Rural hospitals are receiving help from Microsoft to address cybersecurity risks

Most cyberattacks in rural hospitals are due to human error.
(Photo by the National Cancer Institute, Unsplash)

Cyberattacks are targeted at rural hospitals due to their lack of resources, old computers and a high probability of human error.

Liz Carey at the Daily Yonder reported that, according to a Microsoft study, cyberattacks are a real threat to rural hospitals. “In 2022, 44 attacks in Texas exposed nearly 6 million patient records.”

In an interview with the Daily Yonder, Alan Morgan, president and CEO of the National Rural Health Association, addressed the issue of cybersecurity costs.

“It is important to note that large, well-financed national health systems have to date failed to prevent cyber-attacks on their organizations, so for a small rural hospital, with far fewer resources, the issue is even more daunting.”

Microsoft’s Cybersecurity for Rural Hospitals Program is providing more than 550 participating rural hospitals in America with free cybersecurity assessments, training and discounts on security products.

“Officials with Microsoft said the goal of the cybersecurity program is to address not only immediate risks facing the hospitals, but to encourage broader systemic challenges as well,” Carey wrote.

A webinar briefing on potential election threats and how reporters can cover them will be held on Aug. 6

Cait Conley

If you're a journalist looking for help to cover security threats and other issues in this year's election cycle, The Journalist Resource is offering a free webinar, "Election Security: Threats and Mitigations," on Tuesday, Aug. 6 from 12:30 to 1:30 p.m., E.T. The session is open to the public. Register here.

Cait Conley, senior advisor to the director of the Cybersecurity and Infrastructure Security Agency, will lead a practical briefing on known and potential threats to the 2024 elections, how election stakeholders are mitigating those threats, and advice on how journalists can prepare to report on them.

Attendees will learn:

• The landscape of threats to the 2024 U.S. elections.
• What those threats mean practically to the security or integrity of the election process.
• What election officials, vendors and the federal government are doing to protect the security and resilience of the U.S. election infrastructure.

A question-and-answer discussion will follow Conley's presentation.

The webinar will be available on journalistsresource.org after the event.

About the speaker:
Conley's role supports CISA’s election security efforts. She leads CISA’s work in partnering with state and local election officials to manage and reduce risk to the nation’s election infrastructure.

Policymakers and legislatures work to contain the harm AI and deepfakes could do in this year's elections

(Graphic by Sean Westwood/DALL-E artificial intelligence
via Dartmouth)

AI and deepfake political ads are easy to disseminate and pose a threat to U.S. elections. Policymakers have been hard at work trying to get ahead of the problem. "The Federal Communications Commission announced it would move forward with a proposal to require that TV and radio advertisements disclose on air when AI is used," reports Chris Teale of Route Fifty. "The timeline for the rule’s implementation is unclear, but it is expected to go into effect by November."

The proposal's green light wasn't unanimous. Teale writes, "Commissioner Brendan Carr said in a statement that the FCC’s proposal, which will be subject to a vote later this year, is a 'recipe for chaos' that can 'only muddy the waters.'. . . 'Suddenly, Americans will see disclosures for AI-generated content on some screens but not others, for some political ads but not others, with no context for why they see these disclosures or which part of the political advertisement contains AI."

One deepfake trick is to generate robocalls to voters. Before the "New Hampshire presidential primary election, a robocall purportedly featuring President Joe Biden discouraged voters from going to the polls, and instead told them to wait until November’s general election to vote," Teale explains. "The call turned out to be a deepfake generated by artificial intelligence."

The FCC's rule is "one of many efforts in recent weeks to get ahead of the potential threat deepfakes pose. State and local election offices have already seen how AI-generated content could be used to spread misinformation and disinformation," Teale reports. "President Joe Biden has already been the subject of much AI-generated content, including a video on Facebook that made it look like he inappropriately touched his granddaughter’s chest after they voted in the 2022 midterms."

AI leaves voters unsure of who's saying what and possibly defaulting to believing nothing anyone says. In response, policymakers and legislatures are working through the best ways to help create clarity where there could be chaos. Teale writes, "Already, several state legislatures have passed laws requiring disclosure of AI’s use in elections and campaigns, with only Minnesota and Texas outright banning it. More than three dozen states are in various stages of considering similar disclosure bills."

