Local Schools Must Safeguard Themselves from Hacking Threats in the 2023-2024 School Year

Written by Julio Rivera on . Posted in Guest Articles

As the calendar turns to another school year in 2023, the education landscape is evolving rapidly, with technology playing an increasingly pivotal role in the learning process. Especially on the heels of the COVID-19 pandemic, and with the resurgence of new mutations, the possibility of remote education still playing a prevalent role going forward is certainly on the table. 

 

While this digital transformation towards increased virtual learning has brought immense benefits, it has also opened the door to an increased threat of cyberattacks. And although the Biden administration has attempted to talk tough on making cybersecurity a higher priority matterto put it simply, they have not done nearly enough, as already in 2023, 48 school districts have been hit by ransomware attacks, which is three more than in all of 2022. 

As a result of these attacks, sensitive data that has included medical records, psychiatric evaluations, and sexual assault reports have been compromised. To ensure a safe and secure learning environment for the 2023-2024 school year, institutions, parents, and students must join forces to protect themselves from cyber threats.

Over the past several years, ever prior to the pandemic, our educational institutions had become prime targets for cybercriminals. Whether it's a K-12 school, a college campus, or a remote online learning platform, all have been susceptible to various forms of cyberattacks. 

The consequences of a successful breach can be devastating, not only compromising sensitive student and staff data, but also disrupting the learning process itself. Therefore, it is imperative that schools take proactive measures to safeguard their digital infrastructure.

One obvious way schools can address this is by prioritizing cybersecurity education and training for both students and staff. Cybersecurity should be integrated into the curriculum earlier, especially as elementary school aged children are seemingly handling online devices at younger ages than ever before. 

Similarly, teachers and administrative staff must receive regular training to stay updated on the latest cyber threats and best practices for prevention and response. By empowering the entire school community with knowledge and awareness, America can create a culture of cybersecurity that acts as a strong defense at the local level.

Moreover, schools should invest in robust cybersecurity systems and protocols. This includes regularly updating and patching software, employing firewalls and intrusion detection systems, and implementing strong password policies. Encryption should be used to protect sensitive data, and access controls should be in place to ensure that only authorized individuals can access certain information. Regular security audits and vulnerability assessments are essential to identifying and addressing weaknesses in the system before cybercriminals exploit them.

Parents also play a crucial role in protecting their children from cyber threats. In an era where students are increasingly using personal devices for remote learning, parents must take steps to secure these devices and educate their children about online safety. Here are some key steps parents can take:

Set clear boundaries: Establish rules for screen time and online activities. Ensure that children understand the importance of not sharing personal information online and the potential consequences of doing so.

Use parental control software: Install parental control software on devices to monitor and restrict access to certain websites and apps. These tools can help parents keep a close eye on their children's online activities.

Educate children: Talk to your children about the risks of cyberbullying, online predators, and email phishing scams. Encourage open communication so that they feel comfortable reporting any suspicious online behavior.

Secure devices: Ensure that all devices used for remote learning are kept up to date with the latest security patches and have strong, unique passwords. Teach children about the importance of strong passwords and two-factor authentication.

Lead by example: Be a positive role model for your children when it comes to online behavior. Show them how to use the internet responsibly and safely.

Students, too, have a responsibility to protect themselves from cyber threats. In an era where digital literacy is as important as traditional literacy, students must take an active role in safeguarding their online presence. Here are some steps students can take:

Practice good password hygiene: Create strong, unique passwords for all online accounts and consider using a reputable password manager to keep track of them.

Beware of phishing: Be cautious of unsolicited emails, messages, or links from unknown sources. Verify the authenticity of messages before clicking on any links or sharing personal information.

Keep software updated: Regularly update the operating system and software on your devices to patch vulnerabilities that cybercriminals could exploit.

Secure your social media: Review and adjust privacy settings on social media accounts to limit what information is visible to the public. Avoid sharing personal information that could be used against you.

Report suspicious activity: If you encounter cyberbullying, harassment, or other forms of online threats, report them to a trusted adult or school authority. Reporting such incidents is crucial to stopping them and protecting others.

In conclusion, the 2023 school year brings with it unprecedented opportunities for learning and growth, but it also carries new challenges in the form of cyber threats, both domestic and from overseas. To protect the future of education and ensure a safe and secure learning environment, schools, parents, and students must work together. Schools must invest in cybersecurity education and robust security systems, parents must educate and protect their children online, and students must become responsible digital citizens. Only by joining forces and taking proactive measures can we navigate the digital landscape safely and ensure that the pursuit of knowledge remains unimpeded by cyber threats.

Julio Rivera is a business and political strategist, cybersecurity researcher, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most respected news organizations in the world.

 

 

Cyber-Workforce Crisis Belongs to the Biden Administration

Written by Julio Rivera on . Posted in Guest Articles

Although the current administration has always attempted to put a good face on their efforts to combat the nation’s ongoing cyber crisis, like trotting out First Lady Dr. Jill Biden this week to kick off the White House’s back-to-school cyber safety summit, the truth is, cybersecurity has been another key issue where America has lagged under the stewardship of President Joe Biden. 

As of the end of 2022, well past the point where democrat spin doctors could attempt to blame shift to former President Trump, there was a labor shortage of qualified cyber personnel to the tune of approximately 700,000. 

The United States being understaffed regarding cybersecurity poses significant dangers and vulnerabilities in both the public and private sectors. In today's interconnected and digital world, cyber threats are continuously evolving, and the demand for skilled cybersecurity professionals has never been higher. A lack of sufficient cybersecurity personnel can have severe consequences for national security, economic stability, and the protection of sensitive information.

In the public sector, during a time where overall American security has seemed to take a major hit under the incompetent leadership of Alejandro Mayorkas at the head of the Department of Homeland Security (DHS), government agencies and critical infrastructure face an array of sophisticated cyber threats from state-sponsored actors, hacktivists, and cybercriminals

The Cybersecurity and Infrastructure Security Agency (CISA), which is a sub-agency under the DHS banner, has certainly spent enough taxpayer money over the past 2 and a half years to have made major strides in shoring up our defenses in the cybersphere, but the results just aren’t there about two-thirds of the way through Joe Biden’s current term. 

Most recently, there was a July joint cybersecurity advisory from (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre

for Cyber Security (CCCS), regarding a spike in cyber gangs deploying variations Truebot malwarewhich is a botnet that has been used often by Russia-based cyber gangs like CLOP.  Additionally, China, a country that has long been at or near the top of the list of America’s top cyber adversaries, was just reported to be the origin of an attack that breached the email account of US Ambassador to China, Nicholas Burns, as a part of a larger targeted intelligence-gathering initiative.

Without an adequate cybersecurity workforce, government organizations will continue to struggle to detect and respond to cyberattacks effectively. This could lead to data breaches, disruption of essential services, and potential threats to national security. Additionally, the loss of sensitive government data can compromise diplomatic relations, intelligence operations, and military capabilities.

In the private sector, businesses across various industries are increasingly targeted by cybercriminals seeking to steal valuable intellectual property, customer data, and financial information. These kinds of breaches have been executed with increasing frequency by countries like China, Iran, North Korea, and Russia. 

An understaffed cybersecurity team in private companies can lead to slower incident response times, leaving them exposed to prolonged cyberattacks. The resulting data breaches can result in financial losses, reputational damage, and legal liabilities, affecting not only the targeted organizations but also their customers and stakeholders.

Moreover, the interconnectedness of public and private sectors makes them interdependent. Cyberattacks on private companies can have ripple effects on the nation's critical infrastructure and public services, such as energy, transportation, and healthcare. This underscores the importance of a strong cybersecurity workforce in both the government and private sectors, collaborating to defend against cyber threats effectively.

To address these challenges, the United States needs to invest in robust cybersecurity education, training, and recruitment initiatives. One program that may bear fruit if properly executed is Florida International University's cybersecurity workforce training program. The program provides free cyber training to the nation's veterans and first responders.

We also need to begin encouraging students to pursue careers in cybersecurity from a younger age and launch a consistent plan of doing so year-round, and not just trotting out the First Lady for a short speech and dedicating just one week out of the year for awareness. 

This, in addition to offering competitive salaries and benefits will attract talent to fill critical cybersecurity roles. 

This extended understaffing epidemic in the cybersecurity sector poses grave risks for the United States, leaving the nation vulnerable to cyber threats on multiple fronts. At this point, a much bigger commitment must be made towards building a skilled and well-equipped cybersecurity workforce. 

Should we do so, it will hopefully strengthen our cyber defenses, protect sensitive data, safeguard national interests, and establish a resilient and secure digital landscape against threats like malware, ransomware, and trojans like the Chinese-based Aria-BodyWhether or not the Biden administration will be up to that task remains to be seen. 

