Intel analyst warns emergency responders about school and cybersecurity threats • Alabama Reflector | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

An intelligence analyst told members of the state’s Homeland Security Task Force meeting Tuesday about information available for officials to address cybersecurity threats.

Rachel Salter, an intelligence analyst with the Alabama Fusion Center, briefed members of the committee about information they are collecting for threats and incidents at schools, telling them that incidents are not isolated to Alabama’s urban centers, but happen throughout the state.

“This is nice to see the hotspots,” Salter said. “But it is not just a Montgomery problem, and it is not just a Mobile problem.”


She told attendees that schools throughout Alabama deal not only with swatting calls but with incidents involving angry students making plans to disrupt school operations. Salter provided a high-level overview of the trends using a dashboard that tracks incidents at different schools based on reports made by school officials or on social media.

Salter said Fusion Center staff compile the information and generate a monthly report that is made available to the public. Staff provide an overview of the threats and report significant events during the previous month or anticipated future threats based on the analysis.

Salter also provided attendees with a synopsis of the current cybersecurity threat environment. Most of the warnings are based on incidents that many already understand, such as phishing attacks that attempt to get into systems through links emailed to unsuspecting victims.

“With advancements in AI, they are getting at crafting phishing emails,” Salter said.

Ransomware has also been a persistent issue that organizations have had to deal with, but aside from emails, attackers are moving more to making threats on social media sites and through text messages.

They have also been more nuanced in their attacks, targeting those who are more high level in organizations hoping to gain more expansive access and more secretive access.

Many attackers have also expanded the attacks using the same incident. Not only are they demanding ransom from an individual, but they are also collecting information and blocking access to it.

Attackers are also sending information to constituents, Salter said, urging them to convince leaders within the organization or public agency to pay to release the information.


Click Here For The Original Source.

National Cyber Security