Quick hits: Locally made farm tools; anger can hurt your heart; cybersecurity for farms; finding lost treasure

Conor Crickmore, owner of Neversink Tools, does a training video. Crickmore's company
focuses on improving or upgrading existing tools. (Neversink Tools photo via Modern Farmer)

In rural America and beyond, buying locally can have a bigger reach than signing up for Community Supported Agriculture or visiting the farmers market. "If we want a future with more farmers, more fresh, healthy food and stronger local economies, we need infrastructure that supports small growers," reports Melissa Julia of Modern Farmer. "Locally made tools, from hoes to tractors, are an important part of that support system and confer many of the same advantages as locally grown food. . . . Meet three U.S.-based toolmakers who want to change the landscape of tool buying and making to support their local farmers and communities."

Just about everyone gets angry at one time or another, but the emotion can increase the chance of heart attacks. "Researchers examined the impact of three different emotions on the heart: anger, anxiety and sadness," reports Sumathi Reddy of The Wall Street Journal. "Those in the angry group had worse blood flow than those in the others; their blood vessels didn't dilate as much." Dr. Daichi Shimbo, a professor of medicine at Columbia University and lead author of the study, told Reddy, "We speculate over time if you're getting these chronic insults to your arteries because you get angry a lot, that will leave you at risk for having heart disease."

Nordic residents tend to trust in the kindness of
each other. (Adobe Stock photo)

If repeated bouts of anger are unhealthy, what can Americans do to become happier? Research on the happiness levels of some Nordic countries may provide clues. "Nordic countries have managed to enter a very virtuous cycle, where efficient and democratic institutions can provide citizens security, so that citizens trust institutions and each other," reports Camille Bello of Euronews. For countries to model Nordic happiness, professor John F. Helliwell, editor of the World Happiness Report, told Bello countries should focus "on the six key indicators in the World Happiness Report - GDP per capita, social support, healthy life expectancy, freedom, generosity, and corruption."

From extreme weather to labor shortages to fertilizer price increases, farmers have plenty to worry about; however, the average American may not realize that food producers also have to guard against ransomware attacks. "Last year Dole took a hit, losing $10.5 million in an attack that stole the Social Security numbers of nearly 4,000 employees," reports Jaclyn De Candio of Ambrook Research. "Containing the breach impacted half of their servers and several user-end computers, disrupting a portion of their fresh vegetable processing." To learn more about U.S. agriculture's vulnerability to cyberattacks and possible outcomes, click here.

A forest search for coins can be a day of treasure
hunting. (Adobe Stock photo)

Right now, the cost of just about everything seems high, and $100 does not go nearly as far as it used to; however, there is money to be found for those who don't mind searching for lost coins. "Americans toss millions in coins yearly, abandoning them to sidewalks, parking lots, airports and bus seats. Many end up in the trash," reports Oyin Adedoyin of The Wall Street Journal. "For some, it is easy money. Others do it for luck, as a game, or for the satisfaction of noticing life's tiny triumphs. Many find it downright thrilling."

Some farmland Conservation Reserve Program acreage has increased, and as the program continues to evolve, where and how the land is used has changed. "A new program, Grassland CRP, has driven all the gains. This 'working lands program' allows producers to continue some grazing or haying practices," reports Agricultural Economic Insights. "Also, the program has a much lower rental rate, overcoming the decades-long headwind of consistent program dollars but rising rental rates. . . . A few pockets reported county-level acreage increases as the specific facets of the CRP program . . .  have come forward."

Hackers who claim to be the 'Cyber Army of Russia Reborn' disrupt a water tower system in rural Texas

The FBI has been investigating the hack in Muleshoe, Tex.
(City of Muleshoe, Texas photo via CNN)

While the number of computer hacks on American businesses by foreign actors has steadily increased, a hack in Muleshoe, Texas, in January might be the "first disruption of U.S. water system by Russia," reports Ellen Nakashima of The Washington Post. A Muleshoe citizen drove past the town's water tower, saw it was overflowing and alerted the police. "Authorities soon determined the system that controlled the city's water supply had been hacked. . . . Thousands of gallons of water had flowed into the street and drain pipes."

The hackers, who identified themselves as the Cyber Army of Russia Reborn, "Posted a video online of the town's water-control systems showing how they reset the controls," Nakashima writes. Using the messaging platform Telegram, the hackers posted a caption that read, "We're starting another raid on the USA." The hackers proceeded to explain how they were going to target U.S. infrastructure.

Location of Muleshoe, Tex., pop
5,200 (Wikipedia map)

Experts from the cyber security firm Mandiant believe "that the water tank overflow in a Texas panhandle town may well be linked to one of the most infamous Russian government hacking groups," Nakashima reports. "If confirmed, analysts say it would mark a worrisome escalation by Moscow in its attempts to disrupt critical U.S. infrastructure by targeting one of its weakest sectors: water utilities."

The notorious Russian hacking group, nicknamed "Sandworm, has achieved notoriety for briefly turning out the lights in parts of Ukraine at least three different times; hacking the Olympics Opening Games in South Korea in 2018; and launching NotPetya, one of the most damaging cyberattacks ever that cost businesses worldwide tens of billions of dollars," Nakashima explains.

Muleshoe's city manager, Ramon Sanchez, told Nakashima, "You don't think that's going to happen to you. It's always going to happen to the other guy." Nakashima reports, "Sanchez said the hackers brute-forced the password for the system's control system interface, which was run by a vendor. That password hadn't been changed in more than a decade."

Ransomware isn't going away; it's a local and global threat that demands ongoing vigilance, especially in rural areas

Image by Markus Spiske, Unsplash

It's a global problem, and rural areas are more vulnerable. It's not Covid-19, it's ransomware. "What was once an easily squashed nuisance is now seen as a persistent threat," reports Mike Allen of Axios. "Ransomware attacks, which take an organization's data hostage and shut down its systems until the hackers receive payment, have exacted an escalating price on law enforcement, policymaking and financial resources around the world."

What does a rural ransomware attack look like? "Westmoreland, Kansas, is the seat of Pottawatomie County and home to around 750 of its 25,000 residents. . . . [In 2021] data was stolen from Pottawatomie County’s computers by cybercriminals who paralyzed its systems with ransomware and left some services inaccessible to residents for weeks," reports Andrea Peterson of The Record, a cyber news source. "The infiltration and the County’s reaction highlights the complicated economic, financial, and social factors at play when local government systems are compromised. . . .The attackers originally demanded $1 million, but settled for $71,250 after 'a successful negotiation' highlighting the County’s limited financial means."

Along broader lines, last week, cybersecurity professionals gathered to discuss ongoing global challenges. "Rob Joyce, the National Security Agency's director of cybersecurity, told reporters that Russian hackers are now weaponizing ransomware in attempted attacks against Ukrainian logistics supply chain companies, as well as organizations in Western-allied countries," Allen adds. "Cybersecurity firm Sophos said in a report released Tuesday that 68% of cyberattacks last year involved ransomware. . . . A panel on the last day of the gathering acted out what the federal response to a hypothetical, Iran-backed ransomware attack on U.S. banks in 2025 might look like."

Fighting ransomware attacks is taking a consistent, long-term approach. "Many ransomware operators are based in Russia, where the Kremlin tends to turn a blind eye to cyber criminals targeting Western countries. . . . Organizations still struggle with basic cyber hygiene to protect themselves," Allen reports. "Government sanctions, internet server takedowns and criminal arrests have slowly but steadily reduced businesses' willingness to pay ransomware gangs, Tom Hofmann, chief intelligence officer at Flashpoint, said. . . . The number of ransomware attacks dropped 15% between 2021 and 2022, according to recent data from Google-owned threat intelligence firm Mandiant. But that came after they skyrocketed the year before."

American agriculture remains vulnerable to cyberattacks; some experts see 'previously unimaginable risks'

Unlike industries such as banking, U.S. agriculture is vulnerable to digital attacks due to a lack of internal support -- and attitudes that prevent information sharing and analysis that could fend off hackers, reports Eric Geller for Wired magazine. "In the past few years, cyberattacks on the meat processing giant JBS Foods and the Iowa farm services firm NEW Cooperative have laid bare the industry's widespread vulnerabilities. . . . . New technologies, including advances in artificial intelligence, are creating previously unimaginable risks, overwhelming a workforce not accustomed to dealing with digital security. . . . food and agriculture is one of only a few critical infrastructure sectors that doesn't have an Information Sharing and Analysis Center, or ISAC, helping companies fight back."

Work at a meatpacking plant Getty Images photo via Wired

Geller notes that U.S. agriculture is filled with protection shortfalls that attract hackers, and "Farmers are also vulnerable to more immediate sabotage. The same remote-access technology that enabled John Deere to remotely disable a batch of Ukrainian tractors stolen by Russian forces could let hackers turn off millions of tractors across the U.S. . . . Inside the massive industrial facilities where most chickens are raised and slaughtered, the temperature and humidity are precisely controlled by internet-connected computers. With control of this system, hackers could engineer a catastrophe."

