Cyber Circuit – February 2023

Updates from the Resource Center for State Cybersecurity team, February 28, 2023


Meet PISCES

The Public Infrastructure Security Cyber Education System (PISCES) is a nonprofit organization dedicated to developing the future cybersecurity workforce through an innovative model that creates collaboration with the private sector, colleges/universities, and local governments to provide a no-cost cybersecurity monitoring effort for small public organizations. Access informational materials and learn more here.


Fog of war: how the Ukraine conflict transformed the cyber threat landscape

A year after Russia’s invasion of Ukraine, Google’s Threat Analysis Group published a comprehensive picture of Russian use of malicious cyberspace activities to gain a wartime advantage. Read the complete report here.


Cybersecurity Resources


State Cyber Scan

Ohio’s largest oil producer says ‘no impact’ seen after cyberattack | The Record February 24, 2023

Encino Energy, one of the largest private natural gas and oil producers in the country, said it has investigated and remediated a recent cyberattack. Evidence of the attack surfaced on the dark web when the ALPHV ransomware group added the company to its data leak site. While more details of the incident have yet to be shared publicly, this is the latest attack on an oil and gas producer by ALPHV, which is also accused of launching the 2021 Colonial Pipeline attack.


Ransomware attack: some city of Oakland services are back online while recovery work continues | The Oaklandside February 22, 2023

A recent ransomware attack on the City of Oakland caused network outages and rendered many non-emergency systems inoperable. The city declared a local state of emergency as it investigated the attack and worked to restore its services.


White House mulls scaling up Login-dot-gov to reach every American | Federal Computer Week February 21, 2023

The White House appears set to give Login.gov, a digital identity service run by the General Services Administration (GSA), a leading role in providing access to public benefits programs to help eliminate fraud and identity theft. The draft executive order tasks GSA with scaling up its identity verification and authentication services to reach the entire U.S. population and make them available for use in state and local programs.


All but Florida, South Dakota apply for federal cyber grants allocated by infrastructure bill | The Record February 13, 2023

All but two U.S. states and territories applied for funding via the Infrastructure Investment and Jobs Act’s State and Local Cybersecurity Grant Program: Florida and South Dakota. A spokesperson from the Office of Florida Governor Ron DeSantis attributed the decision to concerns about the application process for funding and explained that the state has created its own $30 million grant program for local governments to strengthen their cybersecurity capabilities. A South Dakota official echoed these sentiments, adding that the year-to-year application structure of the grant program provides substantial administrative burdens.


State Looks to ‘Unconventional’ Tactics to Find Talent | Route Fifty February 9, 2023

To address the widespread shortage of tech workers, the Indiana Office of Technology (IOT) is changing the way it recruits employees into the public sector through its State Earn and Learn (SEAL) IT program. SEAL provides paid, on-the-job training to individuals wishing to transition into IT careers while also giving them time to study for industry certifications and qualifications. Since its launch in 2020, it has taken on more than 50 associates, who previously worked in areas like trucking, manufacturing, and customer service.


Governor Abbott Announces Statewide Plan Banning Use of TikTok | Texas Office of the Governor February 6, 2023

On February 6th, Texas Governor Greg Abbott announced a statewide model security plan to guide Texas state agencies to address vulnerabilities presented by TikTok and other software on personal and state-issued devices. Each state agency was given until February 15, 2023 to implement its own policy to enforce this statewide plan to protect sensitive information and the critical infrastructure from potential threats. Access the full plan here.


NYC to boost communication between privacy and cyber efforts | StateScoop February 6, 2023

The New York City Office of Information Privacy recently announced an update to its citywide data privacy policy to refine interoperability and collaboration between cybersecurity and privacy efforts. The update includes education around the requirements of a 2017 law that standardized the city’s privacy practices and created a chief privacy officer role and also urges privacy officers to establish monthly meetings with their agencies’ chief information security officers to help increase communication flows.


Apparent cyberattack forces Florida hospital system to divert some emergency patients to other facilities | CNN February 3, 2023

A network of Florida health care organizations was forced to send some emergency patients to other facilities and cancel some non-emergency surgeries after it was the target of a cyberattack earlier this month. Full details of the breach were not disclosed, but a statement of the activity described the need to shut down computer networks in a way that suggests a ransomware attack is to blame.


Gov. Cox Issues Executive Order to Ensure Data Sharing Between State Agencies | Utah Office of the Governor February 1, 2023

Utah Governor Spencer Cox issued an executive order this month to establish a time-limited task force on state agency collaboration and data sharing. The task force is to create an action plan to better serve Utah residents, with a deadline to present to the Governor by August 30, 2023. The details of the EO can be read here.


Two U.S. school districts hit with ransomware attacks this week | Axios February 1, 2023

School districts in Tucson, Arizona, and Nantucket, Massachusetts, responded to ransomware attacks on their networks early this month and schools in Nantucket decided to cancel their classes to minimize the impact. Ransomware gang Royal was thought to be behind the attack in Tucson, but it remained unclear who was responsible for the incident in Nantucket.