Category Archives: Security

US Senate Committee secured $500M to preserve and expand the Regional Tech Hubs program

Posted on by
Reply

The US Senate Committee on Commerce, Science and Transportation reports…

U.S. Senator Maria Cantwell (D-Wash.), Chair of the Senate Commerce Committee and key architect of the CHIPS and Science Law, secured up to $500 million in federal investments to preserve and expand the Regional Tech Hubs program. She also secured just over $3 billion to ensure communities across the country can remove and replace Chinese-owned telecommunication equipment from U.S. networks. Together, these strategic investments will accelerate American technological innovation and create jobs, while strengthening national security and our global economic competitiveness. Sen. Cantwell secured the funding as part of the National Defense Authorization Act (NDAA), which is set to pass before the end of the year.

“Protecting both our infrastructure from foreign threats and maintaining our economic and military competitiveness is critical. Agreeing to keep U.S. innovation a high priority by investing in both Rip and Replace and Tech Hubs helps us do just that,” said Sen. Cantwell.

The Regional Technology and Innovation Hubs (Tech Hubs) program was established by the CHIPS and Science Law. While Congress authorized $12.9 billion for Tech Hubs over five years under the law, only 10 percent of authorized funding for the first two years has been appropriated. As a result, 19 of the 31 designated Tech Hubs remain without sufficient implementation funding. By securing up to $500 million, these hubs will have the opportunity to be awarded funds to implement the programs that the Department of Commerce has approved.

At the same time, our telecommunications networks—that we use daily for cell phones and internet—remain vulnerable to foreign threats. Right now, there are roughly 24,000 pieces of unsecure Chinese-made equipment in our networks across the country, with most located in rural communities or near military bases. Congress created the Secure and Trusted Communications Networks Reimbursement (Rip and Replace) program to help small telecom companies remove and replace this unsecured equipment, yet failed to approve enough funding.

For American households, without funding to “rip and replace” this equipment, many providers may be forced to cut off service to residents. And as many rural providers are often the sole providers in their region, local residents and any travelers through that area would be unable to contact 911 in case of an emergency, causing significant public safety issues. In Washington state, there are 63 sites across the state in urgent need of network replacement.

This just over $3 billion will put small providers back on track to securing their networks and preserving service to residents.

This includes 43 networks in Minnesota.

FCC Chairwoman Rosenworcel proposes requiring telecom carriers secure their networks

Posted on by
Reply

The FCC reports...

Following recent reports involving an intrusion by foreign actors into U.S. communications networks, FCC Chairwoman Jessica Rosenworcel proposed urgent action to safeguard the nation’s communications systems from real and present cybersecurity threats, including from state-sponsored cyber actors from the People’s Republic of China.  The Chairwoman announced today that the Federal Communications Commission will act to ensure telecommunication companies are required to secure their networks.

“The cybersecurity of our nation’s communications critical infrastructure is essential to promoting national security, public safety, and economic security,” said Chairwoman Jessica Rosenworcel.   “As technology continues to advance, so does the capabilities of adversaries, which means the U.S. must adapt and reinforce our defenses.  While the Commission’s counterparts in the intelligence community are determining the scope and impact of the Salt Typhoon attack, we need to put in place a modern framework to help companies secure their networks and better prevent and respond to cyberattacks in the future.”

Chairwoman Rosenworcel has shared with her fellow commissioners a draft Declaratory Ruling finding that section 105 of Communications Assistance for Law Enforcement Act (“CALEA”) affirmatively requires telecommunications carriers to secure their networks from unlawful access or interception of communications.  That action is accompanied by a proposal that would require communications service providers to submit an annual certification to the FCC attesting that they have created, updated, and implemented a cybersecurity risk management plan, which would strengthen communications from future cyberattacks.

If adopted, the Declaratory Ruling would take effect immediately.  In addition, the draft Notice of Proposed Rulemaking would seek comment on cybersecurity risk management requirements for a wide range of communications providers.  The proposal would also seek comment on additional ways to strengthen the cybersecurity posture of communications systems and services.