Geller reports, "Today, food and agriculture is one of four critical infrastructure sectors (out of 16) without an ISAC, along with dams, government facilities, and nuclear reactors and materials. . . .Despite being increasingly vulnerable, Marcus Sachs, director at Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security, says the food and agriculture sector still 'doesn't really understand the threat mindset' as well as higher-profile sectors, like financial services and energy, do. . . . the Department of Agriculture has shown 'very little interest' in cybersecurity, says Sachs, who has tried to prod officials into action."

U.S. Rep. August Pfluger, R-Texas, told Geller, "Agricultural and food security is the foundation of American security. . . . Plenty of folks I've spoken with think there needs to be a dedicated ISAC. . . . Without a stable food supply, society stops functioning." Still, the sector needs to have multiple supports added for protection. Geller reports, "Pfluger's bill, the Food and Agriculture Industry Cybersecurity Support Act, would create new federal resources for companies, require improved coordination between government and industry, and launch a Government Accountability Office review of the sector's situation, including whether an ISAC is necessary."

Meanwhile, "Experts say the government could better use its existing programs to help," Geller writes. "Sachs and his colleagues are even considering helping a coalition of land-grant universities launch an ISAC that would both facilitate information sharing and prepare students to enter the food and agriculture workforce with key cyber skills. . . .Whether or not the sector forms an ISAC, there's widespread agreement that more must be done to counter the growing array of threats endangering these companies and the hundreds of millions of people who rely on them for basic sustenance."

U.S. Government warns about cyber-attacks; National Newspaper Association alerts members and gives steps

The National Newspaper Association is alerting members that the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have released a joint Cybersecurity Advisory.

"NNA members have reported being attacked by the advised ransomware," the association says, giving steps the agency suggests you take: 

Prioritize remediating known exploited vulnerabilities.
Train users to recognize and report phishing attempts.
Enable and enforce multi-factor authentication.

You may also wish to read this article by TechCrunch that breaks down the advisory.

"Since approximately September 2022, cyber criminals have compromised U.S. and international
organizations with a Royal ransomware variant," the Cybersecurity Advisory release explains. "Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems. Royal actors have made ransom demands ranging from approximately $1 million to $11 million USD in Bitcoin. . . . Royal actors have targeted numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, health care and public health care and education."

Deere, Farm Bureau sign deal to let farmers fix equipment on their own, discourage legislative action on the issue

A John Deere fully autonomous tractor at last year’s Consumer Electronics
Show (Photo by Patrick T. Fallon, Agence France-Presse via Getty Images)

Deere & Co. and the nation's leading farm lobby have struck a compromise in the battle between farm-equipment manufacturers and farmers. "Deere signed a memorandum of understanding with the American Farm Bureau Federation that the group said ensures farmers can repair their own farm equipment or take it to independent repair shops," reports Patience Haggin of The Wall Street Journal. "The agreement addresses a debate that has grown in recent years, as the farm industry has implemented high-tech equipment like software and sensors in machinery like tractors and harvesters aimed at boosting harvests and speeding planting."

While the understanding appears to address demands from both sides, it discourages further legislative action: "The agreement creates a mechanism to address farmers’ concerns and give them access to resources needed to repair their own equipment," Haggin writes. "It seeks to address the so-called “right-to-repair” issue through the private sector. . . . and discourages the federation’s state organizations from introducing, promoting or supporting such legislation. . . . The federation said the agreement could serve as a model and that it had begun talks with other manufacturers."

Kevin O’Reilly, Right to Repair campaign director at the Public Interest Research Group, a progressive advocacy organization, said the agreement could be difficult to enforce. He told Haggins that lawmakers "should continue pushing right-to-repair legislation until every farmer in every state with every brand of equipment can fix every problem with every tractor."

The conflict has been a circle of frustration for both sides: "Some farmer organizations and consumer advocacy groups have accused Deere and other manufacturers of using proprietary software on their equipment to restrict repair work to the manufacturers’ own dealers. . . . It has increased their costs by forcing them to call in technicians from dealerships for repairs they could handle themselves, if the equipment companies would give them greater access to the software," Haggin writes. "Deere has said it provides tools and repair manuals enabling private repairs, but has pushed back against what it says are attempts by farmers to modify software that controls machinery operations."

New hack for John Deere tractors is latest tool in right-to-repair movement, but underscores security vulnerabilities

Hacker Sick Codes ran a farm-themed version of the game
 Doom on the jailbroken tractors. (Photo by The Register)

A new hacking tool for John Deere tractors, revealed at a recent cybersecurity conference, is the latest salvo in the battle between major farming equipment manufacturers and farmers who want to be able to repair their own gear more quickly and affordably, Lily Hay Newman reports for Wired. However, security gaps that farmers and hackers exploit to carry out these "jailbreaks" underscore the machines' vulnerability to malicious actors.

The new jailbreak allowed Australian hacker Sick Codes to gain root access to the popular John Deere 2630 and 4240 model tractors from their touchscreens. He presented the hack this month at DefCon in Las Vegas as sort of an apology: After he presented research on tractor software security bugs at last year's conference, John Deere fixed the flaws that allowed him and other hackers access. But farmers were outraged that he had tipped off the company, and complained that he had ruined their ability to jailbreak their equipment, "So I figured I would put my money where my mouth is and actually prove to farmers that they can root the devices," he told Newman.

Codes said he's worried about global food security and doesn't want farmers to be vulnerable to bad actors. But at the same time, he wants farmers to be able to fully control and repair their own machinery, Newman reports. President Biden issued an executive order last summer directing the Federal Trade Commission to limit farm-equipment companies' ability to prevent tractor owners from repairing their own equipment or using independent repair shops. Bills to enshrine the right-to-repair in law have been introduced in the Senate and in several states, but New York is the only state to pass one.

"Facing mounting pressure, John Deere announced in March that it would make more of its repair software available to equipment owners," Newman reports. "The company also said at the time that it will release an 'enhanced customer solution' next year so customers and mechanics can download and apply official software updates for Deere equipment themselves, rather than having John Deere unilaterally apply the patches remotely or force farmers to bring products to authorized dealerships."

Election security webinar for Ky., N.C., Tenn., Va. and W.Va. set Aug. 18; agency issues guide to digital election threats

"Promoting elections accuracy and bolstering voter roll maintenance and cybersecurity" is one of six major policy trends to watch in state governments, Bloomberg Government reports, and local, state and federal elections are less than three months away. Next week, five Appalachian states will be the focus of a webinar for journalists and others interested in the topic.

The Election Cybersecurity Initiative of the University of Southern California will hold the webinar aimed at Kentucky, North Carolina, Tennessee, Virginia and West Virginia from 1:30 to 3:30 p.m. ET Thursday, Aug. 18. Zoom login information will be provided upon registration, available here.

Topics of the webinar will include cybersecurity, cyber safety, disinformation, misinformation, and crisis response. Scheduled speakers are:

• Sarah Mojarad, lecturer, USC Viterbi School of Engineering
• Clifford Neuman, director, USC Center for Computer Systems Security
• Dave Quast, adjunct faculty, USC Annenberg School of Communications and Journalism
• Marie Harf, international elections analyst, USC Election Cybersecurity Initiative
• Maurice Turner, election security analyst, USC Election Cybersecurity Initiative
• Michael Coden, associate director, cybersecurity, MIT Sloan School of Management

The webinar will be hosted by Adam Clayton Powell III, executive director of the Election Cybersecurity Initiative. Questions? Email truevote@usc.edu.

Meanwhile, the Cybersecurity and Infrastructure Security Agency has released a guide to digital threats facing election officials and how to mitigate them. The Cybersecurity Toolkit to Protect Elections "aims to help election administrators and their staffs protect themselves against threats including phishing, ransomware, email scams, denial-of-service attacks and other vectors that could potentially disrupt the voting process or confuse voters," StateScoop reports.

Lincoln College, an HBCU in rural Illinois, will be the first U.S. college to close because of a ransomware attack

Lincoln, the seat of Logan County
(Wikipedia map)

Lincoln College in rural Lincoln, Illinois, is set to close its doors Friday, making it the the first institution of higher learning in the U.S. to shutter because of a ransomware attack. "A goodbye note posted to the school’s website said that it survived both World Wars, the Spanish flu and the Great Depression, but was unable to handle the combination of the Covid pandemic and a severe ransomware attack in December that took months to remedy," Kevin Collier reports for NBC News.

The local economy will no doubt feel the loss of the college keenly, since staff and students make up nearly 900 of the community's more than 13,000 residents. Colleges can be a significant economic draw in general for rural towns in general.

The loss goes beyond the economic toll. Lincoln College, which broke ground on namesake Abraham Lincoln's birthday in 1865, "is one of only a handful of rural American colleges that qualify as predominantly Black institutions by the Department of Education," Collier notes. It is also the only college to be named after Lincoln while he was alive, and the town is the only one named for him before he became president; he was a lawyer for the railroad that founded it.

