Tag Archive for: Hire

Nebraska state senator wants to hire a hacker to break into state systems


One state lawmaker wants Nebraska to take measures to protect it from cyberattacks. His answer? Hire its own hacker.

State Sen. Loren Lippincott presented a bill Thursday to the Legislature’s government committee that would give the Nebraska State Patrol $200,000 to hire “an ethical hacker.” The hacker would spend his or her days trying to break into the state’s computer network, as well as election equipment and software, to find any vulnerabilities in those systems.

Lippincott said he got the idea from a nephew of his who did similar work. The lawmaker’s staff did not find other states that have hired independent hackers, although Missouri has hired a company that employs “white hat hackers” to provide that service.

NEBRASKA LAWMAKER PROPOSES ‘STAND YOUR GROUND’ GUN LAW

“We hope to lead the way,” Lippincott said.

His bill also would allow hiring a security company that provide hackers to find weaknesses in the state’s system.

Security challenges continue to grow for state and local election officials across the country, including potential cyberattacks waged by foreign governments, criminal ransomware gangs and election misinformation that has led to harassment of election officials and undermined public confidence.

Nebraska Sen. Loren Lippincott

Nebraska Sen. Loren Lippincott is pictured here at his desk on the floor of the state Capitol on Jan. 5, 2024, in Lincoln, Nebraska. He introduced a bill to hire “an ethical hacker” to find weaknesses in state computer systems on Jan. 8, 2024. (AP Photo/Margery Beck, File)

Lippincott presented the bill on the heels of FBI Director Christopher Wray’s warning that Chinese government hackers are targeting critical U.S. infrastructure, including water treatment plants, the electrical grid and transportation systems.

The Nebraska bill’s hearing was also held on the same day that the U.S. Cybersecurity and Infrastructure Security Agency launched a program aimed at boosting election security in the states and after a recent cyberattack on government operations in Georgia that has created some elections challenges ahead of that state’s March presidential primary.

CLICK HERE TO GET THE FOX NEWS APP

“This idea is that an ethical hacker can find vulnerabilities that can be fixed…

Source…

Army struggling to hire cyber staff as attacks on Britain ramp up


The Army is struggling to hire cyber security experts amid intense competition from business, its recruitment chief has admitted.

Richard Holroyd, managing director of Defence and Security at Capita, which handles recruitment for the Armed Forces, said it was having difficulty attracting candidates given the wealth of jobs on offer.

He told the Telegraph: “You’re saying to people with an interest in it, come and be a cyber specialist in the armed forces, but Raytheon is saying come and be a cyber specialist, BT are saying come and be a cyber specialist. So in those spaces, you’re competing.

“In a labour market with full employment it’s a tough, tough play.”

Mr Holroyd said Capita was on track to only meet 80pc of its Army recruitment target this year, in part because of difficulties filling technical roles.

He said: “Anything related to STEM [science, technology, engineering and mathematics] is a highly competitive environment. So STEM skills are tough.”

Capita’s exact target wasn’t given and the Ministry of Defence declined to comment on it.

The admission comes despite the increasing importance of cyber for both offensive and defensive capabilities.

The Minister of Defence said last month there was an “urgent requirement to continue to modernise the force to keep pace with technological developments”.

Boosting the digital skills is a “matter of priority” over the next three years, officials wrote in the Defence Command paper.

Mr Holroyd said cyber security experts have “much more choice” than in previous years and admitted that private sector companies have proven faster at recruiting, sometimes making offers within a few weeks.

Source…

6 Questions to Ask Before You Hire a Managed Security Services Provider


Gartner forecasts that information security spending will reach $187 billion in 2023, an increase of 11.1% from 2022. In tandem with this spending, the analyst firm also

predicts that by 2025, a single centralized cybersecurity function will not be agile enough to meet the needs of a digital organization.

It comes as no surprise, then, that organizations are looking to managed security services providers (MSSP) to either augment in-house security teams or provide risk-management services.

“Many organizations don’t have the resources to build out a security operations center (SOC),” says Scott Barlow, vice president of global MSP and cloud alliances at Sophos. “Meanwhile, security is moving at a rapid rate, and it’s tough to do it yourself. With internal IT staff focused on internal needs, companies really need to think about 24-7 security and threat hunting across their network. That’s why we see a lot of co-managed IT and outsourcing tickets going to MSSPs these days.”

An MSSP may be the answer, but businesses should take the time to do their homework before signing on. Here are six essential questions to ask when seeking assistance.

1 – What types of certifications do your staff have?

“There are a lot of certifications out there,” Barlow says. “From CompTIA to (ISC)2, there are many ways security professionals stay up to date on skills and the latest threats. But it is essential that they are up to date on certifications because the industry is constantly evolving.”

It’s important to start by understanding your staff’s full suite of certifications, then determine what’s needed to fill any gaps, Barlow says.

2 – How do you secure on premise and public cloud assets?

Many organizations have assets in the public cloud in addition to on-prem. It is important to determine how your MSSP can secure both. “Public cloud does not mean Microsoft 365,” Barlow says. “It means that if you have workloads in Azure or Google Cloud Platform (GCP), can they confidently assure you that they can secure those assets and data? Ask how.”

3 – Can you support all my needs?

Identifying your internal IT and security needs is paramount. For…

Source…

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire


A 21-year-old New Jersey man has been arrested and charged with stalking in connection with a federal investigation into groups of cybercriminals who are settling scores by hiring people to carry out physical attacks on their rivals. Prosecutors say the defendant recently participated in several of these schemes — including firing a handgun into a Pennsylvania home and torching a residence in another part of the state with a Molotov Cocktail.

Patrick McGovern-Allen of Egg Harbor Township, N.J. was arrested on Aug. 12 on a warrant from the U.S. Federal Bureau of Investigation. An FBI complaint alleges McGovern-Allen was part of a group of co-conspirators who are at the forefront of a dangerous escalation in coercion and intimidation tactics increasingly used by competing cybercriminal groups.

AppSec/API Security 2022

Prosecutors say that around 2 a.m. on Jan 2, 2022, McGovern-Allen and an unidentified co-conspirator fired multiple handgun rounds into a residence in West Chester, Pa. Fortunately, none of the residents inside the home at the time were injured. But prosecutors say the assailants actually recorded video of the attack as “proof” that the shooting had been carried out.

A copy of that video was obtained by KrebsOnSecurity. According to investigators, McGovern-Allen was one of the shooters, who yelled “Justin Active was here” as they haphazardly fired at least eight rounds into the lower story of the West Chester residence.

On Dec. 18, 2021, police in Abington Township, Pa., responded to reports of a house fire from homeowners who said it sounded like something was thrown at their residence just prior to the fire.

Weeks later, on the day of the shooting in West Chester, a detective with the Westtown East Goshen Police Department contacted the Abington police and shared another video that was circulating on several online message boards that appeared to show two individuals setting fire to the Abington Township residence. The criminal complaint said the two police officers agreed the same suspect was present in both videos.

A copy of that video was obtained by KrebsOnSecurity, and it shows at least two individuals…

Source…