Arlington, VA

(Updated at 5:20 p.m.) Arlington County has revealed a cyber attack that penetrated the county’s payroll system.

In a statement, the county says a number of employees were impacted by the intrusion, but did not specify the exact number or impacts. The intrusion appears to be the result of a “phishing” email targeting county employees and not a hack, the press release suggests.

Police are investigating.

Arlington’s cybersecurity division previously told ARLnow that it was staffing up and training county employees in light of the growing number of cyber attacks. The county budgeted $60,000 for the department to teach county employees how to avoid phishing emails, among other security best practices.

The full press release is below.

Arlington County Government recently discovered the existence of an intrusion into the Arlington County payroll system. This intrusion was limited in both the time of the compromise and the number of the employees who were impacted. No resident data was compromised during the intrusion.

All of the impacted employees have been identified, advised of the situation and steps are being taken to ensure the security of their personal data. Based on a joint review by the Arlington County Department of Technology Services and the Arlington County Police Department, the consensus belief is that the intrusion was likely the result of individual employees being targeted through a phishing email.

Since discovery of the intrusion, Arlington County has implemented enhanced cyber security features to safeguard email and other critical computing systems. As part of our education and crime prevention efforts, Arlington County is sharing cyber safety tips and reminding employees and the public not to open any emails from individuals they are unfamiliar with and to not click on links contained with any emails without first verifying their content.

The intrusion is currently being investigated by the Arlington County Police Department. Any information related to this ongoing investigation can be provided to Detective John Bamford of the Department’s Homeland Security Section at [email protected] Information may also be provided anonymously through the Arlington County Crime Solvers hotline at 866.411.TIPS (8477).

0 Comments

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Fueled by a recent investment, Courthouse-based startup DivvyCloud unveiled a new suite of features to help identify potential cybersecurity weak spots at a glance

The most high profile of the new features is a new “heat map” scorecard to help companies visualize where their cybersecurity defenses are strongest and where they are most vulnerable.

According to a blog post:

This new feature delivers a visual representation of risk aligned with regulatory standards, industry standards, or your own corporate standards; through an interactive heat map.

With fast paced changes in infrastructure, and the need to have flexibility for deployments into cloud platforms, it has become increasingly challenging to remaining compliant to industry standards. DivvyCloud’s Compliance Scorecard helps you audit compliance and identify risks in your cloud environment in a simple, transparent way.

The accounts are listed on the y-axis, while insights — specific behaviors, conditions or characteristics of cybersecurity — are listed along the x-axis. Accounts with less than 85 percent compliance to security standards are listed in red.

In the sample scorecard above, “Bob” has stale Application Program Interface credentials — coding that allows communication between two applications — meaning Bob has access to a program but his credentials to do so may be out of date.

The feature is designed to assist teams, like auditors or security management, in identifying areas where there are potential gaps in cybersecurity coverage. The scorecard can also recommend guidance for potential problems and direct the viewer to the relevant resources.

Other improvements include a new threat detection system that utilizes machine learning and anomaly detection technologies. DivvyCloud listed cryptocurrency mining, credential compromise behavior, and calls from known malicious IPs as potential threats the technology helps to identify.

DivvyCloud recently announced that it had achieved $19 million in funding in a recent growth round, bringing the total capital raised to $29 million.

0 Comments

Sponsored by Monday Properties and written by ARLnow.comStartup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Updated 3:35 p.m. — Ballston-based ThreatConnect — a cybersecurity company helping other companies fend off hackers — is planning to ramp up its operations thanks to an investment from Providence Strategic Growth (PSG).

ThreatConnect specializes in cybersecurity “intelligence,” where the information on incoming threats is collected across member organizations and spread across the network, so information gained from an attack on one company can be used to defend the others.

The company started in Shirlington but has since moved to its current headquarters in Ballston. But while ThreatConnect’s location may have changed, CEO and Co-Founder Adam Vincent said its core strategy has not.

“We have had the same vision since we released the first version of the ThreatConnect Platform in 2013,” Vincent said in an email. “We were a step ahead of the market then, and I feel we are still in front of the market today. Our vision is, and was, to improve decision-making in cyber — giving the business the ability to make smarter, faster decisions and act on them quickly — all without adding additional personnel.”

Even though the mission hasn’t changed, the client base has expanded.