Ransomware attacks are an increasing threat to the security and finances of businesses, governments and schools nationwide, especially in rural areas that often lack the time, funding and expertise to fend off such attacks. Smaller schools are often especially attractive to hackers, owing to their smaller cybersecurity budget.

At least 14 colleges and universities have been hit with ransomware attacks this year. "Ransomware attacks against colleges come from a number of known, distinct cybercriminal gangs, and they don’t appear to have any particular pattern with what kind of college they target, and instead simply go after any victim where they can find a cybersecurity vulnerability," Collier reports. "Many ransomware hackers who attack American targets are based in Russia or other former Soviet countries. But even in cases where U.S. authorities know their identities, few of them have ever been arrested in conjunction with American law enforcement efforts."

Hackers causing crises at rural hospitals, specialty clinics

"The reality of being locked up by ransomware is no longer a concern reserved solely for major health systems, once a primary target," Marion Renault reports for Stat. "Regional hospitals and specialty clinics are now also constantly warding off, and falling prey to, malicious cyberattacks as ransomware groups grow more opportunistic than ever. Federal databases detail a number of small providers — from pediatrics clinics to hearing centers, chiropractors and child abuse prevention non-profits — caught up in the sweep of attacks targeting the health care system. Such attacks "can be devastating for a health system of any size and scary for anyone relying on its care. But for smaller hospitals and practices, the costs — both to patients and to the bottom line — can be especially steep. Experts say that small, rural providers are also less likely to be prepared to defend, resolve and recover from a ransomware attack than their larger, urban counterparts."

An October 2020 ransomware attack on Sky Lakes Medical Center in Klamath Falls, Oregon, for example, hobbled the hospital for nearly a month, left patients with little or no care, and cost the hospital an estimated $10 million in lost services, replaced equipment and more, even though it didn't pay the ransom, Renault reports. Cyberattacks have driven some providers out of business, such as Brookside ENT in Michigan or Wood Ranch Medical in California. Hospitals survive, but the breakdown in care can cause patients to lose trust, and sometimes they sue for damages, Renault reports.

N.C. becomes first state to bar state, local governments from paying ransoms to hackers; others may follow suit

North Carolina just passed a law prohibiting state and local governments from paying ransom to hackers who encrypt their computer systems; other states could follow suit. That could put rural governments at a disadvantage, since they are often more vulnerable to cyberattacks.

State and local agencies and governments in North Carolina may not pay or even communicate with hackers, according to the new law. "Rather than communicate with attackers, agencies must consult with the Department of Information Technology as described in this statute, which requires reporting cybersecurity incidents to the DoIT within 24 hours. Private sector entities are encouraged, but not required, to report cybersecurity incidents to the state’s IT department," Susan Miller reports for Route Fifty. Other states, including New York and Pennsylvania, are considering similar laws.

"According to a National Law Review article, lawmakers in North Carolina and Pennsylvania have suggested that hackers will have no financial incentive to attack agencies that are prohibited from paying ransoms and will look for victims in other states," Miller reports. "This strategy would put under-resourced agencies at a disadvantage, the article suggested, as they may be unable to restore or rebuild their systems after an attack."

Smaller communities worry they'll miss out on cybersecurity grant money from feds due to lack of expertise to ask for it

Many leaders of smaller city and county governments are excited about a new $1 billion federal cybersecurity grant program, but they're worried they'll miss out on the money because they don't have the resources or expertise to create proposals, Jenni Bergal reports for Stateline.

The funding comes from the $1.2 trillion infrastructure law, and will be distributed to states over the next four years through the Federal Emergency Management Agency. States must ensure that 25 percent of the money goes to rural areas, and 80 percent overall to local governments, Bergal reports.

The need for funding is dire in rural areas. "Ransomware has wreaked havoc on local governments in the past several years. It typically spreads when hackers email malicious links or attachments that people unwittingly click on. Malware then hijacks the computer system and encrypts data, holding it hostage until victims either restore the system on their own or pay a ransom, usually in bitcoin, in exchange for a decryption key," Bergal reports. "Last year, there were at least 77 successful attacks on local and state governments and another 88 on school districts, colleges and universities."

Local governments, particularly in rural areas, are far less equipped to deal with a cyberattack. Their computer systems tend to be older, and their staff tend to have less training in how to deter such attacks, Bergal reports.

"In rural communities, the IT person, who is probably also the public works director or the city recorder, is expected to know what software they need to buy or how at risk they are," Brenda Wilson, executive director of the Lane Council of Governments in Oregon, told Bergal. "They just don’t know. How can they put together a plan to submit to the state?"

