Welcome!

Eclipse Authors: Pat Romanski, Elizabeth White, Liz McMillan, David H Deans, JP Morgenthal

Blog Feed Post

The Cyber Threat to Non-Governmental Organizations

By

Editor’s note: In this guest post Paul Goldernberg brings more focus to the cyber security concerns facing many Non-Governmental Organizations (NGOs). NGO’s are typically non-profit organizations that pursue social aims. With over 1.5 million NGOs in the US alone, they present a very large target space to cyber attackers -bg 

Over the past year, cyber threats have emerged as a primary concern, particularly with regard to homeland security. Governments, corporations, houses of worship, and non-profit organizations large and small have been the target of cyber-attacks aimed at defacing websites, disrupting networks, stealing information and damaging systems and infrastructure. In outgoing remarks Homeland Security Secretary Napolitano has a warning for her successor: A massive and “serious” cyber-attack on the U.S. homeland is coming, — the likes of which the nation has never seen.

In today’s world, most faith based and non for profit organizations maintain their most valuable assets in digital form. Houses of worship and NGO organizations have a critical role in social service delivery and emergency management response and as such have more sensitive information invested in their technology than ever before. Examples could include employees’, clergy, congregants, recipients of social services, personal data, home addresses, monetary transfers, donor information, private materials about a faith based organization’s plans, etc. The dangers of the situation are further augmented when one factors in today’s increased interconnectivity, reliance on digital networks and web-based technology, and the broadened use of smart phones. This massive dependence on technology provides a perfect platform for groups and individuals who seek to cause severe damage to an organization’s infrastructure and operations. What is more, an institution’s private information is threatened with every download, every click on an internet link, and every opened email.

Mal-intentioned individuals or groups no longer require physical access to a house of worship or NGO to cause its community members harm, or to gather information to plan future terror or criminal attacks. Rather, a criminal, a hacker or a terrorist-related group from the other side of the globe can, with equal impunity, breach a house of worship or NGO network and silently gather its most vital information. Most troubling is that a theft or probing of this nature can go undetected for years—if not indefinitely. Where information once filled floors of locked filing cabinets under the careful watch of staff and volunteers, hackers and computer criminals now have the capacity to make digital copies of the original that fit easily onto concealed portable hard drives.

Not one year ago, a server that hosts around 50 Jewish congregational websites was attacked by a politically motivated hacker group called the Moroccan Ghosts. The group plastered the targeted websites with their logo and an hour-long video denying the Holocaust. According to the cyber experts, this one event was only part of a larger trend of hackings targeting the websites of groups for political and or ideological justification. The incident provides just a small glimpse into the damage that can result from breaches to an institution’s cyber-security. Of highest concern is when personal information such as the home addresses, names, schools attended by the children of faith based leaders and staff, become open source posts on hate filled or extremist websites and blogs. Jane Holl Lute, former Deputy Secretary of Homeland Security and nationally-regarded cybersecurity expert, advises:

“In cybersecurity, we are now experiencing what one noted expert has termed “the fog of more.” A welter of advisories, technology, tools, and checklists is being offered up in the service of protecting our networks. But part of the reason more enterprises are not better postured on cybersecurity is because it is not always clear what should be done first, or as a matter of priority, among the various means and ways that are suggested.”

“Cyber threats to houses of worship, faith based and NGO organizations pose significant security risks to their operations and include everything from surveillance and intelligence collection on leaders and members to accessing systems that can disrupt operations or be exploited for conducting a physical attack. The security operation needs to include complete security planning and implementation to counter both physical and cyber threats…” says Robert Liscouski, CEO of Axio Global, LLC (a cyber-enterprise risk firm) and former Assistant Secretary of Infrastructure Protection, Department of Homeland Security.

In terms of cyber threats on individuals, the 2012 Norton Cybercrime Report revealed that 556 million individuals are victims of consumer cybercrime every year. That’s 18 victims per second. Two out of every three adults use a mobile device with internet access, and 31% of mobile users that year received a text message from an unknown source asking them to click on a link, dial an unknown number, or retrieve a suspicious “voicemail.”

Due to the evolving nature of the risk to faith based and NGO affiliated facilities, the answer to who is responsible for addressing cyber-security concerns is somewhat vague. An administrator’s or a director’s fiduciary duties without a doubt extend to the protection of significant digital assets. What, then, are a director’s or an administrator’s specific responsibilities when it comes to cyber security? Can an administration simply rely upon its IT department or person to address cyber-security needs, or do faith based and NGO leaders have an obligation to educate themselves on the nature of their respective agency’s cyber technology? Will cyber-security be a topic of discussion only after an organization experiences a major security breach?

Cyber-security has become the new homeland security of the decade. It is imperative that we apply the same level of awareness and action as we have to the physical security of our facilities to ensure our security against this ever-evolving threat. Last year, then Defense Secretary Leon Panetta issued a call to arms against cyber-attacks, warning that sophisticated attacks against the U.S. could be America’s next “cyber Pearl Harbor.”

The threat of cyber-attack is more real than ever. Like the years leading up to 9/11, the clarion call has been sounded, and warnings have been made. Are we listening?

Preventative strategies in preventing cyber-attacks can be found here

Mr. Goldenberg is the President and CEO of Cardinal Point Strategies and is a member of the United States Department of Homeland Security Advisory Council and serves as Vice Chair of the DHS Faith Based Advisory Security Council. He provides counsel to government, faith based and NGO organizations in cyber security policy and information sharing, as well as strategic counsel on global national security affairs to international NGO, private sector, and government agencies. He also serves as a Senior Security Advisor to the County Executives of America, Counter Terrorism Adviser to the American Hotel and Lodging Associations Educational Institute, and National Director of the Secure Community Network, the nation’s first full time faith based threat and information sharing center.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
"Cloud Academy is an enterprise training platform for the cloud, specifically public clouds. We offer guided learning experiences on AWS, Azure, Google Cloud and all the surrounding methodologies and technologies that you need to know and your teams need to know in order to leverage the full benefits of the cloud," explained Alex Brower, VP of Marketing at Cloud Academy, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clar...
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
SYS-CON Events announced today that Telecom Reseller has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics gr...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things’). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing? IoT is not about the devices, it’s about the data consumed and generated. The devices are tools, mechanisms, conduits. In his session at Internet of Things at Cloud Expo | DXWor...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution. In his session at @ThingsExpo, Akvelon expert and IoT industry leader Sergey Grebnov provided an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...