TriCorps Surveillance Partners with LenelS2 and Milestone Systems

TriCorps Surveillance is pleased to announce a new strategic partnership with LenelS2, a leading provider in advanced security systems, and Milestone Systems, an international open platform developer of networked video management software (VMS). LenelS2 is a part of Carrier, a leading global provider of innovative heating, ventilating, and air conditioning (HVAC), refrigeration, fire, security, and building automation technologies. Founded in 1998, Milestone is a stand-alone company in the Canon Group.

The joint offering of LenelS2 OnGuard® access control and Milestone XProtect® video management software through the LenelS2 channel lowers the total cost of ownership for end-users and integrators, offering reduced licensing fees and efficient pre-and post-sales support. This integration, which has been successful through the LenelS2 OpenAccess Alliance Program (OAAP) and Milestone Certified Solution, provides customers with tight, efficient interoperability between the OnGuard and Milestone XProtect systems.

“We’re extremely excited to partner with LenelS2 and Milestone Systems to offer our clients a unified video management and access control system from two of the top-rated providers in the global security industry,” said Chad Bradley, TriCorps’ Chief Technology Officer. “The collaboration between LenelS2, Milestone Systems, and the TriCorps Surveillance staff has been a breath of fresh air, and we look forward to what the future holds.”

About LenelS2
LenelS2 is a global leader in advanced physical security solutions, including access control, video surveillance, event monitoring, and digital signage. Our technology includes web-based and mobile applications enhanced by cloud-based services. Incorporating open architecture, LenelS2 provides scalable, unified security management to customers ranging from global enterprises to small- and mid-sized businesses. Easy to install and use, LenelS2 products are supported by an experienced, responsive support team dedicated to providing exceptional service. LenelS2 serves markets worldwide, including corporate, education, healthcare, and government. For more information, visit www.LenelS2.com or follow @LenelS2Systems on Twitter.

About Milestone Systems
Milestone Systems is a leading provider of open platform video management software, technology that helps the world see how to ensure safety, protect assets and increase business efficiency. Milestone enables an open platform community that drives collaboration and innovation in the development and use of network video technology, with reliable and scalable solutions that are proven in more than 150,000 sites worldwide. For more information, visit www.milestonesys.com.

Fatigue is defined as extreme tiredness that results in mental and/or physical exhaustion and can hinder an employee’s ability to perform work safely and effectively. Fatigue in the workplace not only impacts a workers’ mental and physical health, but it can also impact the safety of those around them, as well as their capacity to function. Its side‐effects include decreased performance and productivity and an increase in the potential for errors in judgement, which may result in injuries. 

Per the Department of Labor, long work hours and irregular work shifts are common in our society. Many American workers spend over 40 hours a week at work, and almost 15 million work full time on evening, night, rotating, or other irregular shifts. Work schedules like these may cause worker fatigue.

Shift workers may be scheduled for days, evenings, nights and/or on a rotating or on-call basis. They may work extended shifts (more than 8 hours long), rotating or irregular shifts, or consecutive shifts resulting in more than the typical 40-hour workweek. Long work hours may increase the risk of injuries and accidents and contribute to poor health and worker fatigue. Studies show that long work hours can increase stress, poor eating habits, lack of physical activity, and illness. It is important to recognize worker fatigue symptoms and its potential impact on each worker’s safety and health and on the safety of co-workers.

Four Ways to Manage Fatigue

  1. Stretch and Move

If you are at a guardhouse and unable to leave, find ways to move your body and keep blood flowing. Move your feet in circles and stomp them on the ground. Drum your hands on your thighs. Roll your shoulders and lift your arms up and down. Walk up and down stairs or around the building on breaks.

2. Exercise Your Mind

During downtime, keep your mind active to stave off sleep. Try actively using all your senses while you work. Focus on what you taste, notice what you can smell, and listen intently to all the sounds in your environment. Using your senses this way helps keep your brain active.

3. Stay Hydrated

Drinking soda and coffee can cause your energy to crash and make you abandon your post for frequent bathroom breaks. Drink water instead to keep yourself hydrated and alert. If you need coffee to stay awake, go ahead and indulge in moderation; just try to avoid caffeine in the last few hours of your shift so you can sleep when you are done. 

4. Create Your Own Accountability

 Set 10-minute alarms on your phone or install an app designed to keep you awake. These apps offer different ways to help you fight sleep, such as making noises at random intervals. If there are other officers on duty nearby, exchange messages every so often to help each other stay alert or ask a friend who is awake while working to send you periodic check-in messages.

Sources: 

7 Ways Security Officers Can Stay Awake on Duty. https://www.deggy.com/7-ways-security-officers-can-stay-awake-on-duty.html

Long Work Hours, Extended or Irregular Shifts, and Worker …. https://www.osha.gov/worker-fatigue

Leaders and IT departments worldwide are still working to recover from arguably one of the most prolific cyberattacks ever. If you use Microsoft Exchange Server, you were undoubtedly impacted by the hack, and if you were, you were not alone. The Wall Street Journal reported that the number of customers affected by the attack could reach upwards of 250,000. 

Breaking Down the Exchange Attack 

In early March, Microsoft disclosed that Chinese state-sponsored hackers, a group known as Hafnium, had gained access to organizations’ email accounts through vulnerabilities in its Exchange Server email software. Microsoft identified four vulnerabilities and issued emergency patches for the vulnerabilities for systems going back to 2010. That means flaws were present in Microsoft code for over a decade. 

Microsoft was first alerted to the vulnerabilities by security company Volexity, who found the attackers had been exploiting the flaws since January. The attack does not impact Microsoft’s cloud-based email and calendar service, only its on-prem offering. 

On March 5th, cybersecurity journalist Brian Krebs reported that at least 30,000 organizations across the United States were breached. This included small businesses, towns, cities, and local governments. IT teams continue to patch the vulnerabilities across the country, but as of March 14th, at least 80,000 vulnerable Exchange servers were still exposed on the internet, according to reports.

How the Attack Works

The attack works like this:

  1. Attackers are able to gain access to an Exchange Server either with stolen passwords or exploiting the vulnerabilities to disguise themselves as someone with legitimate access.
  2. Attackers create a web shell to control the compromised server remotely. A web shell is able to be uploaded to a web server, allowing remote access to the server. 
  3. Attackers use this remote access to steal data from the organization, including email data. 

Oh, But it Get’s Worse….

The flaws in the Exchange server are considered zero-days. However, Microsoft sent a proof-of-concept (PoC) code privately to members of its Active Protections Program. This code was leaked, either purposefully or accidentally, according to The Wall Street Journal, who reported that Microsoft had launched an investigation into the leak. Either way, a PoC made exploiting the vulnerabilities substantially easier and opened up the Exchange vulnerabilities, like floodgates, to a wide swath of the internet’s darker denizens. Other nation-states and cybercriminal gangs joined in on the fun. On top of that, a ransomware strain dubbed DearCry began capitalizing on the Exchange vulnerabilities. 

The breach has forced those who use Microsoft’s on-prem email offering to scramble to migrate their email to the cloud. It also forced leaders to ask, did bad guys get in, and if they did, what did they get their hands on? 

Patching the vulnerabilities was a critical step, but it didn’t necessarily eject criminals from internal networks. In some cases, organizations had to revert to backups and rebuild. This is a reason why it is so important to have backups. These emergency situations can arise, and you have to pull the plug immediately. 

But First There Was SolarWinds

The Microsoft Exchange server attack came on the heels of another extraordinary cyber incident. This one occurred late last year and impacted 425 of the US Fortune 500, including telecommunication companies, accounting firms, and all branches of the US military. It began when cybersecurity company FireEye announced they had been a victim of a cyber breach attributed to Russian state-sponsored actors. Further investigation revealed that it was not FireEye that was the point of attack. Instead, it was SolarWinds, a widely-used IT management firm. Attackers had compromised a SolarWinds software update, so when SolarWinds customers applied the update, their systems became infected. 

The incident was massive enough for Congress to call forth executives from SolarWinds and FireEye as well as Microsoft, who was impacted by the hack, for a good old fashion tongue lashing in front of the cameras. While the executives, essentially, pointed fingers at each other, the rest of us were left to wonder how we can protect ourselves from attacks we can’t even anticipate nor prevent?

What Can We Do? 

