News Local News Regional News Daily Docket Top Story Maryland state agencies threatened by cyberattacks ANNAPOLIS — Maryland government entities have suffered at least six cyberattacks since the beginning of 2013, according to incident reports fr…posted: April 20 Comments (0) rss More headlines Man pleads guilty, gets probation & registration in molestation case County police bike patrols begin this week Christians celebrate Easter with sunrise service North East Cross Walk tells the story of Christ's death Your Voice Sports High Schools Cecil College Colleges Professional Youth Top Story GOLF: AGAINST ALL ODDS | Hard works leads Eagles' Mayse to Le Moyne Prior to her junior year at Bohemia Manor, Ashley Mayse had never played a round of golf in her life, nor did she have any intention to do so.posted: April 20 Comments (0) rss More headlines WOMEN'S SOCCER: To decide future, Eagles' Brooks pays tribute to past SOFTBALL: O'Neill, Seahawks walk off with softball sweep LOCAL ROUNDUP: Albright, Seahawks sweep conference doubleheader Local Sports Schedule for Fri, April 18-Sat, April 19 Obituaries Opinion Columns Editorials Letters Blogs Top Story Got Putin, yet? WASHINGTON — The new "agreement" between Russia, the U.S. and our allies is exactly what the former KGB agent ordered.Updated: 8:21 pm Comments (0) rss More headlines Secession, a tournament for GOP Thank you, Dr. Hanlon Regulatory overkill All thumbs Features Diversions Features Section Our Cecil Calendar Business Cecil People History People Anniversaries Births Divorces Engagements Have You Heard Service Students Weddings Marriage Licenses Top Story Aberdeen teen named Md. Boys & Girls Club 'Youth of the Year' ABERDEEN — Selected among 10 outstanding youth, Zayrron Blake, Sr. Picasa 2. ANNAPOLIS — Maryland government entities have suffered at least six cyberattacks since the beginning of 2013, according to incident reports from the Department of Information Technology. The heavily-redacted reports, obtained by Capital News Service through a Maryland Public Information Act request, reveal that data-hungry hackers and scammers aren’t only going after retailers like Target and Neiman Marcus — they’re targeting state agencies. “Our government doesn’t move as quickly as the private sector ... and the private sector isn’t moving as quickly as it should be,” State Sen. Catherine Pugh (D-Baltimore) said in an interview. The report said a phishing scam that hit the Department of Labor, Licensing and Regulation affected “more than 100 users,” and two other incidents affected an estimated “more than 10 users. Elliot Schlanger, the state director of cybersecurity, said specific numbers of affected users are often difficult to pin down, particularly with phishing attacks. Phishing involves sending a large number of emails asking for sensitive information, like passwords, under the guise of a legitimate sender. One listed incident involved the Maryland State Police in September. Last year, the police were bombarded with thousands of gun applications ahead of incoming stricter firearm laws. To reduce the massive backlog, volunteers from the departments of Health and Mental Hygiene, Transportation, Public Safety and Correctional Services, Human Resources and Juvenile Services offered to help out with data entry, according to a police press release. According to a National Rifle Association press release, some state agencies’ computers were not adequately secured to handle gun applications, which include sensitive information. Elena Russo, director of the police’s communications department, said the incident on the Department of Information Technology report was merely a notification of a potential security risk. “It was not a security breach, it was not a cyberbreach, there were no hacks and no data brought forward by the Maryland State Police,” she said. Similarly, Maureen O’Connor, director of media relations for the Department of Labor Licensing and Regulation, said that no personnel data was stolen in a phishing attack on her department. However, a malicious program known as a “ransomware” encrypted department information, demanding that money be sent to a specific account to unlock the data. The attack began when an employee ignored a department-wide warning not to open a suspicious email. O’Connor said the malware was eliminated and the data restored within five days. The document also said that three Department of Human Resources servers were attacked on Oct. 22. Brian Schleter, director of communications for the agency, said the attack was launched on a department website used to post press releases. No data was compromised. The proposed budget for fiscal year 2014 notes that no “substantial disruptions” of state network services have occurred since 2011, when records of disruptions began. The state has taken steps to teach its employees about best practices in cybersecurity. In February, Isabel FitzGerald, secretary of the Department of Information Technology, told the House of Delegates that the department had begun monthly cybersecurity training courses for more than 40,000 state employees and contractors. “They endeavor to make sure all the employees of all the agencies are aware of the possibilities of attacks,” said O’Connor, who has taken the course. The state’s vulnerabilities aren’t new. The Office of Legislative Audits has outlined weaknesses in several agencies’ cybersecurity plans over several years. An audit of the state police from February 2009 to December 2011 found that some servers that guarded personal information, including about 176,000 Social Security numbers, were insufficiently secured. In a March 2013 response to the audit, the police insisted the auditors misunderstood a security measure, and personal information was secure. The audit also found that police networks lacked systems designed to detect intrusions. The response said that those systems were added after the audit. Similar audits found more cyber vulnerabilities in the departments of Labor, Transportation and Education as well as the State Archives. Pugh aimed to promote state cybersecurity even further during the recently-ended 2014 legislative session. She authored a bill to adopt an overarching cybersecurity plan based on a similar document published by the National Institute of Standards and Technology. The Senate passed the bill unanimously, but it died in the House of Delegates in committee. Pugh said the bill arose out of concerns for the state’s long-term condition, citing the growing amount of information that state entities and contractors transfer online. A 2012 hack into South Carolina records that exposed 3.6 million tax returns, according to the South Carolina Department of Revenue, encouraged her to make sure Maryland didn’t suffer a similar fate. “If this can occur in other states, it can occur here,” Pugh said. While the Department of Information Technology’s information security policy currently encourages following National Institute of Standards and Technology recommendations, Pugh said that her bill would have given state departments incentive to ensure they were actually following best practices. Costis Toregas, a computer science professor at The George Washington University, warned that the government reports may not tell the full story. He said that there are “probably hundreds of thousands” of attempted attacks on Maryland agencies every day that don’t get public attention. “We penalize people for coming forward and saying something bad happened ... there’s no sharing of information happening,” he said. According to state information technology policy, agencies do not need to report viruses or malware that have been automatically thwarted by anti-virus software. The Heartbleed security bug, first discovered on April 7, also may have a serious impact on government operations. The bug is a vulnerability in OpenSSL, a security protocol used to protect information on about two-thirds of all web servers, according to the technology website Ars Technica. Hackers can exploit the bug to steal passwords and other sensitive information. Toregas said even if they aren’t vulnerable to Heartbleed on their own, state agencies could still be seriously affected by it if they interact with vulnerable businesses. “We live in an interconnected world. At some point the government will come into contact with a commercial entity on the web,” Toregas said. “We've become too interconnected to draw a rigid line between commercial [and government entities]. Schlanger said after the Heartbleed outbreak, the Department of Information Technology shared strategies to deal with the bug with state information officers, some of which may have affected users. He added that the department would continue to keep tabs on potential fallout from the bug. “Continuous monitoring of the cyber threatscape is one of the fundamental tenets of our cybersecurity program,” Schlanger wrote in an email. The Department of Information Technology report also included four incidents that were not cyberattacks, in addition to the police’s risk warning. These included a stolen computer, a former employee sending an email from another’s account, and an employee’s home computer being infected with malware. What the phishers and would-be hackers were looking for in state agency computers remains a mystery. Mark Cather, director of communications and security at the University of Maryland, Baltimore County, said they were likely seeking employees’ personal information “because they can turn identities into cash. Hackers might also have tried to use government computers as a resource, utilizing their processing power to crunch numbers or launch further attacks, Cather said. He added that some may have sought trade secrets or other information worth selling, but it was unlikely because few state agencies make anything with patents or trademarks that would be worth selling. Regardless of their objectives, hackers aren’t going to leave state agencies alone anytime soon. Pugh hopes that legislators will take a more active role in promoting cybersecurity. “I look at the government from the perspective of a business,” Pugh said. “... What do want the state to look like three years from now? I don’t think we do enough of that kind of thinking and planning. Posted in State news on Sunday, April 20, 2014 8:08 pm. Rules of Conduct1 Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.2 Don't Threaten or Abuse. Threats of harming another person will not be tolerated. AND PLEASE TURN OFF CAPS LOCK.3 Be Truthful. Don't knowingly lie about anyone or anything.4 Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.5 Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.6 Share with Us. We'd love to hear eyewitness accounts, the history behind an article. Welcome to the discussion. openID aol Need an account? Create one now. © Copyright 2014, Cecil Daily, Elkton, MD. Powered by BLOX Content Management System from TownNews.com. Screen Name or Email Password Forgot? Screen Name or Email Now I remember! Or, use your linked account: facebook google yahoo openID aol Need an account? Create one now. Hand signals for military riot control Bloons tower defense 4 not blocked at school G: vestibule (bartholin s glands A193 b7 allowable stress Diy haircut diagram How to tie moccasins with pictures Membuat program dari vb dengan database mysql Free cute dinosaur pumpkin stencils Thank you message for retirement gift Coloring pages of siver Jean s phj Marketing mix modeling example Alcohol and arrhythmia Free credit report class action lawsuit How to get free microsoft points doing surveys Georgia weed types pictures Nathan kress with no shirtathan kress with n Nonfiction reading passage