In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories from the past week.

Cybersecurity

Joint Cybersecurity Advisory on Conti Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations. (See FBI Flash: Conti Ransomware Attacks Impact Healthcare and First Responder Networks.) In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment. 

To secure systems against Conti ransomware, CISA, FBI, and the National Security Agency (NSA) recommend implementing the mitigation measures described in this Advisory, which include requiring multi-factor authentication (MFA), implementing network segmentation, and keeping operating systems and software up to date.

Officials Urge Congress to Consider Fining Companies that Fail to Report Cyber Incidents

Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), testified in favor of taking the more hardline stance to encourage incident reporting during a hearing held by the Senate Homeland Security and Governmental Affairs Committee, which is considering bipartisan mandatory cyber reporting legislation. “I know some of the language talks about subpoena authority,” Easterly said, referring to the committee’s draft legislation. “My personal view is, that is not an agile enough mechanism to allow us to get the information that we need to share as rapidly as possible to prevent other potential victims from threat actors, so I think we should look at fines.”

Members of the Senate Homeland Security Committee jawboned over two major forthcoming pieces of cyber legislation during a hearing yesterday. 

  • A bill requiring companies in critical sectors to promptly alert the Cybersecurity and Infrastructure Agency (CISA) when they’re hacked — CISA would then share that information with other companies that might be in danger
  • And a full rewrite of the major law governing federal information security requirements and procedures

Physical Security

Thousands in Cash and Product Stolen in Victoria Cannabis Shop Heist

Security camera footage captured two people breaking into Pacificanna Victoria Jubilee in Victoria, Canada early Monday morning. The store’s Fort Street Location, opposite Royal Jubilee Hospital, opened just last month. Co-owner Darren Saunders says the thieves made off with a safe full of cash along with a large amount of varied cannabis products. According to Saunders, two people broke into the vacant building next door at approximately 5:30 a.m. on Monday. Saunders says they jimmied the vacant building’s back door, an area which is hidden from public view. Camera footage then shows the two burglars using an assortment of tools to break through a wall, creating an opening to Pacificanna’s storage space.

“They hit the wall in the perfect spot to be in our storage room, which was very suspicious.” noted Saunders. September is National Insider Threat Awareness Month and this incident certainly seems like the thieves utilized insider knowledge to pull off the heist so smoothly. All organizations are vulnerable to insider threat incidents, or those events in which a trusted insider misuses their official access to intentionally or unintentionally harm an organization. Utilizing this resource from CISA can help an organization identify insider threats, and build an insider threat program.

CISA Releases De-Escalation Resources

The De-Escalation Series follows the Employee Vigilance Through the Power of Hello to help critical infrastructure owners, operators, and staff identify and navigate suspicious activity or potentially escalating situations to safely dis-engage and report to local law enforcement or their organization’s multi-disciplinary threat management team.This four-product series was developed to help critical infrastructure owners, operators, and employees:

  1. Recognize the warning signs of someone on a path to violence; 
  2. Assess if the situation or person of concern is escalating, or if an emergency response is needed immediately; 
  3. De-escalate the situation currently taking place through purposeful actions, verbal communication, and body language; and 
  4. Report the situation through organizational reporting to enable assessment and management of an evolving threat, and 9-1-1 for immediate threats.

Retail staff continue to be put in stressful situations  due to ongoing disputes around vaccine and mask mandates. In addition, as cash based businesses, dispensaries continue to be heavily targeted in armed robberies, leaving front line staff to make difficult decisions. These resources should be considered when developing employee training programs.

Natural Threats

Sam Expected to Become a Major Hurricane

Sam is now a hurricane as it continues to rapidly intensify. At this time, it is still unclear whether Sam will affect Florida or any part of the United States. As of 5:00 AM AST (0900 UTC), the center of Hurricane Sam was located near latitude 11.5 North, longitude 42.2 West. “Sam is moving toward the west near 15 mph (24 km/h) and this motion is expected to continue through tonight.  A decrease in forward speed and a motion toward the west-northwest are expected over the weekend. Maximum sustained winds have increased to near 75 mph (120 km/h) with higher gusts. Rapid intensification is forecast to continue, and Sam is likely to become a major hurricane tonight or early Saturday.” Here is how the Atlantic hurricane season stacks up with long-term average seasons to date. See the most recent public advisory here.

Is The Worst Over? Modelers Predict A Steady Decline In COVID Cases Through March

The delta surge appears to be peaking in the U.S., and cases and deaths will likely decline steadily now through the spring without a significant winter surge, according to a new analysis shared with NPR by a consortium of researchers advising the Centers for Disease Control and Prevention. For its latest update, which it will release Wednesday, the COVID-19 Scenario Modeling Hub combined nine different mathematical models from different research groups to get an outlook for the pandemic for the next six months. The modelers developed four potential scenarios, taking into account whether or not childhood vaccinations take off and whether a more infectious new variant should emerge. The most likely scenario, says Lessler, is that children do get vaccinated and no super-spreading variant emerges. In that case, the combo model forecasts that new infections would slowly, but fairly continuously, drop from about 140,000 today now to about 9,000 a day by March.

Be sure to check back every Tuesday as we publish our Library Card Series where we highlight one of the resources available in our library!

Check out the latest blog highlighting issues important to cannabis security!

On