Last month, the Commission proposed cybersecurity risk management plan requirements for submarine cable landing applicants and licensees.  In addition, the Commission previously proposed that participants in the Emergency Alert System and Wireless Emergency Alerts maintain cybersecurity risk management plans.

10 Steps to Help Build Broadband Resilience from Connect Humanity

Posted on by
Reply

One of the weird things I had to do for work a lifetime ago was create a disaster preparedness plan for the university library where I worked. I learned quickly that it was easiest to do the research and borrow heavily. Connect Humanity has made the easier for communities needing to create or deploy a broadband resiliency program. I have borrowed the recap of it from Benton Institute for Broadband & Society …

As communities across the Southeast US continue recovery efforts following the devastating hurricanes of late summer, one refrain stands out: connectivity is critical in disaster scenarios, and when the internet goes down, communities are cut off. Unfortunately, with climate-related risks increasing, many more communities are likely to face challenges in the coming decades. Resiliency in our local infrastructure—including broadband—is becoming ever more critical. Drawing from our partners and experts, these steps, ranging from immediate interventions to long-term strategies, can help communities respond now and prepare for the future by strengthening their broadband infrastructure.

  1. Conduct a Damage Assessment
  2. Prioritize Restoration of Critical Communication Points
  3. Identify and Leverage Federal and State Assistance
  4. Engage Residents and Community Groups
  5. Think Creatively During Infrastructure Repairs
  6. Prioritize Hardened, Weather-Resistant Infrastructure
  7. Create Redundant and Decentralized Networks
  8. Monitor and Strengthen Broadband Networks
  9. Implement Long-Term Digital Resilience
  10. Develop a Connectivity Plan

OPPORTUNITY: Minnesota Cybersecurity Task Force 2024 open seats

Posted on by
Reply

From the Minnesota Secretary of State…

The Office of the Minnesota Secretary of State (OSS) is providing notice of vacancies for various state boards, councils, and committees that are accepting applications. Minnesotans are encouraged to apply and serve in demonstration of public service. The newest vacancies are listed below. The complete list of 570 vacancies / 374 positions can be found on the Boards and Commissions Open Positions website.

Applications may be submitted online. Applicants who submit an application within 21 days of the “Publish Date” listed on our Open Positions page are assured full consideration by the appointing authority. Appointing authorities may choose to review applications received by the Secretary of State after the 21-day application period. You can still apply after the 21-day period though each appointing agency sets their own internal review dates for applications. If you have questions about specific board timelines, contact the board’s contact person listed on the OSS website by searching the board’s name.

See instructions for HOW TO APPLY at the end of this message.

Seats that I thought might interest readers…

Minnesota Cybersecurity Task Force 2024

Vacancies: 6 Seats — County, City, Town, or Tribal Government Member

Vacancies: 2 Seats — Critical Infrastructure Representatives

Vacancies: 1 Seat — Minnesota National Guard Representative

Vacancies: 2 Seats — Private Sector IT Representatives

Vacancies: 1 Seat — Public Education Representative

Vacancies: 1 Seat — Public Health Representative

Vacancies: 2 Seats — State Planning Representatives

How to apply…

– Visit the Boards & Commissions page
– Scroll down or use the search fields to look up the specific board you are interested in.
– To apply for a seat, click the green APPLY button in the “Open Positions” dropdown table near the top of the board webpage.
– The website will walk you through creating an application profile if you haven’t set up one up already.

-You will need an OSS account. Email official.documents@state.mn.us if you have trouble setting up your profile.
– You can submit additional supporting materials with your application (e.g. cover letter or resume).

– Hit “SUBMIT” when done.

How to find other opportunities…

– Visit the Open Positions page
– Scroll down the page to find the boards or seats you may be interested in. To learn more about the respective positions, click on the hyperlinks.
– To apply for a seat, click the green APPLY button on either the main Open Positions table or from the board’s webpage.
– The website will walk you through creating an application profile if you haven’t already.

