Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business

Double Pain for Unemployment: Stolen IDs + Income Taxes. As states rushed to provide additional unemployment benefits at the beginning of the COVID-19 pandemic, bad actors weren’t far behind. They made use of stolen Social Security numbers and other personal identity information, available online, to register for unemployment under the names of others, with checks sent to the hackers. Krebs on Security reports that “Countless Americans will soon be receiving notices from state regulators saying they owe thousands of dollars in taxes on benefits they never received last year.” Providing an example of how serious the problem is, Krebs reports: “Hackers, identity thieves and overseas criminal rings stole over $11 billion in unemployment benefits from California last year, or roughly 10 percent of all such claims the state paid out in 2020.” The U.S. Internal Revenue Service has posted guidance, urging taxpayers who receive forms 1099-G for unemployment benefits they didn’t actually get because of ID theft to contact their appropriate state agency and request a corrected form.

Security Operations Centers Need More Skilled Security Staff. Many organizations have opened new, or expanded existing, security operations centers (SOC), but a new study shows that their efforts are being adversely impacted by a lack of highly trained security personnel. An article in BetaNews reports: “The SOC Skills Survey from training platform Cyberbit reveals that just 33 percent of respondents feel that HR understands the requirements needed to work in a cybersecurity team.” The survey found that SOC teams are only about 50 percent prepared across the entire range of skills needed. Least prepared are intrusion detection (55 percent unprepared) and network monitoring (58 percent unprepared). The article notes: “To benefit SOC team building and skills in future, Cyberbit advises organizations to specifically focus on improving recruiting processes, upskilling the existing workforce, and upgrading current training and assessment practices.”

“World’s Most Dangerous Malware” Botnet Taken Down. That’s some good news from Europol, the FBI, and the UK’s National Crime Agency. ZDNet reports on the international cooperation between law enforcement agencies to disrupt what Europol describes as “The world’s most dangerous malware” and “one of the most significant botnets of the past decade.” The Hacker News, describing why the Emotet infrastructure, which served as a door opener for computer systems on a global scale, was considered such a huge threat, quotes Europol as saying: “What made Emotet so dangerous is that the malware was offered for hire to other cybercriminals to install other types of malware, such as banking Trojans or ransomware, onto a victim’s computer.”

Legal and Insurance Firms Targeted by TrickBot. CSO Online reports that the TrickBot botnet, which uses malicious links in emails, is being used to target legal and insurance companies. CSO Online writes “Despite the security industry’s efforts to disrupt the TrickBot botnet, its operators are trying to revive it with new infection campaigns. The latest one, observed by researchers this month, targeted legal and insurance companies.” Last October, Microsoft used legal action to seize many of the domain names that were used to operate TrickBot command-and-control servers and then worked with other security vendors and ISPs to take control of them, and put them out of service. So, it was disappointing—though perhaps not surprising—to see it reemerge. This underscores the need for ongoing employee education, as the botnet is launched by tricking users into clicking on a URL that enables infection.

“2020 Marked a Renaissance in DDoS Attacks.” That’s the headline in Dark Reading, for a story on cybercriminals ramping up “one of the oldest attack techniques around.” The story notes: “Distributed denial-of-service (DDoS) attacks have been a staple of adversary toolkits longer than perhaps any other attack technique. Yet it’s popularity among cybercriminals shows no signs of abating. In fact, 2020 witnessed what some vendors are describing as a renaissance of the venerable attack technique. Amid major changes fostered by a global pandemic, cybercriminals deployed more DDoS attacks against more organizations in more industries than any time before.” An unfortunate development is the emergence of extortion attacks, in which organizations are threatened with DDoS attacks unless they make a payment to bad actors.

Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. Pownall serves on several boards and committees and has a strong affiliation with various education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He serves as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnerships.