Fox 43 interviews Morefield vCISO, Allan Jacks, on recent PA Supreme Court cyberattack

Fox 43 interviews Morefield vCISO, Allan Jacks, on recent PA Supreme Court cyberattack

Cybersecurity experts break down Pennsylvania Supreme Court cyberattack

On Sunday, Chief Justice of Pennsylvania Debra Todd announced that portions of the Pennsylvania Courts’ website are currently unavailable due to a denial of service cyber attack. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), a denial of service cyber attack occurs when malicious actors flood the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users.

Read the full article here: https://www.fox43.com/article/news/lo…

WPMT-FOX43’s YouTube channel is a hub for the best of FOX43 News and its investigative reports, top headlines, and digital exclusive content: youtube.com/c/fox43 SUBSCRIBE: youtube.com/c/fox43

Critical infrastructure hit with cyber attack in western Pa.

A local tech executive weighs in on the impacts attacks similar to the one on the Municipal Water Authority of Aliquippa could have, and how you can stay safe.

Author: Logan Perrone

Published & Updated: 9:57 PM EST December 3, 2023

PENNSYLVANIA, USA — Several civilian infrastructure operations were attacked by Iranian-affiliated hackers, including a water treatment facility outside of Pittsburgh. 

The incident left multiple organizations breached in the United States by Iran-affiliated hackers, prompting a warning from the Cybersecurity and Infrastructure Security Agency.

Wes Kelly is the President of Morefield Communications in Camp Hill and says the hackers behind the attack were not targeting the plant specifically……. Read the full article.

Implementing Zero Trust Architecture: Steps for Businesses

Zero trust architecture is helping companies combat cyberattacks and data breaches by supercharging security at every point of entry across their information technology (IT) infrastructure, from their network to their devices.

We are breaking down what you need to know about transitioning to zero-trust architecture with easy-to-follow steps.

What Is Zero Trust Architecture?

Zero trust architecture refers to a cybersecurity strategy involving strict user verification. This model effectively prohibits unauthorized access to your business’s systems and applications by requiring validation at every applicable user interaction. Its primary concern is protecting your business’s resources through authentication and authorization.

In 2020, 45% of company cyberattacks were caused by network intrusions, meaning the perpetrators gained unauthorized access to the business’s systems. With the influx of cybersecurity threats, remote workers, cloud processing and digitalization, businesses must take action to protect their sensitive data. Zero trust architecture is key in securing digital tools so your operations can continue without interruption. 

When you employ a zero-trust framework, your company can continuously validate which users and devices can access which systems and privileges.

Importance of Zero Trust Architecture

Zero trust architecture plays a valuable role in combating cybercriminals looking to steal and exploit your company’s sensitive data, including:

  • Financial information
  • Intellectual property
  • Customer data 
  • Personally identifiable information

The benefits of implementing this type of security infrastructure include:

  • Minimizing the risk of a data breach. 
  • Gaining greater control over your digital environments and data.
  • Reducing unplanned downtime due to an attack.
  • Increasing visibility across all devices, networks and applications.
  • Simplifying compliance.

The consequences of a cyberattack can be detrimental to your company’s overall operations, bottom line and reputation. With zero trust security, your company can improve access protection across your entire IT landscape.

7 Steps to Implement Zero Trust Architecture

Explore the following steps to implement zero trust architecture and protect your company’s data:

1. Define Your Objectives

Before transitioning to zero trust architecture, your company must define its security objectives and the goals your company wants to achieve with this infrastructure. Once you have an end goal for how you’ll approach implementation, starting small can be helpful.

Consider rolling out a zero trust framework for a few smaller-scale applications and systems first. For instance, you could begin with your mobile devices or the systems that your remote staffers utilize first, then make a plan to add your company’s more complicated users as you become more familiar with these processes.  

2. Consider the Key Principles of Zero Trust

When rolling out zero trust architecture, your business should assess how it can manage this high level of security without negatively impacting your team’s productivity with too many access barriers. 

Before deciding on which users have access to which applications and which data, you should familiarize yourself with the following principles of zero trust architecture:

  • Assume your business and its digital tools are at risk.
  • Trust no users or devices without verification.
  • Access should be dependent upon the individual user, their role and location.
  • Grant access to users as needed.
  • Utilize encryption to protect stored and moving data. 
  • Continuously monitor and validate users to ensure only authorized individuals have access to each of your systems at any given time.

3. Determine Your Access Policies

With an understanding of the foundational principles of zero trust architecture, your business can focus on the specific access policies it wants to employ. These may include:

  • Multi-factor authentication
  • Single sign-on
  • Identity and access management systems
  • Zero trust network access

The security policies you choose will depend on where this type of infrastructure will benefit your business most. 

4. Establish Who Needs Access to What Applications

Next, it can be highly advantageous to create a map of your company’s digital infrastructure to ensure you’ve identified all existing entry points to your critical systems. 

In this step, you’ll determine which users have access to which applications and devices and from where. You’ll develop rules and policies so your team has a clear understanding of your security expectations. 

5. Update Zero Trust Access

Once you map out your digital landscape and determine the access granted to each user across all departments, your business can begin refining the access privileges and restrictions in place to ensure they are up-to-date. 

During this step, you’ll comb through each user, ensuring they have access to the necessary systems to perform their jobs. Be sure to also remove access from any former employees.

6. Prepare for Ongoing Growth

When transitioning to a zero trust model, your business should prepare to continuously refine its security measures to grow with your operation and protect your sensitive data. Always clearly communicate new policies with your employees so they know what protocols to follow.  

If your company has an in-house security team, they should work on establishing a plan to address access to new requests and tools. 

7. Validate Your Access Controls

Once you’ve implemented your zero trust architecture, your team will need to update your controls and policies regularly. Continuously validate users and confirm they can access the applications, resources and systems they need for success. This will help your business ensure you are adequately protected and your cybersecurity measures are always up-to-date.

Common Challenges in Implementing Zero Trust Architecture

Your business should also explore the common challenges associated with zero trust architecture before making the transition. These include:

  • Dealing with complex IT infrastructures.
  • Training your team on cybersecurity and login best practices.
  • Finding a software solution that works with your existing network and systems. 

One of the best ways to deal with these challenges is to work with a cybersecurity professional who understands these intricacies and can help your company create an effective plan to implement zero trust architecture across your IT landscape.

The Role of AI in Zero Trust Architecture

Artificial intelligence (AI) is making waves in the world of cybersecurity. It can effectively supercharge your zero trust architecture by:

  • Calculating real-time risk scores based on your system’s data and helping your business get ahead of potential weaknesses.
  • Enhancing user experience by automating access approval requests.
  • Saving time and boosting productivity without compromising security. 

Protect Your Operation With Cybersecurity Solutions From Morefield

When your business needs comprehensive and scalable cybersecurity solutions, turn to Morefield. We have more than 75 years of industry experience and understand the importance of protecting your organization’s technical infrastructure.

We offer many cybersecurity services, ranging from malware protection to mobile device management. Our team is here to help small and medium-sized businesses with the essential network and computer protection required to mitigate threats. Our solutions help ensure only authorized personnel and users have access to your system.

Ready to protect your business with cybersecurity solutions from Morefield? Contact us to get started today!

The Role of AI and Machine Learning in Cybersecurity

The use of machine learning and AI in cybersecurity is rapidly growing. Many organizations are using AI models as a vital tool in preventing attacks and identifying threats. These new approaches can detect and respond to threats in real time, allowing companies to save time and resources throughout their cybersecurity strategy. AI models can also continuously adapt and learn, allowing people to identify new threats as they emerge and increase protection. Discover more about the role of AI and machine learning in cybersecurity now.

Threat Detection Using AI and Quantum Machine Learning

Machine learning aids in pattern recognition, which helps detect various cyber threats. Pattern recognition is how machines learn to identify patterns, recognize the environment and make decisions. This process involves reducing information, mapping information and labeling information. Leveraging machine learning, AI can solve complex tasks such as identifying threats to protect organizations from cyber-attacks. Additionally, this process allows AI to better identify new and more sophisticated attack vectors that humans may otherwise be unable to recognize.

Similarly, quantum computing in cybersecurity can tackle complex computations. This technology can harness information in profound new ways, including symmetric and asymmetric encryption. Quantum computers can tackle problems that classical computers cannot, empowering organizations to prevent potentially devastating attacks more efficiently.

Machine Learning in Incident Response

Incident response refers to the actions and technologies that detect and respond to potential or actual cyberattacks or breaches. The ultimate goal of incident response is to prevent attacks before they occur, but it also includes plans for recovery if an attack occurs. Machine learning and AI excel at collecting and analyzing the data needed to identify threats to minimize the likelihood of an attack.

Furthermore, AI and machine learning can automate many routine processes, reducing workload and saving time during incident response processes. Machine learning can quickly alert teams if an issue arises and begin protecting information. Some tools can respond to threats automatically, minimizing potential damage.

With advanced technology automating these processes, human workers can dedicate their time to more critical tasks while algorithms work to identify threats and suspicious behavior. This division of tasks allows organizations to instill better incident response practices while ensuring workers participate in meaningful work.

Challenges and Limitations of AI in Cybersecurity

Several challenges and limitations exist for AI in cybersecurity. Being aware of these problems can help you determine solutions for preventing attacks and data breaches. You must be aware of these challenges:

  • Biases in training data: Relating to cybersecurity, bias can lead to false negatives or false positives. These results can drive flawed decisions, unjust actions or missed threats. Bias occurs through data to train the algorithms. If the AI training data is unrepresentative or biased, the algorithm will perpetuate those biases in its decisions and predictions.
  • Adversarial attacks: These attacks attempt to deceive or manipulate AI systems by exploiting design or input data vulnerabilities. Adversaries can use these attacks to lead AI models to make incorrect decisions or predictions.
  • Advanced evasion techniques: Some evasion techniques could empower attackers to remain undetected. Malware that modifies behavior to evade AI detection systems can bypass security controls and make it more challenging for security solutions to neutralize the threat.
  • Deepfake attacks: AI can create highly realistic media. Attackers can use altered audio, images and videos to manipulate information and threaten individuals. They can also use this media to create fake profiles and spread false information, which could result in financial loss, damage to a reputation or other adverse outcomes.
  • Automated attack tools: Attackers may be able to target many more people by using AI to automate the attack lifecycle. For example, AI can automate vulnerability scanning, allowing hackers to launch targeted attacks and exploit weaknesses much more easily.
  • Enhanced phishing attacks: Those with malicious intent could use AI to create highly personalized and convincing phishing emails to trick individuals into performing sensitive actions or divulging personal information. Some users may struggle to identify fraudulent messages because AI can use natural language processing to increase attack success rates.

The Role of Machine Learning and AI in Cybersecurity Education

The next generation of cybersecurity professionals must have an in-depth understanding of AI, machine learning, cybersecurity and quantum computing. Machine learning is quickly evolving, and human workers can’t work at the speed or with the accuracy of AI models. Equipping the next generation with this knowledge will be essential to practicing the best security measures and preventing attacks.

Cybersecurity education often provides hands-on experiences. Practical labs and simulations can closely mirror real-world obstacles and scenarios, equipping students to handle various challenges. These experiences can provide an essential foundation for understanding response processes and how cyberattacks can significantly impact businesses and people.

Cybersecurity occupations are expected to grow much faster in the upcoming years, highlighting that proper education will be essential for data protection and industry success. Along with changes in higher education programs, cybersecurity education is taking root in K-12 schools to provide foundational knowledge for protecting personal information and awareness about careers in cybersecurity.

There is room for growth in education about cybersecurity, but there is also an increasing demand. Many students are interested in the industry, but few educators report student awareness of cybersecurity jobs or of how to learn more about the industry.

As machine learning and AI become more advanced, the need for cybersecurity education will increase. Schools must begin offering more cybersecurity education, and these opportunities should intertwine with other educational materials. It will be important to ensure students have access to cybersecurity tools so they can interact with different forms of technology and better understand how they work. Education must also shift to more hands-on experiences, allowing students to engage with AI and machine learning in various ways to learn how to train models and use them to their advantage.

Find Cybersecurity Solutions With Morefield

At Morefield, we understand the importance of cybersecurity. With advances in technology and online services, data breaches can compromise your organization’s confidentiality and cause loss of resources and trust. Proper security is essential for your organization’s success. We provide scalable and expansive options to protect your sensitive information. Our protective services include technical and consulting resources and end user solutions to give you control over your systems.

Our cybersecurity services include advanced vulnerability assessments, cybersecurity assessments and virtual CISO services. Advanced vulnerability assessments can analyze networks for password hacking, port scanning, network readiness and current security policies. Cybersecurity assessments will highlight vulnerable areas, business goals, risk tolerance levels and more. Virtual CISO services provide expertise, scalability, permanence and measurable performance.

Morefield takes an in-depth approach to security, and we can align our services to your organization’s needs. Contact us today to enhance your organization’s security.

4 Emerging Cybersecurity Threats in 2024

Experts predict the cyber threat landscape in 2024 will change even more dramatically in response to evolving technological innovations than in previous years. This post explores some of the most prominent cybersecurity predictions for 2024 and the steps organizations can take to protect their assets against them.

1. Shifting Cybercrime Tactics

Innovation is often a double-edged sword. As technological developments ramp up each year, cybercriminals will rapidly change their tactics to exploit new vulnerabilities before developers can release the appropriate patches. 

Artificial Intelligence (AI) and Machine Learning (ML)

Artificial intelligence (AI) has become a buzzword in the cybersecurity landscape, and it will only become more prevalent in 2024. Because machine learning (ML) allows AI programs to adapt automatically based on previous inputs, hackers can use ML and AI to create attack vectors that are more difficult to eliminate using existing methods.

Hackers can also use generative AI and ML to produce and proofread malicious code rapidly, allowing them to launch increasingly sophisticated attacks at higher volumes than ever before.

