SAFE Washington‎ > ‎

Alerts!

Teach your staff:
A) Stop and Look, Assess the Situation.
B) Then - Do Something. Call or Act on the information on hand.

Teach Your Staff to be prepared for the unexpected and unknown: Teach them First Aid, and Teach Psychological First Aid.

Teach Respect, Tolerance, and Understanding.

In the end, it’s a sense of hope and optimism that people acknowledge, and which brings resilience.



Security

posted Aug 3, 2017, 7:40 AM by Andrew Chadick

Creating a safe working environment requires a lot of work through thoughtful planning up-front and diligent maintenance over time.  Those of us who monitor and protect use our systems and tools daily in our work. So, keeping our hardware, installations, and security platforms in good shape must be a high priority.

 

The thought and planning that went into your installation will show as your systems age.  However, once you have installed your safeguards, they will start to degrade no matter how well your system was designed.  Whether those safeguards are physical measures like gates and fencing, or electronic systems like access controls or security cameras, you must keep them maintained.  You should include maintenance and replacement costs in your security budget, and build maintenance activities into your work schedule.

 

Maintenance issues will differ depending on the safeguard type.  For outdoor products, such as fencing and gates, and anything else with metal parts, there is wear and tear and rust to contend with, even if parts are galvanized.  There is also abuse and vandalism to deal with on occasion. 

 

Even for bullet-resistant polymers, you should take great care in keeping them in top shape. You must clean them with specific products, and when necessary coat the sides that are exposed to sunlight with UV protection or have the outer windows coated with a special film.  Polymers tend to show signs of degradation through hair line cracks first appearing on the surface of the material.  Please check with your vendor for specific care instructions.

 

Electronics, in general, require a different approach to maintenance.  With fences and gates, you can walk around, look for signs of wear, add oil to chain links, and generally do maintenance through completely physical means.  For electronics, you can replace dead parts, check to make sure camera lenses are clean, and remove any signs of abuse or neglect from the outside of the various housings, but there are additional maintenance issues that aren’t apparent from an initial observation.  Indoor products may experience heat damage from being on continuously, which is usually the result of insufficient airflow.  You should make sure that dust hasn’t built up inside the cases and that the cooling fans can spin freely. For outdoor electronics, there is not only moisture to contend with, but camera heaters can fail, and there can be abuse from both vandals and the elements.  

 

Computerized systems and devices experience additional wear and tear that can’t be seen – the result of network attacks, scans, exploits, and tools barraging your systems in an attempt to take them over and add them to a global botnet.  Your online systems are being scanned and tested for vulnerability constantly.  There are entire websites dedicated to exposing and exploiting your systems.  Even if your systems aren’t online per se, an attacker can walk by your site, latch on to your wireless network, and attack from within, or if they are lucky they can get to a CAT connection, jack in, and have direct access without much effort.

 

Questions to Consider:

After the installation of your various systems, have you ever gone back and checked over everything? Have you looked to make sure holes have been mended in fences, hinges and chains are oiled, light bulbs are replaced, and latches are tight and hold when pulled upon?

 

What about your electronics?  Did you know that the cameras, video recorders and computers in our networks must be checked regularly as well? Heat damage is an issue, so make sure your devices and electronics are getting air. Be sure to keep the insides dust free.  Are you keeping the software secure?  Did you know that you need to apply firmware updates to help keep them secure?

 

Exploits are discovered daily, malware and other tools designed to take over your computer systems and devices are released into the wild all the time, and are out there right now. Criminals armed with these tools are awaiting the right circumstances to infiltrate your systems.  When was the last time you went back through your installation and made sure your passwords were still set and the devices were still working and configured the way you left them?  Are your passwords considered “strong”?  Are your devices and computers fully patched and up to date? Is remote access expressly limited or closed completely?

 

Checking and maintaining all the components of your security systems – physical, hardware, and software – are crucial to ensuring that they protect you and the people who work and visit your organization. Maintenance must be an integral part of your security workflow, not an afterthought.

 

 - -- -

Concluding Thoughts

Everything in the security world evolves - the ways surveillance occurs, the ways attacks are carried out, the tools and even the weapons that are used change over time.  For instance, drones were a thing of science fiction not long ago.  Look at how they are shaping the security landscape now as a tool for everything from mapping landscapes to carrying out surveillance   Look how they are also being used to smuggle in products that can be used for an attack. We must change with the times, we should keep up with new developments, evaluate new products, and prepare accordingly so that our security systems can keep our organizations and the people who depend on them protected and secure.

