your banking information, have been found at businesses up and down the First State. The Delaware State Police are currently investigating several places where skimming devices have been reported. These devices have been primarily placed at ATM’s and gas stations.

Hackers Win Olympic Gold Medal for Disruption

02/12/2018

Hackers have crashed the Winter Olympics, apparently by using destructive malware. On Friday, shortly before the opening ceremonies of the Olympic Winter Games in South Korea, the official Pyeongchang 2018 site stopped working, leaving attendees unable to print tickets. In addition, the WiFi in Pyeonchang Olympic stadium stopped working, as did televisions and internet access in the main press center, the Guardian first reported. It said the website wasn't restored until 12 hours later, on Saturday morning.

Security Pros Need a Mentor: Here's Why and How

02/11/2018

The Multi-State Information Sharing and Analysis Center (MS-ISAC) started a mentoring program in 2012, and this nationwide career-enhancing strategy for security leaders has grown to become stronger than ever. Here are the details on how the mentoring program works and interviews on the benefits with government mentors and mentees. Most important, why you should care and how to get involved.

Internet scammers are terrible. This troll is their nightmare.

02/09/2018

In a call center, somewhere on Earth, a telephone rang. John picked up. On the other end of the line was a man who spoke in a preposterously fake Russian accent and introduced himself as “Vicktor Viktoor,” which was not his real name.

Delaware enlisting more girls in the fight against hackers

02/02/2018

Listen up, girls. Delaware needs your help this month defending the state's internet grid against a gang of cybercriminals and hackers. Our online safety and security rest in your hands. Report to Cyber Protection Agency headquarters and get to work immediately!

Ransomware was most popular cyber crime tool in 2017

01/25/2018

Ransomware attacks on business increased by 90% in 2017, while attacks on consumers leapt by 93%, according to the latest annual state of malware report by security firm Malwarebytes.

Delaware announces cybersecurity partnership for high school girls

01/23/2018

Delaware leaders are offering a free training opportunity for high school girls interested in a career in cybersecurity. The partnership between the state and the SANS Institute offers cybersecurity training for high school girls in Delaware to find out if they have talent or interest in the field through a free online game called, "Girls Go CyberStart".

CyberStart initiative focuses on signing up high school girls

01/13/2018

Delaware is continuing its efforts to find the next generation of cybersecurity professionals. The First State has signed on to participate in the new GirlsGoCyberStart initiative this February.

Intel's CES keynote: CEO vows quick fix to security flaw

01/09/2018

LAS VEGAS — Before unleashing a futuristic spectacle during his CES keynote here Monday night, Intel CEO Brian Krzanich addressed the recent security flaws in processors made by it and other chip makers.

Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2

01/03/2018

According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability.

Intel Responds to Security Research Findings

01/03/2018

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Intel Flaw Affects Nearly Every Modern Day Device

01/03/2018

Researchers have finally disclosed complete technical details of two kernel side-channel attacks, Meltdown and Spectre—which affect not only Intel but also systems and devices running AMD, ARM processors—allowing attackers to steal sensitive data from the system memory.