Louisiana's governor declares a state of emergency in response to a developing cyber attack affecting several school districts. Join Ivanti CISO Phil Richards as he shares:
-A breakdown of the anatomy of the attack
-Best practices for limiting your risk
-How to develop an emergency response plan
-Advice for both IT security and non-IT security professionals
1. WEBINAR: Update on Louisiana
Cybersecurity State of Emergency
Phil Richards – Ivanti CISO
Chris Goettl – Director, Security Product Management
2. What We Know: Louisiana Cybersecurity State of Emergency
“Severe, intentional cybersecurity breaches” in three northern
Louisiana school districts
In one case, virus knocked out district’s phone system
Governor declared State of Emergency on July 24th
Significant risk that the threats were ongoing
3. What We Know: Louisiana Cybersecurity
State of Emergency
• Fourth district noticed “unusual
activity”
• Shut down email and phone lines as a
precaution
• Support crew is assisting the district
• State has sent a self-assessment tool
to all school districts to determine risk
level
• Other districts are backing up records
as a precaution
• “Some security issues and some data
loss”
• Not all had a ransom request
• Similar incidents in AL and GA
4. But the threat extends beyond schools in Louisiana…
Cyberattackers strike fourth Louisiana
school district, Tangipahoa Parish,
others taking precautions
Baltimore Does not Pay Ransomware,
Hackers Leak Sensitive Data on Twitter
(Total cost already exceeds $18 Million)
Another Florida City Pays
Ransomware Attack ($500k and $600k
Ransoms Paid)
Government Networks Are Under Cyber
Attack: Here’s How Cities, Agencies
Can Fight Back
5. Advice for IT Security Professionals
Patching
Ensure OS and third-party apps are up to date
All critical patches for Flash, Java, browsers and Microsoft apps
User education on Phishing/Spam emails
Try periodic drills that provide immediate feedback when users click on a
link
Privilege Management
Minimize privileges but maintain productivity
Privileged user access rights are less than effective
Effective access control
6. Prevention vs. Response
Districts are focusing on response
Taking a lead from the Governor’s office
From Homeland Security Today
1. Investment in the right people
2. Adequate asset management
3. Orgs must get their core controls right
CIS Framework
9. Seattle woman charged with stealing data from more than 100 million
credit applications
US: 140,000 Social Security Numbers; 80,000 bank account numbers
Canada: 1 million Social Insurance Numbers
Accused is a former AWS employee and allegedly bragged about the
hack on social media and Slack
The accused had other files indicating other companies may have been
compromised