 

Email Threats

posted Mar 28, 2017, 8:04 AM by Andrew Chadick

Cyber Attacks almost always start with a single email.  Inside that email are links, disguised to get you to click on it.  They are camouflaged in such a way that they peak your curiosity, you ignore the fact that you aren't sure you should do it or not, you just do it.  Right at that single moment, your click, the malicious hacker has you.  It doesn't matter if you were expecting cute puppies or to update your bank information.  Your personal computer reaches across the Internet and connects to a malicious server. That server does what it's designed to do - it attacks your computer and it takes everything that it can. You will be tricked, asked to click further, enter personal identifiable information (PII), enter in a password, you will execute triggers to install software in the background, you will unknowingly add files to your PC, you will lower your firewall, and during all of this - you won't even realize it is happening, you will be looking at cute puppies.  

In other words; 'Email Phishing' is getting better and better every day, or worse and worse depending on your perspective; the people crafting phishing email have made it to a point in their craft, where it is very difficult to tell whether or not an email inbound to your box is genuinely from  or an attempt to get you to click a link and have it take over your computer. Even up to date anti-virus is no match for the dreaded "zero day" exploit.  
So, as users of email services, we always have to be on top of our game and always watching out for phishing attempts. Some are pretty easy to spot, some not so much.

So; Please, if you receive an email, and it asks you to click a link, and you are not expecting such an email from this source, please simply delete the email.  It does not matter if its from your bank, or your insurance company, or any other vendor you deal with on a daily basis. It is 100% better to delete the email and remove the risk of infection, then it is to take a chance with curiosity to see where something goes or leads to on the Internet.

If you feel that you need to find out more, you have 2 options.  1, old school, pick up the phone and call.  2, open a web browser and in the address bar, type in the URL of that institution or use an existing bookmark.  Don't use the links from that email.  


Cyber Safety - Be Aware

posted Feb 21, 2017, 10:34 AM by Andrew Chadick   [ updated Feb 21, 2017, 2:27 PM ]

1) YOU ARE YOUR DATA

Criminals need 2 things to perpetrate cyber crime: Your Personal Identifying Information, and access to a Point of Compromise.

Examples of Personal Identifying Information (PII):
Names/Usernames
Date of Birth
Mother's Maiden Name
Address(es)
Phone Number(s)
Email Account(s)
Passwords
Social Security Number
Account Number(s)

Examples of Points of Compromise:
   Physical Items -
      Dumpster diving, mail theft, check fraud, burglaries, purse/wallet snatching
   Technology -
      Skimming, Shoulder Surfing, Gas Pumps, Point of Sale (POS) devices, Radio Frequency Identification (RFID)
   Computer and Internet
      Social Media, Email, Unsecure Websites, Online Shopping, Classifieds, Unsecure Wifi, Filesharing, Bot Nets, Data Breach
   Mobile Devices
      SMS Phishing, GeoTagging, Spyware, Malware, Bluejacking, Near Field Communication (NFC), Quick Response Codes

 
2) IF IT HAS A LOCK, USE IT

Secure Points of Compromise- Balance convenience versus safety/security
   Physical Items
      Use physical locks, purge, shred, secure mail
   Technology
      Credit versus Debit versus Cash (Pin number versus Zip Code)
   Computer and Internet
      Strong Passwords - A password as a lock (15 digits or more, Caps, lowercase, Number, Symbol!)  StrongPassCodes@HomeBEasy693.us
      Two Factor - If a dual authentication method is available USE IT
   Mobile devices
      Limit access, use passcodes/application locks/pin access to applications

3) WHEN ASKED FOR, ASK WHAT FOR?

Practice responsible sharing
   ASK:
      WHY do you need my PII?
      WHAT are you going to do with it?
      HOW will you protect my data?
      HOW can I monitor my data?
      WHAT will you do when you are done with the data?

