In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories relevant to the cannabis industry.

Natural Events

WATCH: Tornadoes Tear Apart Oklahoma Cannabis Farm

Multiple tornadoes ripped through Oklahoma on Wednesday. Authorities have yet to report any injuries, however a KOCO news helicopter did capture footage of a twister tearing up the cannabis greenhouses at Imagination Farms in Maud, Oklahoma.

Last fall we wrote a blog about Ready Business’ Severe Wind Tornado Toolkit. We encourage all cannabis organizations that operate in areas that are prone to have tornado activity to review the toolkit and develop action plans.

CISA 2022 Hurricane Season Preparedness Webinar

The Cybersecurity and Infrastructure Security (CISA) 2022 Hurricane Season Preparedness Webinar is scheduled for 01 June from 10am – 11:30 am ET. This webinar will focus on providing awareness of CISA’s role and resources in hurricane preparedness and response activities associated with systems that make landfall on the continental U.S. or U.S. territories. It will also feature presentations from the NOAA Liaison to the National Operations Center and FEMA’s National Business Emergency Operations Center. Presentations will be provided from:

  • NOAA Liaison to the National Operations Center
  • Divisional Representatives from CISA
  • FEMA National Business Emergency Operations Center

There will be a Question & Answer Period following the presentations.

For those organizations that are still developing or updating hurricane plans, the Ready.gov Business Hurricane Toolkit may be a useful reference.

AccuWeather’s 2022 U.S. Wildfire Forecast

The number of wildfires and burned acreage across the western United States is already well above normal ahead of the unofficial start of the season, and AccuWeather forecasters say it’s just a precursor to another intense wildfire season ahead. A dry winter across most of the western U.S. has set up the region for an intense wildfire season, though the last-minute snowfall in one state may prolong major fire threats until later.

By May 3, 2022, wildfires had already burned over 1.1 million acres, more than twice the number by that date in 2021. While there’s no official start to the wildfire season in the West, the unofficial season typically runs from May to October, with the Southwest monsoon kicking in around the end of August.

A peer-reviewed study published earlier this year found that between 2002 and 2018, the wildfires that have scorched the Pacific Northwest were altering the seasonal pattern of air pollution and causing a surge in unhealthy air pollutants in August. The researchers highlighted the increase in carbon monoxide levels during the month — a time when carbon monoxide levels have historically remained low.

Below are several wildfire related resources which may be useful during preparedness activities:

Cybersecurity

Business Email Compromise: The $43 Billion Scam

This FBI Public Service Announcement update and companion piece to Business Email Compromise PSA I-091019-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2021. Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. The BEC/EAC scam continues to grow and evolve, targeting small local businesses to larger corporations, and personal transactions. Between July 2019 and December 2021, there was a 65% increase in identified global exposed losses, meaning the dollar loss that includes both actual and attempted loss in United States dollars. This increase can be partly attributed to the restrictions placed on normal business practices during the COVID-19 pandemic, which caused more workplaces and individuals to conduct routine business virtually.

The FBI offers the following suggestions for protection:

  • Use secondary channels or two-factor authentication to verify requests for changes in account information.
  • Ensure the URL in emails is associated with the business/individual it claims to be from.
  • Be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Refrain from supplying login credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
  • Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s address appears to match who it is coming from.
  • Ensure the settings in employees’ computers are enabled to allow full email extensions to be viewed.
  • Monitor your personal financial accounts on a regular basis for irregularities, such as missing deposits.
Ransomware: April 2022 Review

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. In their April 2022 review they highlight the emergence of three new ransomware-as-a-service (RaaS) groups—Onyx, Mindware, and Black Basta—as well as the unwelcome return of REvil, one of the world’s most notorious and dangerous ransomware operations. 

Despite its rapid start, the activities of Black Basta and the other newly-emerged types of ransomware were dwarfed in April by three established threats: LockBit, Conti, and AlphV, which made up 60 percent of all the known breaches in our analysis. 

The Colonial Pipeline ransomware attack, which took place one year ago tomorrow, is a strong contender for the most consequential cyberattack in history.  It marked a seismic shift in which a cyberattack had real-world implications for tens of thousands of average Americans who spent hours in gas lines and fretted about price surges and being unable to fill their tanks. This edition of the Washington Post’s Cybersecurity 202 provides some reactions from cybersecurity professionals on what has changed since that attack.

To learn more and join in the conversation, please visit our Get Involved page.

May is Multi-Factor Authentication Month

Multi-Factor Authentication is a valuable tool in cybersecurity defense, including ransomware. CISA is promoting “MFA May” to highlight the importance of two-step authentication processes. CISA Director Jen Easterly recently penned this blog to help promote the agency’s month-long messaging to encourage further adoption of MFA. Throughout the month of May:

  • Follow CISA on TwitterFacebookLinkedIn, and Instagram for MFA content.
  • Let CISA know on social media that your business or personal devices are now protected by MFA with the hashtag #EnableMFA! 
  • Challenge friends and coworkers to #EnableMFA too.
  • Learn more about multi-factor authentication here.

Physical Security

The Current State of Organized Retail Crime

This first special edition of LP Magazine is focused solely on ORC and the many challenges and issues surrounding the topic. You will find inside these pages articles on a wide range of topics from the successful collaboration of the big three pharmacy retailers to how Homeland Security Investigations has joined the fight. From interviewing skills in ORC investigations to the safety aspect of store invasions to ORC’s link to human trafficking, and much more.

Senators on both sides of the aisle are throwing support behind a proposal to tuck key cannabis banking legislation into a larger package aimed at boosting U.S. competitiveness, increasing the odds that a significant cannabis bill gets through the upper chamber this year. The passage of banking reform would bring some relieve to the industry that continues to see violent robberies, partially do to the available cash on hand at so many establishments. 

According to the Los Angeles County Sheriff’s Department, four suspects entered a dispensary in Compton and pointed their handguns at an armed security guard inside. That’s when the security guard withdrew his handgun and a shootout between the suspects and the guard ensued, officials said.

Additional cannabis robbery-related headlines include:

ICYMI. The Gate 15 Interview: Ben Taylor, on Cannabis ISAO, Cannabis Industry Security, Cybersecurity, Rescue Dogs and More!

Our Executive Director Ben Taylor joined the Gate 15 Interview podcast this week to discuss information sharing, the development of the Cannabis ISAO, physical security and cybersecurity challenges the cannabis industry faces, along with scams and other crime trends.

Hostile Event Preparedness Training

An upcoming FREE webinar from Gate 15’s Hostile Event Preparedness Series is scheduled for 12 May at 1:00 PM Eastern. The session will cover the Hostile Event Attack Cycle. This builds on previous trainings that discussed education on hostile event preparedness and fire as a weapon. Security professionals are encouraged to register for this FREE event here. During the Hostile Event Attack Cycle Session, participants will:

  • Recognize types of Hostile Events, to better prepare for and react to an event
  • Identify indicators of potential violence, to possibly avert a hostile event from occurring
  • Identify the phases of a Hostile Event
  • Provide mitigation strategies to help in the development of a training program appropriate for your organization

Check out the latest blog highlighting issues important to cannabis security!