• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / February 9, 2023

Sharpening your cyber saw

TEEX Training Recap at BRADD

We often talk about cyber security as a journey, not a destination. It is critical to keep your tools sharp (or up-to-date) along that journey. To that end, at Commonwealth Sentinel, we practice what we preach.

Last week, I participated in two free DHS/FEMA- courses offered by Texas A&M Engineering Extension Service (TEEX) and the National Emergency Response and Recovery Training Center.

These were coordinated and hosted by the Barren River Area Development District. (BRADD) in Bowling Green, KY.

Wednesday was an 8-hour class on Understanding Targeted Cyber Attacks. Thursday was an 8-hour class on Physical and Cybersecurity for Critical Infrastructure.

It was great to spend two days with IT Directors, Emergency Management Directors, System Admins, and more from the counties of BRADD and others throughout the state. The organizations were county governments, school districts, EMS, health care, and more. In all, over 40 people were in attendance to learn more about cyber security. That was exciting for all of us in the cyber security arena!

I focus entirely on cyber security, but I learned a lot from these courses, from the TEEX instructors and classmates who are not full-time cyber security folks.

Some fascinating information I learned includes details on the attacks we have seen over the last few years. A post-mortem is a critical learning experience following a cyber attack to understand what happened and what can be done to prevent it.

Here are some significant, well-known cyber attacks that have some excellent lessons:

2018 City of Atlanta, GA: Hit with a ransomware attack. It ultimately cost them $2.7 million to recover, and they lost many years of data. I learned last week that 100 servers were running Windows 2003. Support for Win 2003 ended in 2015. Three years later and three years of unpatched vulnerabilities resulted in this catastrophic attack. Updating their servers would have prevented this attack.

2019 City of Baltimore, MD: Hit by a ransomware attack. It ultimately cost them $18 million to recover (even though the ransom was just $76,280). I learned that in April 2017, an NSA-developed computer exploit called Eternal Blue had been leaked. Upon learning of the leak, NSA notified Microsoft to release a patch to protect all Windows versions that were currently supported and even those that were unsupported. Having not patched for Eternal Blue two years later, Baltimore was hit. Again, updating their systems would have prevented this attack.

2021 City of Oldsmar, FL Water: The victim of an attempted poisoning in which someone tried to remotely try to raise the amount of lye to a lethal level. Fortunately, an on-site worker saw the activity happening online and was able to reverse it. I learned that the hacker used to access the system through a TeamViewer tool, which allows for remote work. It was no longer used by the water company but had not been removed. The lesson here is to keep an inventory of your organization’s software and remove software that is no longer needed.

2021 Colonial Pipeline: Hit with a ransomware attack on the systems that managed the pipeline that serves the Southeastern United States. I learned that the attack method came via an old VPN account that had not been disabled. Again, keep an inventory of the software and services your organization is using so that you can ensure those that are no longer needed, used, or supported are removed.

Physical and Cyber Attacks: Lastly, Physical and Cyber Attacks are not separate events. There are physical-enabled cyber attacks and cyber-enabled physical attacks. The critical understanding is that cyber attacks have actual, physical repercussions. That is why it is so important that everyone is involved in the protection process.

This is just a short list of the essential nuggets of information I gleaned from my time at BRADD last week and knowledge I will incorporate into our teachings and presentations.

I look forward to working with the wonderful folks I met across our Commonwealth. Keep up the excellent work, keep your tools sharp, and stay on the path! The journey is worth it!

Filed Under: Blog, News

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT