Eleven Advanced Cybersecurity Tactics for Courts

Previous blogs presented an overview of the grave threat cyberattacks present to the justice community and essential strategies and tactics for preventing them. This blog offers intermediate and advanced strategies and tactics suggested by the Joint Technology Committee in its resource bulletin, “Cybersecurity Basics for Courts.” The committee is a joint effort of the Conference of State Court Administrators, the National Association for Court Management, and the National Center for State Courts.

Cybersecurity Threat Advisory: BulletProofLink Makes Cyberattacks Easier

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Your Agency Experienced a Cyberattack — Now What?

MCP’s website is updated regularly with content pertaining to cybersecurity. So far, all of it has been focused on helping our clients prevent cyberattacks, or at least reducing their likelihood by the greatest extent possible. Of particular importance are the threat assessments that we regularly issue, and the “cyber chats” conducted each month by Mike Beagles, MCP’s director of technology and cybersecurity services, who is a certified Cisco CyberOps associate.

One of our clients recently suffered a significant cybersecurity breach that caused extensive damage to its networks and systems. (It’s important to note at this juncture that MCP is providing numerous services to this client, but none related to cybersecurity.) The city only discovered that it had been hacked when Federal Bureau of Investigation (FBI) agents visited its information technology (IT) department.

The FBI had been monitoring the dark web and found numerous indicators that something nefarious was happening. Digging further, aided by a white-hat hacker firm, they discovered that the cyberattacker not only had wormed his or her way into the city’s network infrastructure but also had been there for some time and had infiltrated many aspects of the city’s network. It was a very sophisticated attack that affected numerous organizations.

What to Expect When You Pursue a Career with Mission Critical Partners

Not only do our clients’ missions matter, so do the missions of the candidates interested in a role at our firm. Here’s what you can expect on your hiring journey as an MCP candidate.

At Mission Critical Partners, our people are the heart and soul of our organization. Every professional’s experience with MCP begins the moment they visit our website’s careers page and initiate their search for a potential role with our organization.

Step One: Indicate Your Interest and Stay Engaged

We look to build long-lasting relationships with A-players looking to join our organization. Your first question might be, “how does MCP define an A-player?” We seek exceptional candidates who are among the top 10 percent of professionals in their chosen field and who exhibit the firm’s core values—persistence, integrity, trust, accountability, and prudence.

Cybersecurity Threat Advisory: Disguised Windows Files and Documentation

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Today there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

Security researchers have discovered recent attempts by cyberattackers to infect machines with malicious Microsoft Word documents containing VBA macros and JavaScript — their goal is to plant a backdoor and create persistence. These documents are disguised as documentation or information related to the new Windows 11 Alpha release to entice users into interacting. The key recommendation to remediate the threat is to block the indicators of compromise (IOCs) identified in this advisory.

Cybersecurity Threat Advisory: Office 365 Zero-Day Attacks

Microsoft released a mitigation for a vulnerability that exists in the Windows 10 operating system that can be exploited against Office 365 and Office 2019. Identified as CVE-2021-40444, this vulnerability could allow attackers to execute arbitrary code on a device if exploited. Because Microsoft Office is used and trusted by millions worldwide, attackers potentially could launch very-large-scale attacks; accordingly, this vulnerability has a severity rating of 8.8 out of 10. Recommendations from Mission Critical Partners to prevent devices from becoming susceptible to this vulnerability are below.

9/11 Two Decades Later — Much Done, Much Still to Do

Saturday marks the 20^th anniversary of the terrorist attacks on the World Trade Center in New York City and the Pentagon, as well as the hijacking of a third commercial airliner that day, United Airlines Flight 93, which crashed in a field near Shanksville, Pennsylvania, after passengers confronted the terrorists. The attacks resulted in 2,977 fatalities and more than 25,000 injuries. It is the deadliest single incident for firefighters and police officers in the U.S., who respectively lost 340 and 72 members that day. It remains the deadliest terrorist attack our history.

Participate in the iCERT 2021 Data Integration Survey

Over the last 20 years, the public safety community increasingly has leveraged technological advances that enable better interoperability and data sharing. While decreased response times and increased situational awareness have resulted, there is still an opportunity for improvement. Many obstacles exist that prohibit complete end-to-end integration of data throughout the incident management lifecycle. Additionally, identifying the right data to be shared with the right person at the right time is essential to integrating data into the lifecycle. 

Essential Tactics for Enhancing Cybersecurity in Today’s Justice Organizations

In my previous blog on cybersecurity, I provided a high-level perspective on the cybersecurity environment for justice organizations today. I noted that the environment is worrisome — it is a virtual certainty that cyberattackers, at this very moment, are looking for a way to infiltrate your organization’s networks and systems.

But I promised a progression (crawl, walk, run) that you can employ immediately to quickly begin thwarting cyberattackers and protecting your networks and systems, as well as the critical data and applications that run on them. This strategy is based on industry best practices and thought leadership to which MCP has actively contributed.^[1]

Implementing a Cybersecurity Training Program is the First Line of Defense

Cybersecurity has become a huge problem for any organization that is operating networks and/or systems, but especially so for those in the government sector, particularly public-safety and justice agencies.

Are Cloud-Based Solutions Right for Your Agency?

A lot of people in the public safety/justice/public sector sectors are talking about cloud-based solutions these days. It is easy to understand why there is so much chatter because solutions that live in the cloud offer some impressive benefits. Here are just a few:

• Cloud-based solutions typically offer best-of-breed technologies and services
• Cloud-based solutions remove the maintenance and upgrade burden from the end user from a technology perspective
• Cloud-based solutions often make it easier to share resources regionally or even broader compared with siloed, on-premises solutions
• Cloud-based solutions typically offer enhanced resiliency and redundancy compared with on-premises solutions
• Cloud-based solutions often make it easier for agencies to transfer operations to another location in “bug out” scenarios
• Cloud-based solutions are easier and faster to scale —both up and down, based on the agency’s needs at any given juncture — compared with on-premises solutions
• Cloud-based solutions typically are more secure, because providers often have greater information technology and cybersecurity resources and assets to draw upon

Cybersecurity Threat Advisory: LockBit Ransomware

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.