When you think of third-party vendor attacks, the classic example is Target, which in 2013 has over 40 million credit cards stolen from its point-of-sale systems. The attackers were able to exploit Target’s HVAC vendor to gain access to Target’s network. This is the example that is often cited when we discuss the need to “watch your six” when it comes to giving vendor access to your networks. This was an HVAC vendor, and Target was roundly criticized for its data segmentation practices. 

An HVAC vendor should not have access to any confidential, sensitive, or customer information. However, a technology vendor is a different story, especially one who helps administer your email (in the case of Microsoft) or oversees your network management (in the case of SolarWinds). These types of vendors need the highest level of access and access to essentially everything. There has to be a level of trust there that, almost to an extreme degree. 

Today, it is impossible to do business…to even function without these vendors. We need them. But this reliance comes at a cost. First, we are subject to the extreme cases listed above. We will likely continue to see more of them (as cybercriminals understand how the exploitation of a technology vendor can reap enormous booty). Leaders are also limited in what they can do to protect themselves when a critical technology vendor gets hijacked. 

But there are some things, as a leader, you can do. 

Keep up to Date: One of the biggest things you can do is make sure you are keeping up with what is occurring when it comes to cybersecurity. You should be making cybersecurity a part of your daily feed, so you understand how these types of attacks occur and what you can do to limit the damage when they do occur. There are plenty of great newsletters and threat reports from industry insiders. One I would recommend is The CyberWire (https://thecyberwire.com/). You can sign up for their free daily newsletter. They also release a free daily podcast that runs around 20 minutes. It is a great way to stay on top of the latest in cybersecurity while upping your cybersecurity IQ. 

This will also help in mitigation. In the case of the Exchange breach, it was an enormous challenge to understand how to respond because the attack was so unprecedented. The Cybersecurity & Infrastructure Security Agency (CISA) sent out an alert with some of the tactics, techniques, and procedures to help organizations examine their internal systems for evidence of maleficence. In critical moments, it is important to understand where to turn. 

Keep an Expert on Speed Dial: In critical moments, it is important to understand where to turn. That is why it is helpful to have someone with expert knowledge to give you advice. Don’t seek that person or person(s) out when the emergency is taking place. Have that relationship already built, so it is there when the worst happens, and you need it most? 

Keep Your Systems Up to Date:  Putting aside the fact that the SolarWinds breach was caused by a malicious update, it is critical to push updates as quickly as possible when they are released. This was especially true of the Exchange server vulnerabilities, as we saw direct exploitation of vulnerabilities and Microsoft taking an unusual step of issuing emergency patches. Unpatched vulnerabilities are like a wide-open door to a bank vault. The criminals have a blueprint to get into your systems until the vulnerability has been patched. Make sure you are keeping your systems up to date.     

Keep Your Backups Current: I discussed earlier the importance of backups. You should keep backups that are regularly updated and unconnected from your network. Then when a cyber incident occurs (such as ransomware), you will be able to quickly recover (and hopefully without having to pay any ransom). 

Keep Your Logs in Order: Logs record events that occur within your network. With logs in place, you can detect unusual behavior, pinpoint anomalies, or forensically understand what occurred after an incident. If an attacker is downloading a large number of files, logs can alert you. If an employee is trying to access something he shouldn’t, logs can help catch him. If there is an unusual login attempt from southeast Asia, you may see it in your logs.

Keep an Event Playbook on Hand: Digital Event Response Playbooks (DERPs) are useful when an emergency digital event occurs. What these playbooks do is ensure the entire organization, every department, and every key stakeholder understands what they are responsible for during an event. This helps everyone to be on the same page or rowing in the same direction. It also can ensure that as little time is wasted as possible during the critical first hours of a digital event. Creating a playbook specifically for a cloud vendor exploitation should be on your to-do list if you haven’t already. Reach out to us because we specifically create this type of playbook for clients. We also suggest holding trainings for the playbook as well as tabletop exercises. In these exercises, key stakeholders are able to walk through a real-world scenario using the playbook. This helps the stakeholders understand their role during a digital event. It also aids the playbook owner in understanding how the playbook could be refined or improved.   

When technology vendors inadvertently open holes in your network, you may feel helpless. It can feel like there is nothing you, as a leader, can do. But there are some things you can do to help your organization manage a difficult situation. A little extra preparation today can help in these extreme situations.