Plan for Safety -
It costs more NOT to pay attention 
   Use technology to monitor and protect your data
   Educate yourself on emerging technologies
   Be mindful of safety versus convenience when accessing technology

Resources for Remediation:

Federal Trade Commission:  File a complaint: 1-877-FTC-HELP or  1-877-382-4357  http://www.ftc.gov

Identity Theft Resource Center: 888-400-5530  http://www.idtheftcenter.org

Privacy Rights Clearinghouse:   http://www.privacyrights.org

These tips provided by NOVA - National Organization for Victim Assistance 1-800-879-6682.

Cyber Security Tools for securing your websites

posted Nov 16, 2016, 8:33 AM by Andrew Chadick

FREE Tools/Offerings to help alleviate potential cyber related problems.

 --- - ---

FREE Anti-Malware Security and Brute-Force Firewall: https://wordpress.org/plugins/gotmls/

 --- - ---

Wordfencehttps://www.wordfence.com/#get-plugin

--- - ---

 

SUCURI Security WordPress Security plugin is  also free to all WordPress users.

It is a security suite meant to complement your existing security posture with seven key security features:

1.       Security Activity Audit Logging

2.       File Integrity Monitoring

3.       Remote Malware Scanning

4.       Blacklist Monitoring

5.       Effective Security Hardening

6.       Post-Hack Security Actions

7.       Security Notifications

 

Link: https://wordpress.org/plugins/sucuri-scanner/

 --- - ---

 

Google Safe Browsing: https://blog.malwarebytes.com/security-world/2016/09/google-empowers-website-owners-with-added-security-features/

 

 --- - ---

For the more technical folks, here are some tools that you could be leveraged to investigate their website for unwanted/suspect code, etc.

 --- - ---

This one looks pretty in depth as to investigation of code, etc. https://aw-snap.info/

 

Full Article/Link: https://blog.sucuri.net/2016/10/ask-sucuri-is-my-website-hacked.html

 --- - ---

 

Some other things of value would be the following:

 

Free Website Malware and Security Scanner: https://sitecheck.sucuri.net/

 

Endpoint Patching


Heimdal Securityhttps://heimdalsecurity.com/en/

 

Personal Software Inspectorhttp://www.flexerasoftware.com/enterprise/products/software-vulnerability-management/personal-software-inspector/

 

We hope that this helps to make your computing environment a safer one.

USB Drives

posted Mar 13, 2015, 7:51 AM by Andrew Chadick   [ updated Mar 13, 2015, 7:55 AM ]

If you find a USB drive (thumb drive, memory stick, or pen drive) on the ground outside your office, or when you are out and about, please do NOT put it in your computer.  

There are so many hacks that can be executed from a found drive, that can do everything from auto installing malware, to quite literally causing physical damage to the circuitry in your computer.  Don't take the chance.


Bird Flu 2015

posted Mar 12, 2015, 11:33 AM by Andrew Chadick

HEADLINE

03/11 Bird flu mutating in China

SOURCE

http://www.nbcnews.com/health/cold-flu/h7n9-bird-flu-mutating-china-threatens-pandemic-n321721

GIST

The H7N9 bird flu virus is being passed around from flock to flock of chickens and ducks, is mutating, and is now a bigger threat than ever to humanity, researchers reported Wednesday.

 

The virus, which was first reported in people just two years ago, has settled into southeastern China, Guan Yi of the University of Hong Kong and colleagues reported. Unless drastic measures are taken to eradicate it, the virus will continue to mutate, they warn in a report published in the journal Nature.

 

"H7N9 viruses have spread from eastern to southern China and become persistent in chickens," they wrote. It's also swapping genes with other types of flu viruses, giving rise to new strains. Any one of them could start a pandemic in time, they said.

 

"This expansion of the genetic diversity of influenza viruses in China means that unless effective control measures are in place, such as permanent closure of live poultry markets, central slaughtering and preventing inter-regional poultry transportation during disease outbreaks, and backed by systematic surveillance, it is reasonable to expect the H7N9 and other viruses to persist and cause a substantial number of severe human infections," they wrote.

 

They've found at least 48 different subtypes. H7N9 avian influenza has infected 622 people since 2013 and killed 227 of them.

Teaching Young Children to be SAFE

posted Mar 6, 2015, 8:25 AM by Andrew Chadick

The Red Cross has a new app for phones and tablets that is geared to helping young children learn the drills to be safe during emergencies like Earthquakes, Fire, Flood, and Severe Storms.  

