Experts offer tips for improving election security | News


Political candidates and elections are increasingly being targeted by foreign and domestic adversaries, according to presenters at the virtual USC Election Cybersecurity Initiative Regional Workshop on Thursday.

The symposium — which was hosted by the University of Southern California with a regional focus on Montana, North and South Dakota, Utah and Wyoming — discussed the impact of disinformation and misinformation, as well as threats to state and federal elections. Cybersecurity experts offered tips to candidates and election officials for improving election security.

Citing recent attacks and ransom demands on a growing list of businesses, hospitals and other institutions, Clifford Newman, professor and director of the USC Center for Computer System Security, said there are four ways that bad actors attempt to disrupt elections: voter manipulation, discouraging or preventing voting, manipulating vote tallies and creating distrustful outcomes, such as with the 2020 election.

Newman said manipulating vote tallies is actually very hard to do, and despite claims to the contrary that outside influences had hacked some of the electronic voting systems, the Department of Justice and Homeland Security found no evidence that foreign adversaries had prevented voting, changed votes or disrupted the ability to tally votes or to transmit election results in a timely manner.

However, Newman pointed out that they did find evidence of “Russian, Chinese and Iranian government-affiliated actors materially impacted the security of networks associated with or pertaining to U.S. political organizations, candidates and campaigns during the 2020 federal elections.”

Despite the general consensus by these agencies that no votes were manipulated through the hacking of electronic voting machines in Wyoming or elsewhere, many voters pushed back on this assertion, particularly in the wake of My Pillow CEO Mike Lindell’s 72-hour symposium in August that asserted voting machines were responsible for stealing the election from former President Donald Trump. To date, there has been no conclusive proof to support these claims, although there are legal challenges still…

Source…

Iran says cyberattack on gas stations meant to ‘disrupt lives’


Massive cyberattack on Iran’s gas stations on Tuesday created shockwaves.

A day after a massive cyberattack disrupted the country’s fuel distribution system, Iranian President Ebrahim Raisi called for robust measures to “anticipate and prevent” such attacks.

Addressing a Cabinet meeting in Tehran on Wednesday, Raisi said the aim of the attack was to “disrupt people’s lives,” adding that preventing such attacks is essential.

He also urged the Oil Ministry to take necessary action to “compensate people” for the disruption caused by the attack.

After the meeting, Raisi accompanied by other senior officials visited the ministry to review a probe into the attack and its causes.

The attack took place around 11 am on Tuesday, causing widespread disruption and chaos at gas stations across Iran. It targeted the software that supports a smart card payment for subsidized fuel, used widely in Iran.

Initially, officials attributed the malfunction to “technical glitches”, but hours later it was confirmed to be a high-intensity cyberattack.

No group has so far claimed responsibility for it. Importantly, the attack came on the heels of the anniversary of November 2019 protests in Iran over fuel price hikes.

Without naming anyone, Raisi said attempts are being made to make people angry by sowing disorder and disruption.

“The purpose of this action was to disrupt people’s lives so that they can achieve their specific goals,” he asserted, without elaborating.

Raisi said Iran must be “fully prepared” to deal with cyber warfare and to “prevent the enemy from creating problems” in people’s lives.

Iran has been hit by a series of cyberattacks in recent years, mostly targeting nuclear facilities, petroleum factories, railway stations, and ports.

Officials have on many occasions blamed Israel for the attacks.

Source…

“Unified Technology Solution” – An InfoNetworks Service that Delivers Managed IT & Network Security Plus Voice and Internet Solutions


LOS ANGELES–(BUSINESS WIRE)–InfoNetworks today announced a new and unique service called “Unified Technology Solution.” Promoted as the answer to fill an existing void in the marketplace, InfoNetworks’ Unified Technology Solution offers businesses managed IT services, complete network security, voice and telephony services, and connectivity via a complete package from a single provider.

For more than a year, businesses worldwide have faced unprecedented global events that are dictating policies and procedures. Companies have necessarily cut key budget items, face new challenges, and manage their businesses with reduced workforce. Many of these organizations have been tasked with creating remote infrastructure to help mitigate the ever-changing landscape and support work-from-home or hybrid work environments.

InfoNetworks’ Unified Technology Solution is designed to address these challenges with an all-inclusive platform that allows employees, managers, and executives to stay connected and secure both in the office and remotely. InfoNetworks’ data connections support the added influx of traffic to the office while the included cloud-based PBX allows for extensions to be accessible via mobile device or laptop. The Unified Technology Solution network supports a mix of Desktop, Softphones, Teams, SIP and PRI interfaces. All technologies are managed by InfoNetworks’ experienced Technical Support and Network Engineering Teams and are monitored 24 hours a day, seven days a week by the watchful eye of CyberSecure(SM), an advanced Network Security Software capable of locking-down up to 500,000 end points.

“Our Unified Technology Solution is a four-pronged approach,” said Bruce Hakimi, Senior Executive at InfoNetworks. “By delivering Managed IT, Network Security, Voice and Data under one source, we can maximize the efficiency and productivity of any organization.” He further explained: “By being able to oversee all network elements from the data connection to internal Local or Cloud based Network, InfoNetworks has the advantage of acting and resolving issues quickly without having to wait for other vendors.”

Although some data carriers may offer a…

Source…

Cohesity beefs up ransomware and disaster recovery offer


Data protection specialist Cohesity is to add further services to its Data Management as-a-service portfolio, with a heavy emphasis on security and in particular the threat from ransomware.

Generally available is Disaster Recovery as-a-service, which enables customers to failover to a pure cloud secondary site, although there are limitations.

In public preview is Data Govern, which uses artificial intelligence (AI)/machine learning to automate discovery of sensitive data and detect anomalous access and usage patterns that could indicate a cyber attack in play.

For release “sometime next year” is Fort Knox, aimed at combating ransomware threats, and in which a tertiary copy of customer snapshots are held in the Cohesity Helios cloud on AWS to allow for an isolated copy of data that can be recovered and upon which testing can be carried out.

The additions form part of Cohesity’s Data Management as-a-service set of offerings, which represent the company’s transition towards a software- and cloud-driven strategy for its data-protection products.

In targeting the threat from ransomware, it is addressing a huge current concern, alongside storage players such as Pure Storage and Vast Data that have also brought out snapshot-based methods of data protection via isolation and immutability.

Cohesity was among the pioneers of marrying backup functionality with scale-out hardware reminiscent of hyper-converged infrastructure to provide an integrated and tested backup and secondary data environment that can be grown in grid-like fashion by adding compute and storage nodes.

Cohesity already had SiteContinuity, which allowed for disaster recovery between two existing customer datacentres.

Disaster Recovery as-a-service allows customers to failover to the Cohesity cloud. Currently, this will be for VMware environments, which will failover to AWS EC2 instances. Kubernetes support is in the pipeline.

Obviously, customers will be limited in what they can failover to the cloud, but that is to be expected and it will allow for disaster recovery for important parts of an organisation’s workloads.

Chris Wiborg, marketing VP at Cohesity, said: “If companies have been around for…

Source…