“While in the beginning, we were an obvious choice for large enterprises, we see more mid-size companies choosing ThreatConnect,” Vincent said. “We are seeing more verticals — for example, healthcare, utilities — in addition to all the financial and retail companies we have served for years. Given the current security climate, all organizations are realizing that a security program is not a ‘nice to have’ but a ‘need to have’ in order to grow their own business.”

The exact amount of the investment isn’t being disclosed — a common trend among recent investments — but Vincent said PSG is fully committed to the company’s strategic growth.

“We chose them as a strategic partner, not just another investor, because we know their support will be ongoing,” Vincent said. “PSG appreciates our value proposition — to change how businesses manage their security — which was a driver for them investing.”

After the investment, Vincent said ThreatConnect will begin accelerating its current strategy. In a blog post, the company said it will be making new investments in data sources to provide more information for operational and tactical decision making.

But as ThreatConnect grows, it has no plans to leave Arlington.

“We think Arlington is a great place to work, whether in cybersecurity or another vertical,” Vincent said. “It is close and very accessible to D.C., but not too close. And, though our business is worldwide, we choose to have our headquarters in Arlington. It’s our home. It seems like a great central location for most of the staff that comes into the office. The immediate area around the office has grown and changed a great deal in just the short time we have been here — and everyone appreciates the new food/drink options that have recently opened or are about to open.”

0 Comments

Sponsored by Monday Properties and written by ARLnow.comStartup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Three young, tech-focused startups in Arlington were among 41 projects across the state awarded $2.51 million in funding.

The Commonwealth Research Commercialization Fund (CRCF) awards, announced by Gov. Ralph Northam on June 6, included grant funding for Fend Incorporated — a Startup Monday frequent guest — NOVI LLC and SeeHear LLC.

The CRCF is run through the Center for Innovative Technology (CIT), a non-profit corporation funded in part through the state to promote technological development in Virginia.

Fend Incorporated adds a system with a physical beam-link used to transfer data in otherwise digital systems, making them less prone to hacking. The company was awarded $50,000.

NOVI LLC develops autonomous, intelligent satellites and was awarded $48,700.

SeeHear LLC is a corporation that commercializes earlier government research into web-based speech programs for adults with hearing loss. The company was awarded $50,000.

According to a spokesperson for CIT, proposals undergo a multi-stage review process, including assessments by subject matter experts and evaluation by the CIT Board of Directors.

“Virginia is recognized as one of the most innovative states in the nation, and we know that identifying and supporting Virginia innovators at critical early stages through state-funded programs like CRCF is key to maintaining and expanding our leadership role,” Northam said in a press release. “The Commonwealth will continue to deliver programs that facilitate bringing pioneering technologies and ideas to market and create a culture where entrepreneurs will thrive.”

0 Comments

Morning Notes

Favola’s Consulting Questioned by Challenger — “Is two-term Sen. Barbara Favola (D-31) a rising star, poised to become chairwoman of a Senate committee if Democrats seize control of the Senate? Or is she an opportunist capitalizing on insider influence for personal gain? That’s a question for voters this June in a primary that pits Favola against challenger Nicole Merlene.” [Arlington Connection]

Video: CCTV Sewer Inspections — Arlington County uses cameras inserted into manholes to inspect its sanitary and storm sewers for cracks and other problems. [YouTube]

Another Arlington Cybersecurity Firm Acquired — “Arlington-based endpoint cybersecurity firm Endgame is being acquired by Netherlands-based search and data management firm Elastic N.V. for $234 million in stock and debt repayment, according to an announcement by the two companies.” [Washington Business Journal]

New Cybersecurity Firm Unveiled — “[Arlington-based] Kfivefour today emerged from stealth and announced the immediate availability of its full spectrum Red Team assessments, training and penetration testing services. Kfivefour is a private sector focused cybersecurity affiliate of Millennium Corporation, a defense contractor and cybersecurity company.” [PR Newswire]

Local Startup Founder Arrested — “[Former Arlington resident] Andrew Powers, the founder and CEO of communications technology firm CommuniClique Inc. — sometimes known as Clique API — has been arrested by the FBI, which has charged him with a felony for what it described as part of ‘a multimillion-dollar fraud scheme.'” [Washington Business Journal]

0 Comments

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Tinkering with the virtual structure of a company can be hazardous, so instead, Ballston-based startup HyperQube will make a digital clone of a company and then subject it to every horrible cyberattack known to man.

It’s the Portrait of Dorian Gray for the digital age.

“Being able to rapidly clone entire infrastructure, including the networking, allows enterprises to test in ways that used to be too expensive,” Craig Stevenson, founder and CEO, told ARLnow. “Before HyperQube, probing an enterprise’s defenses was costly and dangerous, since you are probing real systems which can’t be taken offline. Now, you could spin up hundreds of exact copies of an enterprise’s defenses and probe them both risk-free and simultaneously, saving massive amounts of effort and eliminating the risk of taking a production system offline.”

HyperQube describes the virtual environment as “alternate realities” that allow users to test, play and break to their hearts’ desire.

The ability to clone digital structures isn’t new, but Stevenson said HyperQube allows the clones to be built and modified quickly.

Various products focus on different scales and targets, like Hyperskill — which uses the cloning method to allow instructors and students to tinker with real systems without potential consequences.

The startup launched in January 2018 after participating in the local cybersecurity accelerator Mach37.

HyperQube ran an event last year where they invited hackers to come participate in a digital competition where, once a platform was shut down, the hackers wrote out detailed explanations of their exploits and offered suggestions on how to fix them.

The company recently signed partnerships with the National Guard, Department of Homeland Security, Cisco and other groups. Stevenson said more partnerships were on their way soon, but couldn’t announce any further details. HyperQube also raised $500,000 in seed funding, which is going toward sales, development and new hires.

Stevenson said Arlington has been a great place to run a cyber startup.

“For us, being within 40 minutes of a customer in D.C. or our data center in Ashburn, makes Arlington ideal,” said Stevenson.

Photo via HyperQube

0 Comments

Arlington’s cybersecurity division is staffing up and training county employees in preparation for a growing wave of cyber attacks.

The Security, Privacy, Records and Regulatory Affairs division of the county’s Department of Technology Services reportedly blocked 90,000 virus and malware attacks last year, according to next year’s budget proposal.

The department said the number of attacks is expected to rise to 150,000 this year and continue to 200,000 by next year.

“The increase in viruses and malware blocked is due to increased detection efforts by additional security platforms… and an overall increase in security attacks,” the document read.

“We’re in a risk-reduction activity,” Richard Archambault, who helms the division, told ARLnow in a phone interview this week, “We’re not in a risk-elimination activity. We can’t prevent these things from happening. Someday everybody gets hacked.”

The department has asked for $60,000 to train all county employees in security best practices, especially how to avoid clicking on phishing emails which can introduce malware.

“The reason this cadence [of training] is so important is that these emails get more and more sophisticated every month,” Archambault said during a March presentation at the Metropolitan Washington Council of Governments.

“If we’re not constantly bringing people up to speed on where the threat actors are, we’re behind,” he added.

Archambault also added a new senior engineering role that junior staff can rise to: a bid to help with retention in an area hungry for cybersecurity professionals.

“One great part about working with a governmental entity is access to professional development across the region,” he said of Arlington’s location. “In most private sector companies, outsiders are competitors or customers. In government, there is a tremendous amount of cooperation and shared learning. This is fertile ground for growth as a cybersecurity practitioner.”

Local governments nationwide are also sharing lessons learned from a type of malware called “ransomware” that can hold data hostage until a “ransom” is paid, usually in bitcoin.

Ransomware attacks locked down Atlanta’s public computers, online bill payments, and airport wifi last year last year, and other hackers gained access to Dallas’ tornado sirens. All told, out of 2,216 security breaches found by a 2018 Verizon report, 304 affected public entities.

“Some of the basic things that they should have been doing to be prepared to recover were not done,” Archambault said of Atlanta. “In the most recent instance their backups were accessible to the hackers — so the hackers ransomed their primary data and their backups.”

Archambault said he was unable to share details about Arlington’s preparations for security reasons, and also said he was unable to comment on whether the county had ever been ransomed.

He did say the county purchases cybersecurity insurance.

After the attacks in Atlanta, Arlington’s then-chief information security officer David Jordan said “it’s going to be even more important that local governments look for the no-cost/low-cost, but start considering cybersecurity on the same level as public safety.”

“A smart local government will have fire, police and cybersecurity at the same level,” Jordan added.

Archambault told ARLnow that one of his “key priorities” since joining the office five months ago has been to create “an umbrella Privacy Policy for the County,” to “harmonize” the county’s many department’s policies with one another.

