~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As the conflict in the Ukraine grows, US government officials report that economic sanctions targeting the Russian Federation have resulted in retaliatory cyber-attacks on the US homeland, and US entities.
Based on information from numerous open intelligence sources, it is expected that these cyber-attacks will continue to intensify in an effort to cripple our communities, and our nation economically.
The City of Fortuna saw a number of attempted cyber intrusions three weeks ago, in the form of email attachments which originated from a foreign source.
These emails were directed at our City by actors using foreign proxy servers.
We are confident that attachments are most likely some form of virus, or ransomware that would be activated when the attachment is opened.
These attempts were immediately reported to City of Fortuna officials, and the City’s IT provider, the Northern California Intelligence Center, the Federal Bureau of Investigation, and our partners in the four northern counties.
Samples of these attachments were saved and forwarded for forensic examination to these agencies.
The fact that these emails were addressed as originating from people on recipients’ contact lists indicates that security credentials on the system have been compromised.
The US Cybersecurity and Infrastructure Security Agency (CISA) reports that similar intrusion attempts have been reported recently, throughout the US, in an effort to cripple our country’s critical infrastructure (Financial, Food Supply, Health Care, Public Works, Water Supply, etc. systems.)
We encourage you to take the following steps:
◾Ensure that your software and operating system are updated regularly, and that security patches are installed on your machine(s).
◾Check the security and privacy settings on your computer and cell phone to ensure that the default settings (that usually allow information sharing with third parties) are set to the safest level.
◾Be extremely cautious of, or avoid using free applications, and outdated or unlicensed software.
◾Clean your computer of cookies and trackers regularly.
◾Disable auto-play on your devices, which allows programs to play or run as soon as the media devices get attached to the computer (this feature is turned on by default in Windows).
◾If you notice any unusual behavior of your hardware (computer turning on and off automatically, etc..), or anything that may seem minor at the time; please report it to CISA : https://www.cisa.gov/uscert/report.
◾Something seemingly minor may be a sign of something more serious that could easily, and rapidly spread beyond one computer.
◾Do not open any attachments that may seem the least bit unusual, even if it appears to come from a trusted source. Many recent malicious attachments have been sent out appearing to come from trusted contacts on recipients’ computer systems. If possible, call and verify that the attachment was sent by the person, and ensure that it is legitimate before clicking on any attachment.
◾Use trusted and up-to-date anti-virus software on your computer, cell phone, tablet and other devices.
◾Use a Virtual Provider Network (VPN) when connecting your phone, tablet or computer to public Wi-Fi (restaurant, coffee shop, hotel, etc.). Public systems may allow a third party to access your private information, including passwords.
◾Avoid connecting portable storage (USB drives, portable drives, etc..) from unknown sources. They could easily contain malware.
◾Be sure that you carefully read the address line of your browser to ensure that you are being directed to a legitimate site. Many times, cyber criminals use people’s impatience against them by creating sites that mimic legitimate ones by changing one character of the address line.
◾Hover over links before clicking (the actual address that you will be directed to will be found in the bottom left corner of your screen).
◾As always, be wary of anyone asking for immediate payment from you, especially if the call or email is unsolicited (you didn’t contact them first).
◾Be sure to share information about any suspicious emails, or attempted computer intrusions with friends, business associates and law enforcement.
Responses