– You will need an OSS account. Email official.documents@state.mn.us if you have trouble setting up your profile.
– You can submit additional supporting materials with your application (e.g. cover letter or resume).

– Hit “SUBMIT” when done.

FCC & Dep of Education release Cybersecurity Resource Guide

Posted on by
Reply

From the FCC

The Federal Communications Commission and the Department of Education, with input from the Cybersecurity and Infrastructure Security Agency, today released a resource guide to help schools and libraries evaluate their cybersecurity risks and identify the most impactful cybersecurity solutions.  The guide can also help schools and libraries as they complete applications for the FCC’s Schools and Libraries Cybersecurity Pilot Program and serve broadly as a resource for schools and libraries as they take steps to better protect their networks.

“Through the FCC’s Schools and Libraries Cybersecurity Pilot Program, we’ll have a chance to better understand what equipment, services, and tools will help protect school and library broadband networks from cyberthreats,” said FCC Chairwoman Jessica Rosenworcel.  “This guide will serve as a valuable resource to schools and libraries through their application process.”

The joint resource guide provides cybersecurity guidance and recommended resources to help schools and libraries keep their broadband networks secure.  Given the budget and resource constraints facing schools and libraries, the resource guide highlights free and low-cost options and focuses on the most impactful initial steps.  The guide also recognizes that specific cybersecurity needs may vary and provides a framework for schools and libraries to identify solutions that meet their unique needs.

“With cyber incidents regularly impacting K-12 schools, the FCC’s Schools and Libraries Cybersecurity Pilot Program will provide much needed support for schools across the country,” said U.S. Department of Education Deputy Secretary Cindy Marten.  “By collaborating with our colleagues at the FCC and CISA, this guide will help schools address their most pressing cybersecurity risks.”

The resource guide will help schools and libraries interested in applying for the Schools and Libraries Cybersecurity Pilot Program, which will award up to $200 million over a three-year term.  Participants selected for the pilot program will receive support to defray the costs of eligible cybersecurity services and equipment, while providing the Commission with data to better understand whether and how universal service funds could be used to improve school and library defenses against increasing cyberattacks.

The resource guide is part of the FCC’s ongoing collaboration with the Department of Education and the Cybersecurity and Infrastructure Security Agency to support the cybersecurity needs of schools and libraries, including the Commission’s participation on the Department of Education’s Government Coordinating Council to support K-12 cybersecurity.

For information regarding the FCC’s Schools and Libraries Cybersecurity Pilot Program, visit https://www.fcc.gov/cybersecurity-pilot-program.

Additional cybersecurity resources for schools and libraries are available through the Department of Education and Cybersecurity and Infrastructure Security Agency, including the K-12 Critical Infrastructure Brief: Defensible and Resilient, Cybersecurity Action Steps for the K-12 Community and Report: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats.

Four key findings in recent State EdTech Trends survey

Posted on by
2

The Benton Institute for Internet & Society recap a recent report…

The State Education Technology Directors Association (SETDA) released its third annual State EdTech Trends survey and report. With this survey of state education technology (edtech) directors, superintendents, commissioners of education, and other state-level policymakers, SETDA aims to catalog the way state education agencies are adapting to the opportunities and risks of increasingly ubiquitous technology.

Four Key Findings

The report presents four key findings based on the survey:

  1. State agencies are stepping up to meet the demand for more support on the responsible adoption of artificial intelligence (AI) in education.

  2. For the second year in a row, cybersecurity is the top edtech priority among state leaders, but fewer state leaders believe their state is providing sufficient funding to support connectivity.

  3. Anxiety about funding appears to increase as federal pandemic funds expire, while home connectivity and access remain the top unmet needs across states.

  4. New survey questions reveal opportunities for state education leaders to support the effective and equitable use of edtech as states appear to invest more in their own capacity.

