Skip Navigation

ITMG Insider Threat News – March 1, 2021


Heavier Criminal Penalties for Chinese Intellectual Property Infringement Kick in March 1, 2021

On December 26, 2020, the Twenty-Fourth Meeting of the Standing Committee of the 13th National People’s Congress of China voted to pass the “Amendment to the Criminal Law of the People’s Republic of China (11)” (中华人民共和国刑法修正案(十一)), which will go into effect on March 1, 2021. The Criminal Law includes several articles for intellectual property crime and the amendments increase the maximum sentencing term to up to 10 years. The amendments also add a new article somewhat similar to the US’ Economic Espionage Act potentially in effect if not in wording.

Fugitive and former CIA agent Edward Snowden set to speak to students at Iowa State

Snowden, who also served as a consultant to the National Security Agency, leaked information to the press about global surveillance programs. Edward Snowden, who took the international spotlight when he revealed classified government information in 2013, will speak to students at Iowa State University on March 4 live on YouTube.  Snowden will be speaking from Moscow. Snowden is set to present a talk called “Digital Surveillance: How Gen Z Gave Up Its Privacy to Corporations and the Government” on Thursday night.

Insider Threat: GAO Weighs In on Airport Worker Screening

1.8 million U.S. airport workers have unescorted access to restricted areas, posing a potential insider threat. In July 2019, for example, an aircraft mechanic was charged with willfully attempting to damage an aircraft. Additionally, in August 2018, a ground services agent commandeered a small aircraft, which subsequently crashed. The Transportation Security Administration (TSA) has sought to mitigate such insider threats by conducting random physical screening of airport workers at mostly larger airports from 2007 to 2020, and at all TSA-regulated airports since 2020, and by requiring most airport operators to perform random worker screening, among other efforts.

NSA Issues Guidance on ‘Zero Trust’ Implementation: Advises Implementing the Model for Critical Networks Within National Security Systems

The U.S. National Security Agency has issued “zero trust” guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations. The new guidance issued Thursday describes some of the basic zero trust principles, such as “assume breach,” and lays down zero trust design concepts. It also describes threat scenarios and how organizations can prevent these attacks using the zero trust model. “NSA strongly recommends that a zero trust security model be considered for all critical networks within national security systems, the Department of Defense’s critical networks and Defense Industrial Base critical networks and systems,” the guidance states. “Adopting zero trust will enable systems administrators to control how users, processes and devices engage with data. These principles can prevent the abuse of compromised user credentials, remote exploitation or insider threats and even mitigate effects of supply chain malicious activity.”

Security operations center, Part 2: Life of a SOC analyst

In the first part of this blog series, we saw a brief overview of what a security operations center (SOC) is and how it operates. In this part, we’ll take a look at the typical activities that SOC analysts carry out every day to protect their organization from constantly evolving cyber threats and the skill sets that come in handy in effectively carrying out their duties. Who are SOC analysts? A SOC analyst is a trained professional whose main objective is to detect and mitigate cyber threats to an organization’s network. When an organization falls victim to a cyberattack, SOC analysts are the first to respond, usually with pre-planned security strategies that sometimes require improvising to mitigate the threat and to minimize the damage caused.

Attackers disrupting COVID-19 efforts and critical supply chains

Cyberattacks evolved in 2020 as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic, IBM Security reveals. In 2020 attackers were observed pivoting their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain.Europe felt the brunt of 2020 attacks – Accounting for 31% of attacks X-Force responded to in 2020, per the report, Europe experienced more attacks than any other region, with ransomware rising as the top culprit. In addition, Europe saw more insider threat attacks than any other region, seeing twice as many such attacks as North America and Asia combined.

Telework exposes U.S. government employees to increasing credential-theft mobile attacks

New Lookout Threat Report: 70% of government-focused mobile phishing attacks sought to steal credentials in 2020. Lookout Inc., provider of mobile security solutions, released its Government Threat Report, which examines the most prominent mobile threats affecting federal, state and local governments in the United States. Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities from outdated operating systems and risky apps.

Trade Secrets and the Insider Threat: Protection Beyond the Perimeter

The managers of most companies tend to see information security as a Lord of the Rings problem, with the focus on protecting the perimeter. This reflects the popular view. Indeed, from reading headlines about hackers, you might think that cybercrime –malign attacks from evil outsiders – represents the most common way that commercial information is lost. And you would be wrong. It’s not the overlooked vulnerability in the company’s firewall that gets exploited by determined external enemies. Instead, it’s the careless employee who overshares on social media, brags at parties, or leaves a sensitive document in an airport lounge.

This entry was posted on Monday, March 1st, 2021 at 2:48 pm. Both comments and pings are currently closed.