County spokeswoman Shannon Whalen McDaniel said Arlington is planning awareness events in October, which is National Cyber Security Awareness Month.

In the meantime, the division offered a few security tips for residents wanting to keep their own data safe from hackers:

  • “Ensure your devices are setup to automatically install software updates and security patches. You may have bad memories of patches that were recalled or rolled back by various vendors. Those mistakes are far less frequent and the additional benefits of frequent patching now outweigh the drawbacks of the occasional bad patch.”
  • “Don’t place your Wi-Fi router somewhere it can be seen easily from a window. Anyone peeking in might see your network name and password and then – they’re in. Change your Wi-Fi network password from time to time, but keep using strong passwords!”
  • “Use a password locker application. We often tell people not to use the same username and password across different websites, but we don’t always do a good job telling people how to keep all the resulting username and password data organized (pro tip: not on paper and not on your desk!) There are great password locker applications that will automatically memorize your passwords and even autofill password forms on web pages.”

Photo via Flickr user Blogtrepreneur

0 Comments

Amazon.com is famous for what cybersecurity expert Frederic Lemieux calls its “known resilience” to cyberattack.

But there have been breeches recently, and we can expect the tech giant to become an even more inviting target in the future. “As Amazon is growing, it will have more of these risks,” says Lemieux, Ph.D., faculty director of Georgetown University’s master’s programs in Applied Intelligence and Cybersecurity Risk Management.

Here, in conversation with Assistant Dean Joshua Meredith, Lemieux also predicts that when Amazon builds a new headquarters in Crystal City, Va., it will suck up much of the region’s cybersecurity talent. And that will make it harder for the federal government and smaller business to compete for skilled workers.

0 Comments

It might seem odd that the consulting firm Accenture would open a second Arlington office in Rosslyn, just a 10-minute drive from its current location in Ballston and a brief Metro ride away from its office in D.C.

But company executives believe Arlington’s pool of talented tech workers is so deep that such a move makes perfect sense — and state leaders are hoping tech giants from Apple to Amazon are similarly swayed by the strength of the county’s workforce.

Gov. Ralph Northam (D) and Rep. Don Beyer (D-Va.) helped Accenture christen its new “cyber fusion center” inside the new CEB Tower at Central Place (1201 Wilson Blvd) today (Wednesday), hailing the company for its plans to create 1,000 high-paying tech jobs in the D.C. region by 2020.

Marty Rodgers, Accenture’s metro D.C. office managing director, says the firm ultimately plans to have 4,500 employees at its Arlington locations alone, and they’ll have plenty of company. As of last year, the Bureau of Labor Statistics estimates that more than 17,000 people in Arlington work in IT-focused jobs, and Rodgers adds that 185 cybersecurity startups in the area won outside funding in 2017.

Observers have speculated that those numbers are part of why Jeff Bezos and Tim Cook are eyeing Arlington so closely for expansion. Northam hopes they’re right.

“I’ve always been a big believer that if we bring talent to the area, talent will attract other talent,” Northam told reporters Wednesday. “We’ve made that pitch and we’re excited about that opportunity, and we’ve had those discussions with Amazon. But whether it’s Amazon or Apple or any other company, in order for them to grow or come here, we’ve got to be able to train our workforce.”

Northam credits his predecessor, ex-Gov. Terry McAuliffe, for putting a focus on tech training programs at both the higher education level and in K-12 schools. But it also helps that many of those workers have gained experience in the area’s bevy of federal government tech jobs, making them even more attractive to companies like Accenture that do plenty of business in D.C.

“This is where all the talent is,” Rodgers said. “You need people who have that combination of experiences, with for-profits, with nonprofits, with government.”

Rodgers noted that those sorts of employees will be particularly important at the company’s new Rosslyn center. It’s designed as not only a cybersecurity research hub, but also as a meeting space for Accenture to help its clients, from governments to massive corporations, investigate cyberattacks in real time.

Accenture executives demonstrated for the gathered elected officials and journalists how the company might educate an oil and gas company about how to prevent a phishing attack on a refinery. After hackers tried, and failed, to blow up a Saudi Arabian refinery by breaking in to a company’s networks via a fraudulent email, company officials warned that such a scenario isn’t terribly far-fetched.

Rodgers believes the center will even be innovative enough to help the D.C. region become the top global destination for cybersecurity companies.

“This region is fundamental to cybersecurity for the country and the world,” Rodgers said. “This is a mantle we hope this cybersecurity fusion center can claim here, as compared to Silicon Valley.”

0 Comments

Arlington voters can rest easy that Tuesday’s primary contest will be safe from cyberattacks, as local and federal election officials alike tout the county’s sound methods for counting ballots.

County election administrators welcomed a contingent from the U.S. Department of Homeland Security today (June 12), who swung by to study how Arlington is managing its voting technology as the threat of foreign meddling continues to loom large ahead of the fall’s midterms.

County Registrar Linda Lindberg touted her office’s “practical and low-key approach” during the visit, noting that the county uses paper ballots for all its elections. Though it may seem like an antiquated approach in the age of smartphones, election security experts have increasingly urged localities to abandon electronic voting machines in favor of having a paper record of all ballots cast, should intruders find a way to breach their systems and attempt to alter vote totals.

“Arlington takes a very pragmatic and a keep-it-simple approach,” Chris Krebs, a senior DHS official focusing on cybersecurity, told reporters. “We need to continue that trend toward a voter-verifiable paper trail… That’s the progress that we’re seeing nationwide.”

Krebs says he’s spent the last few months making similar trips and sitting down with state and local officials to make sure they understand the cybersecurity risks associated with voting technology. He added that federal officials are hoping to offer any help they can to localities struggling with securing their systems, though he noted that Arlington doesn’t need much in the way of resources.

Lindberg says her office has all manner of “checks and balances” throughout the process of testing vote-counting machines to insure that nothing was amiss before voters started showing up at the polls. She also noted that she’s set up a robust screening system for “spear phishing” attacks, after would-be hackers targeted elections officials in other states to try and trick them into clicking on fraudulent emails, giving them access to election systems.

“Arlington County actually has very strong, stringent controls in terms of the phishing attacks we’ve seen, mostly through emails,” Lindberg said. “We have good training, good screening of spam emails. In fact, important emails sometimes end up in my spam folder so you have to go back and look at that sort of thing.”

By and large, however, Krebs says DHS hasn’t seen the same sort of attacks on election officials that they did ahead of the 2016 election. But with intelligence leaders continuing to warn that Russian operatives could very well try to interfere with the midterms as a preamble to the presidential race in 2020, Krebs also doesn’t want to see local officials let their guard down.

“Even though we haven’t seen any activity the way we did in 2016 with direct threats to election infrastructure, we don’t need that direct threat,” Krebs said. “We take this issue very seriously.”

0 Comments

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Several Arlington startups, including Clarendon-based Adlumin, attended the SXSW conference on technology, music culture and film more than a week ago in Austin, Texas.

Adlumin, a cybersecurity company that uses machine learning to track client behavior and sends alerts for suspicious activity, participated in an AED-organized panel called “War Games: From Battlefield to Ballot Box.” The discussion touched on innovations and changes in the industry.

The discussion touched on innovations and changes in the industry, including trends in how cyber attacks are being perpetrated that panelists have encountered. Adlumin’s CEO Robert Johnston was on the panel for his experience dealing with the cyber attacks in 2016 on the Democratic National Committee.

“[Rob’s] seen it go from really a complete use of malware to get into a network to now it’s really on more stealing credentials,” said Timothy Evans, co-founder and VP of business development of Adlumin. “It’s more along the lines of what nation states are doing to hack into networks. Your regular criminal hacker is acting much more like a nation state,”

 “That is a real question — I think the U.S. citizens, we’re really concerned about what we’re doing to stop interference next year or this year in 2018,” he said, adding that there were at least six questions regarding efforts to prevent Russia from meddling in the 2018 midterms.

Andrea Limbago, chief social scientist at Endgame, a different cybersecurity company for enterprises also based in Clarendon, held a talk called “Bots, Trolls, Warriors & The Path Ahead” at SXSW. She discussed the intersection of policy and innovation needed to fight the bots and trolls.

Limbago said that the audience at her talk was engaging, which is something that she doesn’t always experience at tech conferences.

“It’s great having a growing tech community in Arlington, and then representing that out here [in Austin],” Limbago said.

Several other Arlington businesses were at SXSW, including Axios, Trustify, and Fortalice, said Cara O’Donnell, Arlington Economic Development’s public relations director.

Photo courtesy of Endgame

0 Comments
×

Subscribe to our mailing list