Julio Rivera is a business and political strategist, cybersecurity researcher, Editorial Director for Reactionary Timesand a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most respected news organizations in the world.

 

 

 

 

Biden Cyber Strategy Failing Halfway Through 2023

Written by Julio Rivera on . Posted in Guest Articles

With the news cycle dominated by the latest developments regarding the classified documents indictment of former President Donald Trump and President Joe Biden’s son, Hunter, reaching a plea deal with federal prosecutors over his failure to pay roughly $1 million in taxes and falsifying information in the process of purchasing a handgun, some very important news regarding the overall security of America has consistently flown under the radar so far this year.

Security has seemingly been far from top of mind for the administration, as evidenced by the utter disregard for the security of the southern border, where according to a document titled “Biden’s border crisis is the worst in American History,” prepared by the Senate Republican Conference, “In Fiscal Year 2021 alone, U.S. Customs and Border Protection experienced 1.7 million encounters with aliens at the southern border, the highest number ever recorded in a single year.” 

Most Americans living outside of border states are well aware of this issue however, as according to a May 2023 Reuters/Ipsos poll, only 26% said they approved of Biden's handling of immigration.

That’s mainly because the news is consistently reporting on the physical border crisis, unlike the issues facing our digital borders, which has reached zero hour. Unfortunately, the average citizen is blissfully ignorant to the fact that there are literally 560,000 thousand new pieces of malware are created daily. This includes viruses, adware, Trojans, keyloggers, and crypto miners, which are all developed to steal data, currency, conduct spying operations, or disrupt critical infrastructure.

The Biden administration has largely failed in the first half of 2023 in properly addressing these threats, as recent reports indicate that multiple US government departments and several hundred private and public entities have recently be victimized as part of a slew of new Russian-based hacks.  The attacks were enabled in part, due to vulnerabilities in MOVEit software. According to the executive assistant director for cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), Eric Goldstein, CISA “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” while noting, “we (CISA) are working urgently to understand impacts and ensure timely remediation.”

The Department of Energy was among the more high-profile victims of the attacks. According to a spokesperson for the agency, “The Department (of Energy) has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach.” 

The Russian ransomware gang known as CLOP has claimed responsibility for the attacks. The hackers gave their victims until last Wednesday to contact them regarding ransom payments. They then began listing alleged victims on their dark web site. Among the alleged victims are Oak Ridge Associated Universities, Georgia’s state-wide university system, British Airways, the Shell Oil Company, and State governments in Minnesota and Illinois.

The software maker behind the exploited MOVEit applications, Progress Software, recently discovered a second vulnerability in their software which they’re actively working to fix. “We have communicated with customers on the steps they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue,” the company said in a statement.

Much like the SolarWinds attack, it will likely be months or even years before we know the full extent of this wave of Russian cyber-attacks, but this is only the latest example of the Biden administration failing rise to the challenge regarding America’s cyber defenses.

Among the attacks against the US this year were espionage operations carried out by a Vietnamese hacking group, a North Korean cybergang targeting American cybersecurity research firms, and Chinese state-sponsored hackers attacking “critical” cyber infrastructure in several industries, including government and communications organizations. 

The US government must lead the world on the cyber issue. Especially as hackers seem to be indiscriminately attacking anyone they can. Big-Tech must do its part as well, especially as 2023 has seen a rise in “Malvertising” via Google Ads. One thing the average American can do to protect themselves online is exercising basic safety measures like using an ad-blocker to avoid malware laced advertising.

But on the international level, the ongoing cyberwars necessitate increased cooperation. One of the most promising recent developments is the bi-partisan Abraham Accords Cybersecurity Cooperation Act. Born out of groundbreaking Trump administration diplomacy, the act is a major step towards enhanced international communication in real time to mitigate damages from largescale cyber-attacks.

Cybersecurity is just another matter where Joe Biden has failed. Luckily for America, for the time being America has merely bent and not broken in the cybersphere. Whether or not we can hold the fort through the next year and a half of Biden remains to be seen.

 

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Timesand a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.

 

Abraham Accords: Trump’s Signature Diplomatic Achievement Spawns New Cybersecurity Bill

Written by Julio Rivera on . Posted in Guest Articles

The Abraham Accords were a series of agreements brokered by the Trump administration in 2020, aimed at normalizing diplomatic relations between Israel and several Arab nations. The main participants in the accords were Israel, the United Arab Emirates (UAE), and Bahrain.