Look for more information here: http://www.redcross.org/monsterguard

Jewish Community Outreach - US Department of Homeland Security - Pacific NorthWest

posted Feb 26, 2015, 1:34 PM by Andrew Chadick

U.S. Department of Homeland Security / Secure Community Network

Jewish Community Outreach

Jewish Federation of Greater Seattle / SAFE Washington


 

DATE: March 1st 2015

TIME10:00-12:00

LOCATION: (Will be announced with RSVP Confirmation)

This session will also be Broadcast on the SAFE Washington Network using GotoMeeting for those that cannot attend in person.


 

BACKGROUND:  In the past year, there have been multiple attacks against the Jewish community to include the January 2015 raid on a kosher food market in Porte de Vincennes, France where 19 Jewish patrons were held hostage and four of the patrons eventually murdered; the December 2014 stabbing attack at the Chabad-Lubavitch Headquarters in Brooklyn, NY; and the fatal shootings at the Kansas Jewish Centers in April 2014. 

 

In an effort to enhance security within the Jewish Community, the Department of Homeland Security Deputy Secretary conducted an initial call with senior Jewish community leaders on December 11, 2014, to coordinate heightened outreach. This Jewish Community Outreach will continue previous collaborative efforts.  


Who should attend? Leaders of an agency, synagogue, or those responsible for the safety and welfare of their constituents & staff members.

In order to attend in person, or attend via webinar, you must RSVP to: AndrewC@SAFEWashington.com by no later than Friday, February 27th at 5pmAn RSVP response will go out with special instructions for attendance and confirmation.


When you RSVP for this Community Outreach, please include your name, the agency you represent, your title, and contact information including phone number.


Note: Only those on the visitor list will be allowed to enter the building, and webinar attendance will be limited to those that RSVP (there are some limits to the number of attendees that can sign in via the web, so please RSVP for webinar early if you cannot attend in person.


Wireless Emergency Alerts

posted Feb 26, 2015, 1:24 PM by Andrew Chadick

Have you noticed a unique sound and vibration coming from your cell phone?  You may have received a Wireless Emergency Alert (WEA) - a nationwide emergency alert system notifying you of a pending emergency in your area. These messages provide information about extreme weather warnings, local emergencies, AMBER Alerts™, and Presidential Alerts during a national emergency.

WEAs look like a text message and show the type and time of the alert, any action you should take, and the agency issuing the alert. If you receive a WEA, follow any directions advised by the message and seek additional information from local media or authorities.

WEAs are sent by authorized government agencies through your mobile carrier. Government partners include local and state public safety agencies, FEMA, the Federal Communications Commission, the Department of Homeland Security, and the National Weather Service.

WEA messages can save lives! To learn more check, out FEMA’s WEA Public Service Announcements and the Be Smart. Know Your Alerts and Warnings guide from America’s PrepareAthon!

Food Safety During Blackouts

posted Feb 26, 2015, 1:20 PM by Andrew Chadick


Loss of power can jeopardize the safety of the food stored in your home refrigerator or freezer. In the event of a blackout, do you know how to determine if your food is safe to eat? The U.S. Department of Agriculture(USDA) offers tips to minimize the potential loss of food and lower the risk of foodborne illness.

Before a blackout:

  • Gather an emergency supply of shelf-stable food, packaged foods, boxed or canned milk, bottle water, and canned goods;
  • Have coolers and frozen gel packs on hand to keep refrigerated food cold if the power goes out longer than four hours; and
  • Keep freezer items close together—this helps the food stay cold longer.

Bacteria in food grow rapidly at temperatures between 40 and 140 degrees Fahrenheit. The USDA instructs setting your refrigerator at or below 40 degrees Fahrenheit. If the power is out for less than four hours and the refrigerator door is kept closed, your food should be safe.

Following a blackout:

  • Discard any perishable food items such as meat, poultry, fish, eggs, and leftovers that have been exposed to temperatures above 40 degrees Fahrenheit for two hours or more;
  • Use a food thermometer to test the temperature of food – never taste it!  You can’t rely on appearance and odor to determine whether food is safe; and
  • Discard any items in the refrigerator that have come into contact with raw meat, seafood, or poultry juices.

Power outages can occur anywhere at any time of the year. Make sure you and your family are prepared and know what to do to avoid getting sick.

1-10 of 31