Phishing and Social Engineering

With the rise of large language models (LLMs) like ChatGPT and Google’s Bard, social engineering attacks such as phishing are becoming even more pernicious threats. Thanks to natural language processing (NLP), which enables an AI to understand and properly respond to human language, an LLM can produce incredibly convincing phishing emails free of typical giveaways like typos and awkward phrasing. 

Zero-Click Malware

Malware attacks are usually part of a larger phishing scam, where the hacker tricks employees at your organization into clicking on a malicious link that automatically downloads a virus onto their computer.

Zero-click malware is a new type of attack that eliminates the need for user interaction. It can infiltrate your system through various attack vectors — including vulnerabilities in legitimate applications — and execute its code in the background. Users don’t know the computer or network has been compromised until it’s too late.

2. Rise in Ransomware Threats

In 2024, ransomware will likely remain one of the top cybersecurity threats in business across all industries. Ransomware is a specific type of malware that automatically encrypts your files or software systems until you pay a ransom to the attackers. In previous years, losing access to local storage would incapacitate an organization, resulting in thousands or even millions of dollars lost and debilitating reputational damage.

Notably, ransomware tactics have changed in recent years as companies have begun investing in robust backup- and disaster-recovery-as-a-service solutions (BaaS and DRaaS, respectively). Companies can now afford not to pay the ransom because they can get their data back from their existing backups. 

In response, hackers are finding new ways to pressure their victims into paying. Double extortion — also known as extortionware — is a ransomware variant that threatens to release the hostage information to the public if the victim does not meet the attacker’s demands. It’s significantly more effective than traditional ransomware, and businesses must learn new ways to respond.

Preparing for a ransomware attack is a matter of “when,” not “if.” Organizations need to remain agile to prepare for the worst-case scenario.

3. Exploitation of New Technologies

Organizations are sure to see the impact of new technologies on cybersecurity within the next year as cybercriminals find ways to turn new advancements into devastating attack vectors. Some examples include: 

  • 5G: 5G networks can handle billions of connected devices at even faster speeds than 4G connections. However, this growth gives hackers more opportunities to exploit supply chain vulnerabilities.
  • Internet of Things (IoT): Although IoT infrastructure unlocks exciting opportunities for data collection, the rapidly growing network of internet-connected devices greatly expands an organization’s attack surface.
  • Quantum computing: While still in its infancy, quantum computing can handle tasks that are too complex for most traditional computers — such as breaking into encrypted files. Quantum-resistant encryption algorithms will become critical for protecting against such attacks.

4. Regulatory Compliance and Legal Considerations

As new threats emerge, we’ll see substantial updates to cybersecurity regulations beginning in 2024. Specific compliance requirements will vary by jurisdiction and industry. For example, healthcare organizations will likely see updates to the HIPAA Privacy Rule, and financial institutions may see new additions to PCI DSS.

Regardless, such standards will become significantly more complex. Cybersecurity professionals and IT departments must keep up with these evolving regulations to remain compliant. For many sectors, this process may require developing new strategies for effective data management.

How Businesses Can Stay Secure

Cybercrime is always changing, which is why a proactive stance toward cybersecurity is key. Organizations of all sizes and industries must stay updated with the ever-changing threat landscape to protect themselves against new and evolving threats.

Organizations should be aware of these cybersecurity concepts:

  • Security by design: A system that is secure by design prioritizes cybersecurity on the same level as other critical features, significantly reducing the number of potential exploits before making it publicly available.
  • Zero-trust architecture: Zero-trust systems grant access based on individual roles and identities rather than a user’s belonging to the organization, significantly reducing the risk of internal threats.
  • Automated technologies: Automated threat detection and response technologies can save your organization valuable time in identifying and eliminating threats from your system.
  • AI and ML: An AI and ML-enhanced system can learn from the new threats it encounters and automatically adjust its responses in real time, letting your organization quickly adapt to changes within the cybersecurity landscape.
  • Cross-industry collaboration: Sharing cybersecurity information across sectors is essential for developing the most accurate understanding of new threats and their methods of operation — which will become vital for protecting national security over the coming years.

Protect Your Organization in 2024 and Beyond With Morefield

With such dramatic changes coming down the pipeline, it’s clear organizations will need to invest more in cybersecurity initiatives. A holistic, proactive approach to cybersecurity is essential for the most effective protection — but for companies without sufficient staff or IT resources, building this kind of strategy is difficult at best.

Working with a managed service provider (MSP) like Morefield provides the resources your company needs for a robust cybersecurity framework. We offer a wide range of cybersecurity solutions, including system assessments, vCISO services and cyber awareness training so you can strengthen your cybersecurity posture without making significant investments in labor or technology yourself.

Contact us today for more information on our managed cybersecurity services for companies in Central Pennsylvania.

Sign Up for Our Newsletter