Better Computer Management Is a Matter of National Security

Military and law enforcement agencies have long benefited from the ability to wirelessly and remotely access information while on the job. However, as mobile endpoints play an increasingly central role in supplying field officers with real-time data, they may also introduce new cyberthreats. Consider, for instance, the dangers associated with a lost or stolen military Toughbook that ends up in the hands of criminals and ends up posing a risk to national security.

Criminal Justice Information Services (CJIS) guidelines aim to mitigate some of these risks through certain provisions such as strong password management, multi-factor authentication requirements and email encryption, just to name a few.

While adherence to CJIS standards will enhance cybersecurity, compliance can’t be your agency’s only defense strategy. Hackers are becoming increasingly sophisticated, and in some cases, are backed up by nation states. The bottom line is that it takes a lot more than compliance to protect military and law enforcement field endpoints.

The Department of Justice Data Breach

An example of what’s at stake for military and law enforcement agencies occurred in early 2016, when the Department of Justice was breached after hackers managed to access an insider’s email account. From here, the intruders were able to “social engineer” their way into the DOJ intranet, and subsequently access critical databases. According to Computerworld’s Darlene Storm, the hackers then stole and dumped “9,000 DHS [Department of Homeland Security] employee names, email addresses, locations, telephone numbers and titles” on the web.

Soon after, the cyberattackers executed a second data dump, this

Hackers Hamstring Uncle Sam : Voter Data Stolen by Cyberattackers

Hackers have gone after the U.S. government for a variety of purposes: to steal personally identifiable information of government employees, in an effort to pilfer trade secrets, to commit tax fraud and more. Recently, however, they sought to undercut the government by going after its lifeblood : registered voters.

According to the Chicago Sun Times, hackers accessed personal information belonging to as many as 200,000 registered voters in the state of Illinois. Illinois State Board of Elections General Counsel Ken Menzel stated that the cyberattackers first infiltrated the online voter registration portal. From there, they managed to access a database holding personal information belonging to residents of Illinois – despite having blocked the IP addresses of hackers and shutting down the system upon learning of the breach.

“Hackers accessed voter registration data, including names and addresses, dates of birth and in some cases, the last four digits of Social Security numbers and driver’s license or state ID numbers.”

Arizona also fell prey to a breach of its voter registration data; however, reports suggest that the infiltration was much more limited than that of the Illinois board of election.

What We Know About the Breach So Far

“The breach was orchestrated using an SQL injection.”

The breach first came to light in late August, when the FBI notified the affected states of the incident. The agency subsequently issued warnings to other state election boards to look into any possible indicators of an incident.

All eyes were on Russia immediately following the breach, according to

New ‘Fantom’ Ransomware Haunts PC Admins

A new strain of malware – Fantom ransomware – was discovered in late August, and it’s spooking IT administrators all over the world.

Like most other forms of EDA2-based ransomware, Fantom works by creating an un AES-128 key. It will then encrypt it using RSA, an asymmetric cryptographic algorithm, and upload it to the malware developers’ server. Once the program is on a victim’s system, it will scan local drives, encrypt specific file types (up to 350 different types), replace extensions with “.fantom” and display a ransom note which provides directions for contacting the hackers (specifically via email) and regaining access to files.

In this sense, Fantom isn’t unique in its technical execution. At the end of the day, it’s how the malware is delivered that really makes it so sinister.

A Conniving Social Engineering Scheme

In what may just be the cleverest ransomware scheme since PETYA (which infected human resources users by hiding in fake job application emails), Fantom is delivered through a fake Windows Update screen. The forgery is apparently so convincing that “most users, including business users, recognize and even trust [it],” according to Comodo.

Once the user initiates the installation, a file named “WindowsUpdate.exe” will launch. At this point, a Windows update display will commandeer the screen. Again, the ruse is convincing enough that most enterprise users wouldn’t suspect foul play at this point. However, what appears to be a Windows update is in actuality masking the fact that your files are being encrypted.

“There is no means of decrypting Fantom,”

School is in Session : Are Your Educator Endpoints Secure?

Primary and secondary-school classes are now in session throughout most of the U.S. As teachers and students gear up for another year of learning, IT admins prepare for another year of cyberattacks. In the past few months, hackers have hit several school districts. In June, a secretary with the Holley Central School District in New York discovered a data breach that dated back to April 2016. While few technical details pertaining to the breach have been made public, it’s believed that hackers stole personally identifiable information belonging to 150 staff members.

A similar incident occurred in the Arlington Public School District in Spring 2016, affecting an estimated 28 district workers. District officials claim the breach most likely occurred as a result of login credential theft, and that this might not be the first time that PII was stolen from parents and student in that district.

These are only two incidents in a long line of cyberattacks that have targeted educational institutions, some of which have previously included ransomware and other forms of malware. It begs the question: Are your educator endpoints secure?

Why Application Control is Essential

All teacher and student endpoints, including desktops, laptops and other devices running on Windows operating systems need to be limited in the types of applications that they’re free to download, install and execute. This requires an application control program.

Anti-Executable Service in Deep Freeze Cloud helps protect computers from malicious applications such as specific forms of malware. Deep Freeze Cloud admins can whitelist

Maintenance and Security for Computers at IT Conferences, Industry Expos and Trade Shows

Organizing and participating in trade shows, expos, conferences and other industry events is a great way for enterprises to position themselves as thought leaders while expanding their networks of channel partners. It’s also an opportunity for a business to demonstrate its newest solutions. Some vendors may even use this time to offer exclusive training courses for creative software suites.

The only problem, however, is that doing this means you’re suddenly responsible for hundreds or even thousands of computers and kiosks that are now in the hands of strangers. Any unwanted configuration drift occurring between demonstrations and pre-slotted tutorials, can throw off schedules if they aren’t reconfigured swiftly.

Use Case : Adobe Max Conference

Every year, Adobe Systems hosts its premier creative conference known as Adobe Max. Attendance ranks in the mid thousands, bringing photographers, graphic designers, film editors, videographers and hoards of other creative professionals onto a single site for three days of networking, learning and innovation.

In 2014, the estimated turnout was 5,300. As part of the program, Adobe offered training sessions for its creative software suite using 1,175 of its own company computers. As one might imagine, that’s a lot of systems to oversee and continually reconfigure after each tutorial or user session. The responsibility fell on Trevor Whitney, the IT Events Manager for Adobe Max.

His solution to the problem was to deploy Faronics Deep Freeze computer management software across his entire computing environment. Deep Freeze gave him and his team the ability to restore all