Gymnastics pictures spread Download free itunes gift card generator Debby ryan bending down Sophia lares spreadophia lares spread Happy anniversary mom and dad poems Fox racing beddingox racing b Does funky monkey show up in a drug test Brunswick bowling birthday Lowrider clown girl Vancomycin and protonix compatability Do not go gentle alexie Cute wanted posters Mantee arrest inquary Cute personalized tumblers with lid and straw Cojiendo con mama porno Examples of process analysis paragraph How to find your router ip qwestow to find your router ip qwest Blank football formation form Yoville pictures How to extract adderall from generic ir Paychex eservices forgot password Printable stencils branches Amitriptyline getting high Helpful bulimia tricks Free crochet patern for baby cocoons Cojiendo co mi prima videos gratis Progress monitoring plan template Goddaughter moving away gift What are the answers to the nims 200b test Diluent for amphotericin b bladder washout Vocabulary workshop level g review unit 1-3 answers Emotions faces french Apa format sample paper 2006 impala blend actuator programming Funny way to say happy birthday on facebook Purge system restore files Google rosas sorprendentemente bellas para descargar Kindergarten printable number bingo cards 1 -20 Sample resume adjunct college instructor Lupita manana unit plan Acrostic poem in german Jeans full of poop Mitchell sd mall Dollar general grant printable Www.general dollar application Natalie oxley nude Mistress taylor nyc Storage locker designs 2 guys 1 hourse video Kumpulan cerita seks sedarah Motorcycle dress up Best glory holes in las vegas Flowers names in haiti Bible black second sacrament belly inflation Easy friendship bracelet patterns Doctor who colouring pictures to print Que pasa si tomo 2 diazepam Myspace nazi symbol Nba 2k12 hacking tool Ascp certification for phlebotomists practice test free Data entry words per minute test National guard family programs reunion Neonatal nursing diagnoses I masturbated with my mom Sample phrase for performance appraisal for nurses Miley cyrus pants pulled down Julri waters galleries Funny pickup football team names Tr.i.p tattoo on back Bideos de mamas cojiendo con sus ijos Glwiz promo code Florence guinness blake Fotos de ni as desnudas Blackberry pictures dirty Order phentermine oval a Lifesize ruler superhero machine Happy birthday ascii code Make a cool cd case Clever usernames for dating websiteslever usernames for dating websites Managerial accounting homework solutions Tfree phone chat line california One day membership at costco Oxycodone hcl 5mg wholesale 512 Love making drawings True fact animal poem Free narrative essays How to tell which question you got wrong in your hesi a2 Templates for good conduct certificate Lesco spreader letters numbersesco Fake diploma generator Promethazine codeine price per ounce Touch math worksheets free Hotmail inbox hotmail email Teaching plan for diabetes mellitus example Pharmacy technician lear more need to know faundation Interview with aventura Lisa s on ice road truckers husband Sample letter of authorization to act on my behalf to get my birth certificate Pinoy henyo jokesinoy henyo jokes Verizon upgrade early Lintels and dogs Hooded fleece poncho tutorial What is bridget mendlers bra size Sample questions for geico analytical test Mitchell county ga sheriff Metoprolol side effects dry eye Convince exfirlfriend ballbust Mom son wagon sat story Indian women as escort in united states Sock bunny pattern Huge dog knot True sorority initiation stories We are moving templates Dilantin and phenobabital combination epilepsy Will i get pregnant on clomid Display name symbols for facebook Pictures of longest clitoris Ava cowan age Can you inject percocet 30 mg Dedication worship responsive readings Good truth or dare questions dirty online Tvegas scavenger hunt lists Ar code for an awesome pokemon team for platinum Women giving dogs a hand job Bideos you tube Narative text fable Capricorn men like bed - aries man temperament Standard t slot cutter Naruto demon images Lazy town porn parody Goodbye quotes for coworkers Susan and mary test hetia Sadlier oxford vocabulary workshop new edition level f answersandlier oxford vocabulary workshop new Determination of enantiomeric purity of naproxen Tcostco cakes order End senior year quotes Vocab workshop level g review units 4-6 answers Lazy town henatai Tturning 21 then and now invitations M1 carbine for sale Networking games questions to ask group Bad ass pumpkin stencils Down payment samples Blank translation for dominican republic birth certificate Business analyst resume pharmaceutical domain Funny accounting team namesunny accounting nab Cojiendo mi hijastra Azithromycin 250 mg oral tablet Oxycodone hydrochloride vs codein Cover letter mortgage Tred lobster coupons groupon Note home to parents template Good morning texts to boyfriend How does adderall affect your reproductive systemow does adderall Malarkey vs gaf elk Anyone lose weight with halsa mat Best 21st birthday facebook status Oil field jobs in texas entry level Mamas teniendo sexo ninos Sisters in zibu Letter for best friend on her birthday Cool friendship bracelet patterns Housekeeping resume Free printable owl mask template Got blister on nose from blowing to much Face book sympbol wwed leaf How to spy into a shower Facebook quotes about ex husband Blade yiffy comic Sample of cover letter dental assistant not having any job experience Debby ryan burpingebby ryan burping Leanmuscle vigrx combination Swapping with male Queen pizza house dressing Words encouragement breast cancer patient Girl has public orgasm Last blood trailer Are posterior lymph nodes visible in teens Professional development plan for teachers Can you take advil pm with adderall Cheats for gta san andreas on spanish Food lessons for david and goliath
留言列表
