Short Takes – 10-1-22

FBI warns drones pose potential risk to critical infrastructure after some spotted over Louisiana chemical facilities. Amp-CNN-com.cdna.ampproject.org article. Pull quote: “"While most drone flights over infrastructure is innocent enough, it creates a real safety, operational, and security concern. Drones are a great tool, but they can also be used as a modern day explosive weapon in the wrong hands," Brian Harrell, former assistant secretary for infrastructure protection at the Department of Homeland Security, told CNN.”

2G network sunset. OnStar.com article. Pull quote: “The 2G network that your vehicle uses to connect to OnStar is being sunset in December 2022. While the OnStar buttons in your vehicle will be disabled, you will be able to use key services by calling an OnStar Advisor at 1.888.4ONSTAR or by downloading the OnStar Guardian® app.” Interesting response on LinkedIn.

Hurricane-Related Scams. CISA.gov advisory. Should not have to say this but…. Pull quote: “CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.”

Nationwide Cyber Security Review (NCSR) Assessment. Federal Register 60-day ICR Notice – Comments due by December 2^nd, 2022. Pull quote: “The NCSR is an annual voluntary self-assessment that is hosted on LogicManager, which is a technology platform that provides a foundation for managing policies, controls, risks, assessments, and deficiencies across organizational lines of business. The NCSR self-assessment runs every year from October-February. In efforts to increase participation, the deadline is sometimes extended. The target audience for the NCSR are personnel within the SLTT community who are responsible for the cybersecurity management within their organization.”