Iranian hackers got into Lee Enterprises systems the day after the 2020 election, and tested how to create fake news

Lee Enterprises newspaper locations; click the image to enlarge, or click here for the interactive version and a list.

"Iranian hackers last year infiltrated the computer systems of Lee Enterprises Inc., a major American media company that publishes dozens of daily [and weekly] newspapers across the U.S., as part of a broader effort to spread disinformation about the 2020 presidential election," Dustin Volz reports for The Wall Street Journal. "On Thursday, the Justice Department said the alleged hackers broke in to the digital systems of an unnamed media company in fall 2020 and tested how to create false news content. People familiar with the matter on Friday identified the company as Lee."

Lee, based in Davenport, Iowa, is one of the nation's larger newspaper chains, especially since acquiring BH Media Group's 31 papers in early 2020. It has more than 350 non-daily papers.

"The Federal Bureau of Investigation warned the unnamed company about the intrusion, prosecutors said. The day after the November presidential election, the hackers tried to get back into the media company’s system but failed, prosecutors said. The federal charging document in the case doesn’t indicate the hackers successfully published fake information under the unnamed media company’s news brands," Volz reports. Last year, U.S. intelligence found "that the leaders of Russia and Iran ordered their governments to attempt to influence U.S. voters’ choices in the 2020 presidential election and undermine the public’s faith in American democracy."

News media can used to spread disinformation without hacking. That happened last November while votes were still being counted: "A coordinated network of Twitter accounts posed as the Associated Press and CNN to prematurely declare election victories for Democrat Joe Biden," Volz reports. "Those tweets, which Twitter removed quickly, were nonetheless retweeted dozens of times and amplified by at least a handful of journalists and other verified Twitter users." 

The incident is a good reminder to be vigilant and cross-check even tweets that seem legitimate. State election officials, increasingly concerned about disinformation campaigns, have called on the public to only trust official vote tabulations instead of news media reports or projections, Volz reports.

UPDATE, Nov. 23: Lee is a takeover target of Alden Global Capital, The New York Times reports.

Pandemic highlights weaknesses in meat supply chains

Percentage of meatpacking and processing sectors controlled by top four companies in the U.S.
(Politico chart using Family Farm Action Alliance data)

"Covid-19 was a shock up and down America’s supply chain for meat, from farmers and ranchers who couldn’t find buyers for their livestock and lost revenue and animals, to grocery shoppers who encountered steep meat prices, item limits and empty shelves. But it wasn’t the first or only such shock. Just a handful of giant companies process the vast majority of America’s beef, pork and poultry," Ryan McCrimmon reports for Politico. "Take the beef sector: Four companies process about 85 percent of all the cattle fed and slaughtered for boxed beef, namely muscle cuts like ribs and steaks. That means that when one or more large meatpacking site is forced to shut down, it has ripple effects across the entire country, interrupting supplies and often raising prices. Just in the last three years, the meat supply chain has also been disrupted by a fire at a major Tyson Foods plant in Kansas and a ransomware attack that shut down JBS plants that process a fifth of the U.S. beef supply."

Read more here.

Iowa co-op shows how hackers can hit food and agriculture; ag economists say farm groups need to help farmers with it

"Russian hackers leveled a ransomware attack on an Iowa farming co-op and demanded $5.9 million to unlock the computer networks used to keep food-supply chains and feeding schedules on track for millions of chickens, hogs and cattle," Jacob Bogage and Laura Reiley report for The Washington Post. "Fort Dodge-based New Cooperative, a member-owned alliance of farmers that sells corn and soy products, contained the breach and developed a workaround to continue accepting grain shipments and distributing feed."

The hackers said they would publish proprietary data, including the source code for its soil-mapping tech and research and development documents, if the cryptocurrency ransom is not paid by Sept. 25, Bogage and Reiley report. The hackers identify themselves as BlackMatter, but cybersecurity experts say the group appears to be mostly the same people as DarkSide, the Russian group that disbanded after infiltrating the Colonial Pipeline in May, disrupting fuel service to much of the East Coast for nearly a week.

The hack lends weight to the Federal Bureau of Investigation's Sept. 3 warning that food and agriculture interests are increasingly attractive targets for hackers. "Huge amounts of money move with the transfer of agricultural commodities — many, many millions of dollars are transferred back and forth," Iowa State University agricultural economist Bobby J. Martens told the Post. "The bad guys are going to see those transfers. There’s a tremendous amount of money that exchanges hands."

