Technically Speaking

On May 12 a ransomware virus, WannaCry, was released on the Internet and rapidly spread to hundreds of thousands of Microsoft Windows based computers in over 150 countries.  The malware encrypts critical files on a computer, such as Excel, Word, and other important files, and seeks out backup copies for encryption as well.  Once it infects a system, it requires the victim to pay approximately $300 in digital currency (Bitcoin), and immediately tries to find other systems to infect.

The White House has recently issued an Executive Order, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.”  The Order is broad in scope, and features positive provisions, some unfortunate omissions and a seemingly excessive set of reporting requirements.  Let’s take a look.

Data breach statistics are staggering. Through the end of March 2017, there have already been over 300 major breaches and over nine million records stolen. It’s a challenging problem and one that doesn’t come with a lot of solutions. Part of the problem is understanding what the patterns are. Today’s attacks have several stages from initial reconnaissance to object completion, as depicted in the Cyber Kill Chain which describes the phases of a targeted attack.

Autodesk InfraWorks 360 and AutoCAD Civil 3D 2018 are here! For infrastructure and transportation civil engineers and designers, the new releases incorporate feedback from users and stress better economics, practicality, resiliency and attractiveness in the conception, design and construction of road, highway, bridge, land, and other infrastructure projects.

U.S. public sector organizations are moving further into the cloud. That’s according to a new study from DLT partner, SolarWinds. In fact, 96% of public IT practitioners, managers, and directors report that they have migrated critical applications and infrastructure over the past year.

What does privilege have to do with your agency’s security controls? The fact is that most data breaches start with privilege abuse. Think Edward Snowden. In the wake of his leaks, the NSA pledged to reduce system administrator privileges by 90%. Then there are outsiders. Most recent federal data breaches originate from attackers who exploited the login accounts of employees or contractors to gain access to sensitive data.