OPPORTUNITY: FCC starts Schools and Libraries Cybersecurity Pilot Program

Posted on by
Reply

Broadband Breakfast reports…

The Federal Communications Commission announced Wednesday its $200 million Schools and Libraries Cybersecurity Pilot Program is just days away from being operational. Eligible K-12 schools and libraries can apply for funding starting September 17, with the window closing on November 1, according to the agency’s public notice.

Adopted by a 3-2 FCC vote in June, the three-year pilot program will bolster cybersecurity protections for educational institutions, which have become frequent targets of ransomware attacks and data breaches due to the large amounts of personal data they manage, including addresses, social security numbers, and medical information.

The White House Releases Roadmap to Enhance Internet Routing Security: Recommendations included

Posted on by
Reply

The White House reports

Today, the White House Office of the National Cyber Director (ONCD) released a Roadmap to Enhancing Internet Routing Security, which aims to address a key security vulnerability associated with the Border Gateway Protocol (BGP) – the protocol that underpins the way information is routed across networks. In addition to releasing the report, ONCD, in coordination with the Cybersecurity and Infrastructure Security Agency, is establishing a public-private stakeholder working group to develop resources and materials to collectively advance the report’s recommendations.

Here are the recommendations for specific audiences…

Baseline Actions for All Network Operators

The recommended actions below apply to all network types, meaning all network service providers and entities that operate enterprise networks or hold their own IP address resources.  These recommendations are of particular importance to the networks used by critical infrastructure; state, local, Tribal, and territorial governments; and any organization dependent on internet access for purposes that the entity considers to be of high value.

  1. Risk-Based Planning. Every network operator should develop, maintain, and periodically update a cybersecurity risk management plan. To inform both near- and long-term plans to implement BGP security measures, all network operatorsshould explicitly address the security and resilience of internet routing in their organization’s cybersecurity risk assessment, cybersecurity risk management analysis, and operational plans and procedures.
  2. ROA Publication. All network operators and entities holding IP address resources should create and publish ROAs in the public RPKI repository hosted by, or delegated from, the appropriate Regional Internet Registry (RIR). Operators should use their risk-based cybersecurity risk management plan to prioritize the publication of ROAs for address prefixes they assess as high-value or high-risk first.
  3. Contracting Requirements. Network operators using contractedexternal services (e.g., IP transit services, infrastructure services, cloud and content services) should include explicit requirements in future service contracts for their providers to validate BGP-enabled routes.
  4. Monitoring. Network operatorsshould monitor the status of their ROA data, routing security threats, outages, and disruptions and assess the quality of their internet routing services. Such monitoring can be done in-house or contracted through commercial monitoring services.

Additional Actions for Network Service Providers

In addition to the baseline recommendations above, network service providers are uniquely positioned to enhance routing security for the broader ecosystem. These actions include:

  1. ROV Deployment. Network service providers should deploy ROV filtering for their customers or arrange for upstream providers to do so. Large and small providers alike bear responsibility for ROV filtering, and larger providers are encouraged to implement ROV on behalf of smaller client networks.
  2. Facilitate Customer ROA Creation. Network service providers that allocate address space to customers should provide tools and guidance to enable their clients to create ROAs, for example through the network service provider’s service portals. Network service providers should provide guidance to their customers encouraging their enrollment in RIR RPKI services. Network service providers should consider providing or creating services to support customers willing to delegate ROA creation to their service providers.
  3. Routing Security Practices Disclosure. Network service providers should disclose their actions to implement routing security on their networks. Providers should establish a standardized means and format for disclosure of security practices.

Actions for Federal Government and Communications and Information Technology Sector Stakeholder Collaboration

The Federal Government is working collaboratively with communications and IT sector stakeholders to take specific actions to improve internet routing security. The Cybersecurity and Infrastructure Security Agency (CISA), as the Sector Risk Management Agency for the Communications and IT critical infrastructure sectors, in coordination with ONCD and in collaboration with the Communications and IT Sector Coordinating Councils, is establishing a joint working group under the auspices of the Critical Infrastructure Partnership Advisory Council to develop resources and materials to advance ROA and ROV implementation and internet routing security. The working group will consider:

  1. Risk Criteria and Prioritization Framework DevelopmentThe working group will develop criteria and a framework for network operators to assess risk and prioritize IP address resources and critical route originations (such as government use, critical infrastructure operations, etc.) for the application of routing security efforts to include ROA and ROV. Additionally, the working group will determine meaningful measures of progress, and create a standardized set of templates for network service providers to disclose routing security practices.
  2. Network Service Provider Playbook for Customers. The working group will develop a playbook, informed by diverse industry perspectives and parts of the internet service ecosystem, that outlines steps for customers to establish ROAs.
  3. Additional Activities and Progress Updates. The working group will stay informed of updates within the community and deliver a periodic update to the Federal Government that addresses priority issue areas.

Policy Actions Specific to the Federal Government

U. S. Federal departments and agencies should implement routing security on their networks, incorporate routing security in procurement requirements, engage in outreach with critical stakeholder communities, assess data from outages caused by routing incidents, promote and incentivize routing security best practices, provide training, reduce barriers to routing security, and monitor threats to routing security.

  1. Guidance to the Federal Enterprise. The Office of Management and Budget (OMB) should establish guidance for Federal departments and agencies to implement ROAs in a timely manner, aligned with agency risk assessments.
  2. Contracting Requirements. OMB, working through the Federal Acquisition Regulatory Council and in coordination with the General Services Administration, should require the Federal Government’s contracted service providers to adopt and deploy current commercially-viable internet routing security technologies, and perform ROV filtering on the contracted services connecting to the internet.
  3. Federal Grant Guidance. Federal agencies providing grant funding to build critical infrastructure that includes internet-connected systems or technologies, especially broadband networks, should require that grant recipients incorporate routing security measures into their projects.
  4. Metrics and Progress Reporting. OMB should establish a reporting mechanism for measuring Federal agency adoption of ROA, monitoring progress, and conducting analytics, where appropriate. The effort should leverage existing data sources and tools provided by academic and third-party partners.
  5. Standards and Technology Development. The National Institute for Standards and Technology (NIST) should continue to lead and coordinate USG efforts to research, standardize, and foster commercialization of BGP security and resilience mechanisms to address the remaining BGP vulnerabilities, including malicious BGP path manipulations, route leak mitigation, and peering authentication. NIST should also continue to develop monitoring and measurement tools to assess the progress and correctness of the global deployment of these additional mechanisms.
  6. Outreach and Education. CISA, through its public-private engagement efforts, should conduct an outreach campaign to increase U.S.-based enterprise network owners’ awareness of the benefits of ROA and ROV. CISA should continue to enhance network defenders’ tactical understanding of normal routing behavior, routing anomalies, and route-specific risks that impact network security policy.
  7. International Engagement. The Department of State, in coordination with appropriate agencies, should highlight internet routing security efforts and best practices in engagements with international partners to increase awareness of the benefits of the adoption of internet routing security measures.
  8. Research and Development. Research-funding agencies should continue to fund the development of internet routing-focused measurement, monitoring, and alerting technology to facilitate U.S. and global internet routing security deployment efforts.  Funding should support government entities, academic institutions, and independent subject matter experts equipped to measure progress, develop solutions, and inform future innovation. Continued investment should also address the next generation of threats and solutions.

US Senate Passes Child Online Safety Bill, Sending It to an Uncertain House Fate

Posted on by
Reply

The Benton Institute for Broadband & Society report on an article in the New York Times…

The Senate passed bipartisan legislation to impose sweeping safety and privacy requirements for children and teens on social media and other technology platforms, voting overwhelmingly to send the measure to the House, where its fate was uncertain. Passage of the measure, which has been the subject of a dogged advocacy campaign by parents who say their children lost their lives because of something they found or saw on social media, marked a rare bipartisan achievement at a time of deep polarization in Congress. Despite the lopsided support among Republicans and Democrats, the package faces a fierce lobbying effort by technology companies that are resisting new regulation, and deep skepticism among free speech advocates who argue that it would chill individual expression and potentially harm some of those whom the bill aims to protect. The vote was 91 to 3 to approve the measure, sending it to the House, which is in a summer recess until September. The legislation is the product of years of work by lawmakers and parents to overhaul digital privacy and safety laws as social networking sites, digital gaming and other online platforms increasingly dominate children’s and teens’ lives. The centerpiece of the legislation would create a “duty of care” for social networking platforms that mandates they protect minors against mental health disorders and from abuse, sexual exploitation and other harms. Companies could be held liable for failing to filter out content or limit features that could lead to those adverse impacts. The legislation also would require technology service providers to turn on the highest privacy and safety settings by default for users under 17 and to allow youths to opt out of some features that can lead to compulsive use, such as auto-playing of videos. A second measure included in the package would strengthen privacy protections for anyone under 17 and ban targeted advertising to children and teens. It would create an “eraser button” for parents and children, requiring companies to permit users to delete personal information.

 

Congresswoman Angie Craig working on bill to make selling illicit drugs on social media illegal

Posted on by
Reply

MinnPost tells the story of how one bereaved mom got Congresswoman Angie Craig interested and involved with getting rid of illicit drug sales on social media platforms…

Devin was Bridgette Norring’s middle child and oldest son. Beyond his interest in music, she said, “He was very athletic. He was into football, BMX, skateboarding. He was really good at math. He could rattle off the answers to the most complicated equations.” The Hastings teen also had a light-hearted side, she added: “He had a really quick-witted sense of humor. He was always trying to make someone laugh.”

On April 3, 2020, struggling with debilitating pain from blackout migraines and a cracked molar, Devin, desperate for relief after his doctor and dentist appointments had been canceled due to the pandemic, purchased a pill he thought was the pain reliever Percocet from a pair of local dealers who sold drugs on the social media platform Snapchat. It turned out that the pressed pill Devin took was not Percocet. It was actually 100% Fentanyl. He overdosed and was found dead in his bedroom the next morning. He was 19.

Norring connected with Craig…

Eventually, Craig invited Norring to join her Mental Health and Substance Use Disorder Advisory Council. “Of course I accepted,” Norring said. “It is a wonderful way to get our voices heard.”

This year, inspired by Devin’s story, Craig, with the support of Congresswoman Mariannette Miller-Meeks, R-Iowa, began work on the Cooper Davis and Devin Norring Acta bipartisan piece of legislation that would require social media companies and other communication service providers to alert federal law enforcement when illicit drug dealing and distribution occurs on their platforms. The act is named for Devin, and for Cooper Davis, a Shawnee, Kansas, teen who died of fentanyl poisoning after purchasing a counterfeit Percocet pill on Snapchat.

Craig said that, if passed, the legislation would hold social media companies accountable for the illegal sale of drugs on their platforms.

“Social media platforms are required to inform law enforcement in incidents of child sexual abuse on their platforms, but there are no consequences when they learn of these illicit drugs being sold on their platforms,” she said. “It’s surprising that there isn’t already the requirement.”

More info on the global technology outage

Posted on by
Reply

The NY Times reports

A series of outages rippled across the globe as information displays, login systems and broadcasting networks went dark.

The problem affecting the majority of services was caused by a flawed update by CrowdStrike, an American cybersecurity firm, whose systems are intended to protect users from hackers. Microsoft said on Friday that it was aware of an issue affecting machines running “CrowdStrike Falcon.”

But Microsoft had also said there was an earlier outage affecting U.S. users of Azure, its cloud service system. Some users may have been affected by both. Even as CrowdStrike sent out a fix, some systems were still affected by midday in the United States as businesses needed to make manual updates to their systems to resolve the issue.

George Kurtz, the president and chief executive of CrowdStrike, said on Friday morning that it could take some time for some systems to recover.

No real new insight since I posted MPR’s rundown on the impact in Minnesota but more of a  confirmation.

MPR outlines the impact of global tech hiccup in Minnesota

Posted on by
Reply

MPR News outlines the impact of the worldwide tech hiccup in Minnesota…

The massive technology outage that swept around the globe Friday disrupted flights, affected health care systems and knocked some government agencies offline in Minnesota.

The Associated Press reported that the trouble stemmed from a faulty software update issued by cybersecurity firm CrowdStrike, affecting computers running Microsoft Windows. Crowdstrike said it was not a hacking incident or cyberattack; the company apologized and said a fix was on the way.

Health care…

The Minnesota Hospital Association issued a statement Friday morning stating that “many hospitals and health systems in Minnesota are recovering from the overnight global technology disruption.”

Air travel…

The outage halted some airlines’ operations early Friday, including Delta and Minnesota-based Sun Country. That led to long lines in the terminals at the Minneapolis-St. Paul International Airport, of travelers waiting to check in or check luggage. Delta and Sun Country said some of their flights resumed after 7 a.m., but delays and cancellations persisted through the morning — totaling well over 200 by mid-morning.

Government…

At least a dozen state agencies, departments and offices in Minnesota were dealing with internet outages stemming from the outage.

A spokesperson for Minnesota IT Services said the agency was working with vendors to deploy a fix and restore services.

WARNING: Minnesota nonprofits getting scammed

Posted on by
Reply

I learned about the following from article from Kris Kewitsch at the Charities Review Council on the Nonprofit Tech Talk List. It’s a little bit off my usual post but I thought it might be helpful to pass on…

The Council is aware that at least ten of our nonprofit partners in the Twin Cities area have recently encountered a scam.

The current scheme entails an individual making a large donation via a cashier’s check in memory of a loved one. The individual then contacts the organization indicating the amount gifted was inadvertently too large and asks for a partial return of funds. The loss to the nonprofit occurs when they reimburse the individual and come to find that the initial, larger donation never cleared because the cashier’s check used was fraudulent.

Should your organization suspect or encounter a scam, the Council recommends that you save all physical and digital materials and communications involved, notify your bank of the concern, and promptly file an online report with the FBI’s Internet Crime Complaint Center.

Additional reading to increase your awareness of common business scams is available here from the Better Business Bureau®.

At the very least, these scams can cause a real headache and unfortunate use of staff resources. In more severe cases, they can also cause significant harm to your organization’s financial health.

EVENT June 21: Spotlight: Cybersecurity for Nonprofits

Posted on by
Reply

A class from the Minnesota Council of Nonprofits

Spotlight: Cybersecurity for Nonprofits

Friday, June 21  |  9 a.m. – 3:30 p.m.  |  Virtual

In this day-long training, learn need-to-know trends in cybersecurity to prepare for a safe and secure future, including:

  • Copilot AI: Practical Uses and Examples
  • Ransomware Tabletop Discussion
  • Cyber Insurance
  • Digital Transformation Toolkit

Register

FCC has plan to help libraries and schools with cybersecurity

Posted on by
Reply

A heads up to libraries and schools from Broadband Breakfast

The Federal Communications Commission on Thursday took the first step toward creating a pilot program to invest millions of dollars into cybersecurity software for eligible K-12 schools and libraries.

The agency voted to adopt the proposal 3-2, with Republican Commissioners Brendan Carr and Nathan Simington dissenting.

“The vulnerabilities in the networks that we use in our nation’s schools and libraries are real and growing, so today we’re going to do something about it,” FCC Chairwoman Jessica Rosenworcel said in her statement.

The proposal, first introduced last November, would provide $200 million from the Universal Service Fund to pay for firewall protections in eligible schools and libraries over the next three years. The funds will also go toward studying the most effective equipment, services and tools to safeguard digital infrastructure.