The Department of Homeland Security has identified the food-and-agriculture sector as critical infrastructure that qualifies for additional protective resources, but hasn't given specific attention to cybersecurity, so food and processing companies have to beef up cybersecurity on their own dime, and could pass on the costs to consumers, Bogage and Reiley report.

The FBI warning recommends ways companies can protect their computer systems but has little advice for how farmers can protect themselves. University of Tennessee agricultural economists Harwood D. Schaffer and Daryll E. Ray urge farmers to "develop contingency plans in case they have to hold their grain or animals for a week or two while the purchasing company gets their systems back up and running." They also recommend that, "General farm organizations and commodity groups need to come together and develop a strategy to deal with the secondary impacts (farm level) of ransomware attacks on agricultural processors, suppliers, and equipment manufacturers. To do less is to leave farmers like sitting ducks on a crisp fall morning."

What's in the bipartisan infrastructure bill? How's it funded?

What's in the bipartisan infrastructure bill pending in the Senate? The Wall Street Journal reports:

"According to the White House, the bill will include $110 billion in funding for roads, bridges and major projects, as well as $39 billion to modernize and make public transit more accessible to the disabled and elderly. The deal also includes a $66 billion investment in rail maintenance, modernization and expansion. The legislation will provide $11 billion in funding for highway and pedestrian safety programs. A total of $7.5 billion will go to implementing a network of electric vehicle chargers, and another $7.5 billion will be used for zero-emission or low-emission buses and ferries. Ports and airports will be boosted with $42 billion in new spending."

The next paragraph of the WSJ story has more rural resonance: "$50 billion to bolster the country’s infrastructure generally against climate change and cyberattacks," which threaten rural water systems. "$55 billion will go toward clean drinking water and $65 billion will go toward broadband infrastructure and development. The deal invests $21 billion in removing pollution from soil and groundwater, job creation in energy communities and a focus on economic and environmental justice. The legislation will include $73 billion to update and expand the power grid," which will have much rural construction.

And how will it be paid for? "a variety of revenue streams, including more than $200 billion in repurposed funds originally intended for coronavirus relief but left unused; about $50 billion will come from delaying a Trump-era rule on Medicare rebates; and $50 billion from certain states returning unused unemployment insurance supplemental funds. The negotiators also expect about $30 billion will be generated from applying information-reporting requirements for cryptocurrency; nearly $60 billion will come from economic growth spurred by the spending; and $87 billion from past and future sales of wireless spectrum space. A series of smaller pay-fors are expected to make up the difference."

And what's next? "House Majority Leader Steny Hoyer of Maryland said Tuesday that House Democrats may want to tweak the bill to include more climate provisions. But he has also acknowledged such a move could put the bill’s chances in jeopardy in the Senate. If the House changes the bill and passes its own version, the Senate will need to vote on the House version. If they cannot pass the House version, the chambers could also go to a conference committee where they would try to bridge the gap."

Rural water systems at risk of cyberattacks, advocates say

State and local infrastructure advocates told a Senate panel that rural water utilities may be vulnerable to cyberattacks because they're understaffed and employees need more training on federal cybersecurity regulations. Cyberattacks are a rising threat for utilities and the nation's food supply chain.

During a July 21 Environment and Public Works Committee hearing, advocates urged senators to better fund technical training and assistance programs like the Rural Water Circuit Rider Program. "The initiative was launched in 1980 with the goal of providing hands-on federal training and technical assistance to water utility managers and other specialists on a range of issues, including compliance with federal regulations and all other aspects of water utility management," Chris Riotta reports for government information technology publication GCN. Sophia Oberton of the Delmar Public Works Department in Maryland testified that the program is underutilized among rural communities, but could provide critical training and assistance.

"Other witnesses also stressed the need for further training and funding to meet the cybersecurity goals featured in President Joe Biden's cybersecurity executive order released in May, which outlined aggressive deadlines for all agencies and stakeholders to begin improving their cyber posture," Riotta reports. "A majority of water utilities, however, have not even fully assessed their own IT assets, according to a June survey from the Water Information Sharing and Analysis Center that included responses from more than 530 organizations. Dozens of firms responded that they were 'not sure' if they had experienced a cyber incident."

Some water utilities, private contractors and federal agencies have successfully responded to cyberattacks after implementing the National Institute of Standards and Technology's cybersecurity framework, according to Shailen Bhatt, president and CEO of the Intelligent Transportation Society of America. He recommended during the hearing that all stakeholders adopt the framework, which he says helps identify systemic threats, protect against vulnerabilities, detect and respond to attacks, and recover, Riotta reports.