State and local Archives

Hackers posing as members of the U.S. Computer Emergency Readiness Team are emailing feds using the bogus sender address SOC@US-CERT.GOV, according to federal officials.

The real U.S. CERT -- we think -- issued an alert saying that today it began receiving reports of a phishing campaign that uses spoofed US-CERT email addresses to apparently target federal, state, and local governments, as well as many private sector organizations. The fake messages contain an attachment, but the alert does not say whether the file is malicious or what it does to a person's computer. Phishing emails typically install viruses when opened or they direct users to enter personal information for a seemingly legitimate, but actually fraudulent, purpose.

According to the real US-CERT officials, the subject of this message is "Phishing incident report call number: PH000000XXXXXXX." The name of the attachment is "US-CERT Operation Center Report XXXXXXX.zip," with the "X" possibly indicting a random value or string. The attachment executes a file with the name "US-CERT Operation CENTER Reports.eml.exe."

The instigators also are using other invalid email addresses, according to officials.

The alert advises that computer users immediately delete the email without opening the message or any of its attachments.

Criminals and U.S. adversaries are usually blamed for such attacks. Last week, an Internet security researcher reported that China-based attackers have been sending federal agencies and contractors infected emails about drones apparently to spy on U.S. intelligence matters. That phishing campaign used email addresses from military and other government organizations, said AlienVault Labs manager Jaime Blasco, who was not at liberty to specify the addresses.

Part of the government's push to tighten cybersecurity is to educate the public and to increase awareness - like federal agencies did to boost the use of seat belts and the "Only You Can Prevent Forest Fires" campaign.

Purdue University seems to have received the memo. It's organizing a panel discussion on "Our Shared Responsibility" for cybersecurity. The discussion is scheduled for Oct. 20.

From the announcement of the panel:

According to Purdue Calumet Assistant Director for Information Security and Assurance James Pardonek, better understanding is necessary of how individual actions can collectively affect cyber security and internet protection.

Federal agencies maintain a lot of personal information on their computer networks and systems, but it's actually state governments that are the "custodians of the most comprehensive collection of citizens' personally identifiable Information," according to the National Association of State Chief Information Officers. And yet, 79 percent of state cybersecurity chiefs report stagnant or cut budgets, despite an increase in internal and external threats.

NASCIO and Deloitte conducted a survey of states chief information security officers -- 49 of which responded. Here are some of the findings:

• Between 2009 and 2010, 46 percent of state CISOs saw budgets decrease; 33 percent said their budgets remained the same.
• 11 percent of respondents said 0 percent of the department's IT budget is allocated specifically to information security; 50 percent said 1 to 3 percent is.
• When asked to identify the major barriers in addressing information security, 88 percent pointed to lack of funding. Fifty-six percent pointed to the increasing cyber threat, and 40 percent to inadequate availability of security professionals.

"Many state CISOs lack the visibility and authority to effectively drive security down to the individual agency level," said Srini Subramanian, director of Deloitte's state government security and privacy services. "At the federal level, the president has recognized the critical nature of the problem and appointed a cybersecurity coordinator to address it. It's imperative that governors and state legislative leaders make cybersecurity a priority."

The following item was written by Jill R. Aitoro.

You think metal detectors, you think enhanced security. If someone's got a gun, it will set off the alarm and he or she won't be able to enter.

Not in Texas.

According to an AP story posted by countless media outlets, including Washingtonpost.com, a loophole in a new security procedure allows those with a gun permit to bypass the lines for metal detectors at the entrance of the Texas Capitol building.

The metal detectors were installed earlier this year after a man fired his gun outside the doors of the main entrance. Soon after, a separate lane was created so those carrying guns could enter without having to show their weapons. (This complies with Texas law that allows people to carry a gun if they have a permit and keep it concealed.) Holders of gun permits simply have their licenses scanned and place their bags -- sans gun -- through an X-ray scanner. An actual gun is not required to get to the front of the line, only a permit stating that you have the right to carry one, should you so choose.

The result?

"Everyone from lobbyists to lawyers and journalists is rushing to get permits to carry guns inside the Texas Capitol," the article reports.