The primary objective of the Abraham Accords was to establish formal diplomatic ties, including the exchange of ambassadors, opening embassies, and fostering cooperation in various fields. The agreements encompassed several areas such as trade, tourism, investment, security, technology, and cultural exchanges.

Prior to the Abraham Accords, Israel had formal diplomatic relations with only two Arab nations, Egypt, and Jordan. The accords marked a significant shift in the region's dynamics, with Arab countries openly recognizing and establishing diplomatic ties with Israel.

From Israel's perspective, the accords provided an opportunity to expand its diplomatic reach, enhance regional stability, and foster economic cooperation. The participating Arab countries sought to strengthen their relations with Israel, potentially benefitting from increased trade and economic opportunities, security cooperation, and access to advanced technology and innovation.

The Abraham Accords are considered a notable achievement of the Trump administration's Middle East policy, aiming to foster peace and stability in the region through diplomatic initiatives. 

Now, years after their creation, the groundbreaking cooperative is expanding, as a bipartisan group of US senators have unveiled a new proposal known as the Abraham Accords Cybersecurity Cooperation Act of 2023

The bill, which is co-sponsored by members of the Abraham Accords Committee in the Senate, Sen. Jacky Rosen (D-NV), Sen. Joni Ernst (R-IA), Sen. Cory Booker (D-NJ), Sen. Kirsten Gillibrand (D-NY) and Sen. James Lankford (R-OK), follows a Department of Homeland Security announcement from earlier this year that noted that expanded cyber cooperation between the Abraham Accord countries was in the works.

The act will enhance the current partnerships between America and the Abraham Accords countries as they seek to strengthen their individual and collective defense against cyber attacks from countries like Iran, Indonesia, and other countries that continually target critical infrastructure and wage all forms of cyber warfare.

"At a time when Iran and other hostile cyber actors are those targeting the United States and Abraham Accords countries with malicious cyberattacks, this bipartisan legislation will help strengthen our collective cybersecurity defenses against shared threats," according to Sen. Jacky Rosen (D-Nev).

The act comes at a time when Israel has been repeatedly victimized by a growing Indonesian and Sudanese cyber threat.  This spring, a flurry of attacks from the two countries hit several Israeli targets across multiple sectors. 

May of this year saw a cyber-attack against Israel's mobile air defense, which is known as the Iron Dome. An Indonesian hacking group claims that the breach was carried out "in support of the Palestinian resistance," and the group reported the attack on May 14 on its Twitter account. In April, an Indonesian hacking group known as "VulzSecTeam" hacked Israeli gas stations, bus stations, and airports, and published stolen data on their Telegram channel. 

The Sudanese hacker group known as "Anonymous Sudan" targeted websites belonging to Israeli banks, the postal service, electrical utilities companies and the country's red alert warning app, in April. Anonymous Sudan also attacked several Israeli media sites, including the Jerusalem Post, i24 News, KAN, and N12.

These particular attacks complicate what was thought to be an opportunity for both Sudan and Indonesia to continue to improve diplomatic relations with Israel as well as the rest of the world. In October of 2020, the Sudan and Israel announced their collective intention to establish diplomatic relations. That seemed to be solidified when in February of this year, they established diplomatic relations officially. 

Sudan’s reentry into the global market has since been thrown into jeopardy by the ongoing intra-military war that led to the evacuation of the US Embassy on April 23rd, and the continued cyber-attacks against Israel only make matters worse.

Indonesia is one of 6 non-Arab Asian Muslim countries that do not have normalized ties with Israel. It sports a strong economy (16th largest in the world) and annual growth rate of 5.7%, which could quickly grow into one of the world’s largest. It has also been identified as a country that Israeli Prime Minister Benjamin Netanyahu would like to include in an expansion of the Abraham Accords.  The ongoing cyber-attacks from Indonesian hackers, especially if they are found to be in any way state-sponsored, like Advanced Persistent Threat Groups that often use Trojans to go undetected, put the future of diplomatic advancement in question for the country. 

The future of diplomacy in many ways is tied into the future of the ongoing set of individual cyber wars currently happening in real time. The bipartisan Abraham Accords Cybersecurity Cooperation Act of 2023 truly has an opportunity to be a standard bearer for diplomacy and enhanced logistical cooperation in the digital age. It would certainly be an interesting footnote in history if something as groundbreaking as this can get done during a period of unprecedented divide on Capitol Hill.

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.

 

CyberCrime, You're the Target

Written by Julio Rivera on . Posted in Guest Articles

Publisher’s note:  This is very important information.  If you’ve noticed your phone/computer acting a little weirder than normal of late, you may find some answers here.  Once again, Mr. Rivera has done an excellent job of identifying a cyber threat that effects everyone.

Julio Rivera:

How Big-Tech Enables Cybercriminals via “Malvertising”

In 2023, most internet users already realize that the online world can be a dangerous place if they fail to take proper precautions, as it is a hotbed of potential scams, identity theft, and other malicious activities. 

With innovative cybercriminals constantly developing new ways to steal people’s personal data and extort large ransoms by exploiting vulnerabilities in computer networks, your next click can open a trapdoor loaded with potential headaches.  

Many of these attacks can be avoided by simply avoiding questionable websites like the plethora of freeware sites that often promote illegitimate or cracked versions of popular software, often packaged in bundles with other apps or software that may be loaded with malware. Following other common-sense precautions like not opening email attachments from unknown senders can also offer a measure of protection.

But even when so-called “best practices” are followed online, many cybercrimes occur without the user being immediately aware, because nowadays, even seemingly innocent online activity can lead to significant risks. And perhaps no other current threat has the ability to rope in suspecting users more easily than “malvertising.” 

What is Traditional Malvertising?

Malvertising is a method of cyberattack which abuses online advertising platforms to steal sensitive user data and spread malicious content, including malware and ransomware. It takes advantage of popular advertising networks to gain access to unsuspecting users’ systems or networks, allowing attackers to steal data or infect devices with damaging viruses and other code. 

Malvertising campaigns typically infiltrate advertisements for popular products, services, or websites, and despite the fact that the ads may look perfectly normal, they contain hidden code which will either redirect users to malicious websites that can then execute their attack, or install malware on devices. 

Malvertising campaigns are notorious for sometimes using vulnerable applications such as JavaScript and Flash Player to deliver malicious payloads instead of simply redirecting users away from legitimate sites. Regardless of how it is accomplished, the end result is the same: a user’s device or network has been compromised. 

Traditionally, in order to protect against this type of attack, internet users need only stay alert while browsing the web and be sure when downloading new programs that are part of software bundles that may contain browser extensions.  But what happens when you innocently go to one of the more reputable and universally trafficked search engines in the world, Google, only to find yourself victimized, not by hacks executed via infiltrated advertisements, but by ads that were actually approved and then promoted by the Google Ads platform? 

How Are Hackers Using the Google Ads Platform to Steal Data and Spread Malware?  

A recent wave of cyberattacks that have been manipulating the Google ads platform to victimize individuals and entities in both the private and public sector seems to be more of an indictment of the lax policies of the tech giant than any new breakthrough in the online underworld.

According to reportshackers have been able to dupe Google into running ads for such notable everyday products and services that include Adobe Reader, Microsoft Teams, OBS, Slack, and Thunderbird. The fake ads lead users to be victimized by malware gangs that include AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.

According to a statement from Google on the matter, “Bad actors often employ sophisticated measures to conceal their identities and evade our policies and enforcement. To combat this over the past few years, we’ve launched new certification policies, ramped up advertiser verification, and increased our capacity to detect and prevent coordinated scams. We are aware of the recent uptick in fraudulent ad activity. Addressing it is a critical priority and we are working to resolve these incidents as quickly as possible.”

The lack of due diligence on the part of Google is startling, especially when considering that in 2022, Google's ad revenue amounted to a whopping $224.47 billion dollars. Additionally, their unwitting participation in these online schemes potentially open up the organization up to possible liability from victims, as the organization may possibly be considered to be technically operating as an accessory to cybercrime. 

Regardless of whether this matter gets the appropriate amount of news coverage, Google should immediately prioritize identifying the cracks in their business model that have allowed for such brazen online criminality. They certainly turn a large enough profit to be able to afford to create an extra layer of consumer protection via increased manpower and an improved advertiser vetting process.

The various internet advertising mechanisms that currently exist, which already include the annoyances associated with adware programs like the ‘Pdf download tool’ that bombards users with sponsored ads and browser hijackers and extensions like Infinity Search that quite literally take over your online search attempts, are dangerous enough. But, if Google, which is universally regarded as the gold standard among search engines ceases to be a safe haven for web browsers, where will novice web surfers be able to turn to in order to conduct safe searches on the internet?   

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Timesand a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.