On multiple occasions this week AlertsUSA subscribers were notified via SMS messages to their mobile devices of security threats. Most pressing for this report, on Friday, subscribers were notified of a rapidly expanding ransomware attack initially impacting computers the United Kingdom and Spain. The malicious software locks up the machine and flashes a message demanding payment in exchange for an unlock code to release the user’s data. In this case, ransom demands are reported to begin at $300 and increase after two hours to $400, $500 and then $600. The only method of payment is via the digital currency known as Bitcoin. The malware behind the onslaught appears to exploit a known vulnerability in Microsoft Windows. Although this vulnerability has been patched, an untold number of government, business and personal computer users do not bother to keep their operating system and antivirus software up to date.
At the time of this report's preparation late Friday, the attack was reported to have infected tens of thousands of computers across more than 100 countries, though the spread is reported to have been temporarily halted after computer security experts effectively blocked a URL referenced in the program code.
It is extremely important for readers to understand that those who originally released this ransomware can very easily change this line of code, then begin the onslaught anew.
According to the a statement issued by the Dept. of Homeland Security, Microsoft released a patch in March that addresses this specific vulnerability, and installing this patch will help secure your systems from the threat.
The Department of Homeland Security and AlertsUSA both strongly encourage those using Windows-based computers at you home or place of employment to update your systems to include the latest security patches and virus definitions for your antiviral software. Secondly, do not click on or download unfamiliar links or files in emails. If your not expecting it or it comes from any unknown source, delete it. Finally, backing up your core file collection is crucial.
DNI Worldwide Threat Assessment
On Thursday of this week Director of National Intelligence Dan Coats delivered the annual Worldwide Threat Assessment of the U.S. intelligence community to the Senate Select Committee on Intelligence (SSCI). Despite this being an unclassified briefing (with closed sessions revealing significantly more unsettling detail), the report still paints a sobering outlook of the dangers facing the U.S.:
- US-based homegrown violent extremists (HVEs) will remain the most frequent and unpredictable Sunni violent extremist threat to the US homeland. They will be spurred on by terrorist groups’ public calls to carry out attacks in the West. The threat of HVE attacks will persist, and some attacks will probably occur with little or no warning. In 2016, 16 HVEs were arrested, and three died in attacks against civilian soft targets. Those detained were arrested for a variety of reasons, including attempting travel overseas for jihad and plotting attacks in the United States. In addition to the HVE threat, a small number of foreign based Sunni violent extremist groups will also pose a threat to the US homeland and continue publishing multilingual propaganda that calls for attacks against US and Western interests in the US homeland and abroad.
- The Islamic State of Iraq and ash-Sham (ISIS) continues to pose an active terrorist threat to the United States and its allies because of its ideological appeal, media presence, control of territory in Iraq and Syria, its branches and networks in other countries, and its proven ability to direct and inspire attacks against a wide range of targets around the world.
- Outside Iraq and Syria, ISIS is seeking to foster interconnectedness among its global branches and networks, align their efforts to ISIS’s strategy, and withstand counter-ISIS efforts. We assess that ISIS maintains the intent and capability to direct, enable, assist, and inspire transnational attacks. The number of foreign fighters traveling to join ISIS in Iraq and Syria will probably continue to decline as potential
recruits face increasing difficulties attempting to travel there. The number of ISIS foreign fighters leaving Iraq and Syria might increase. Increasing departures would very likely prompt additional would-be fighters to look for new battlefields or return to their home countries to conduct or support external operations.
- North Korea’s nuclear weapons and missile programs will continue to pose a serious threat to US interests and to the security environment in East Asia in 2017. North Korea’s export of ballistic missiles and associated materials to several countries, including Iran and Syria, and its assistance to Syria’s construction of a nuclear reactor, destroyed in 2007, illustrate its willingness to proliferate dangerous technologies.
- North Korea has also expanded the size and sophistication of its ballistic missile forces—from close range ballistic missiles (CRBMs) to ICBMs—and continues to conduct test launches. In 2016, North Korea conducted an unprecedented number of ballistic missile tests. Pyongyang is committed to developing a long-range, nuclear-armed missile that is capable of posing a direct threat to the United
States; it has publicly displayed its road-mobile ICBMs on multiple occasions. We assess that North Korea has taken steps toward fielding an ICBM but has not flight-tested it.
Laptop / Tablet Ban Looming
In March of this year AlertsUSA reported on new restrictions surrounding the different types of electronic devices allowed in the cabins of non-stop US-bound flights from eight Muslim-majority countries.
Last week we reported that sources within DHS/TSA informed AlertsUSA the ban would likely be expanded to some U.S.-bound flights from Europe in the coming months.
This week, the story appeared in the broader media indicating DHS may be announcing an expansion of the ban to include laptops/tablets in the cabins of ALL flights from Europe to the United States. It is also reported federal officials have already met with major U.S. airlines and at least one trade group to discuss the ban.
AlertsUSA continues to monitor the overall domestic and international threat environment and will immediately notify service subscribers via SMS messages of new alerts, warnings and advisories or any developments which signal a change the overall threat picture for American citizens as events warrant.