US Defense Industry Targeted with New USB-Based Ransomware Attacks

/0 Comments/in , /by

The FBI recently released a notice about cybercriminal group FIN7, according to a Bleeping Computer article, warning defense contractors to be wary of USB drives being sent through the mail. According to the notice, FIN7 is impersonating Amazon and the Department of Health & Human Services (depending on the target victim) in an effort to get them to plug in the USB drive.

The USB drives are “Bauds” or “Bad Beetle USB” devices with the Lily GO logo, and are commonly available for sale on the Internet. The drives register with the victim computer as a keyboard and include a wealth of hacker tools, including Metasploit, Cobalt Strike, Carbamic malware, the Griffon backdoor, and PowerShell scripts.

The goal of these drives is to infect networks with either BlackMatter or REvil ransomware.

This is a real-world form of targeted attack that uses the same social engineering we commonly see in phishing attacks. Users that undergo continual security awareness training are already aware they should not be plugging in unknown USB drives – especially those sent unsolicited.

These attacks could just as easily be turned into an access for sale attack, given the amount of control hackers have over the compromised endpoint. Be on guard.

Published by: KnowB4 CyberHeist News, 1/25/22

TMA Welcomes its 93rd ECC to its ASAP-to-PSAP Service

/0 Comments/in , /by

On November 9th, TMA welcomed the Kitsap County WA (CENCOM) to its growing ASAP-to-PSAP service. It is the 93rd emergency communications center (ECC) in the United States and the first agency in the state of Washington to implement the Automated Secure Alarm Protocol (ASAP). Kitsap County went live with Vector Security, Rapid Response, United Central Control, Security Central, Securitas, Tyco (Johnson Controls), AT&T Digital Life, Affiliated Monitoring, Vivint, Brinks Home Security, National Monitoring Center, Guardian Protection, Protection One, and ADT. Washington Alarm and Stanley Security are expected to go-live with Kitsap by the end of November.

The state of Washington became the 19th state in the United States to participate in the ASAP program.

Fall issue of the TMA Dispatch now available!

/0 Comments/in , /by

The fall issue of the TMA Dispatch takes a closer look at the power of collaboration, provides a glimpse into the future of video monitoring, and introduces some new business opportunities in the multi-unit dwelling sector. Find out how to protect your IP, and more.

View at https://issuu.com/csaainternational/docs/21falldispatchfinal

 

Accolades for Outgoing TMA President Don Young

/0 Comments/in /by

TMA President Don Young will complete his term on October 14, 2021 at the closing of the 2021 Virtual Annual Meeting. TMA members were asked to share their gratitude to Don. The following are comments that have been received. You may also view ads placed by members in the fall issue of the TMA Dispatch. […]

Read more

TMA Welcomes 91st and 92nd ECC to its ASAP-to-PSAP Service

/0 Comments/in , , /by

TMA is pleased to welcome two new Emergency Communications Centers (ECC) to its ASAP-to-PSAP service. With the addition of these, the service is being used by 92 centers across the United States.

To view a full listing of active or testing ECCs, active Alarm companies or monitoring centers, or to learn more about TMA’s ASAP-to-PSAP services, please visit our website.

TMA ASAP-to-PSAP Service Contact: Bryan Ginn, bginn@tma.us

 Beaumont, TX

The Beaumont TX Police Department 9-1-1 Operations Center became the 91st ECC in the United States and the 11th ECC in the state of Texas to implement the Automated Secure Alarm Protocol (ASAP). Beaumont went live on Tuesday, August 10th with Rapid Response Monitoring, Vector Security, Securitas, Security Central, Stanley Security, Guardian Protection, Affiliated Monitoring, AT&T Digital Life, Tyco (Johnson Controls), National Monitoring Center, Protection One, Brinks Home Security, Alert 360 and Vivint. ADT and United Central Control (UCC) will be brought online soon.

Chesterfield County, VA

The Chesterfield County VA Emergency Communications Center is the 92nd public safety communications center in the United States and the 18th agency in the state of Virginia to implement the Automated Secure Alarm Protocol (ASAP). Chesterfield County went live on Monday, September 13th with Vector Security, Rapid Response Monitoring, Stanley Security, CPI, AT&T Digital Life, Guardian Protection, Protection One, Securitas, Tyco (Johnson Controls), Affiliated Monitoring, United Central Control, National Monitoring Center, Vivint, Richmond Alarm, Wegmans Security, Brinks Home Security and Security Central. ADT went live with Chesterfield County of on September 29th.

Tommy Tucker, Chesterfield’s Director of Emergency Communications, said they are excited to bring this advancement in service to the community. “Increasing our ability to assist in saving lives and protecting property by decreasing the amount of time it takes to respond to and subsequently dispatch in-progress alarm calls,” Tucker said.

The Monitoring Association Launches Newly-designed Learning Management System

/0 Comments/in /by

The Monitoring Association’s (TMA) is pleased to announce the launch of its newly-designed learning management system, known as the TMA Learning Center or TLC. TMATraining.org features a dynamic, expanded training catalog and includes a topic-based index with full shopping cart capability and training management options through our popular training manager portal. The Continuing Education menu allows students to find courses recognized for CEUs by various state licensing boards.

TMA Vice President for Education and Training Julie N. Webber stated, “We are excited to introduce our members and other monitoring center professionals to this easy to navigate updated resource for industry-specific education and training. The timing of TLC is important with the launch of our recent operator recertification requirement. Those engaged with any area of professional monitoring should tour the site to learn more about the full portfolio of online training TMA has to offer. Our focus as a trade association is to provide high-quality training for monitoring professionals.”

TMA partnered with The CMOOR Group (CMOOR), owners and operators of SecurityCEU.com, to upgrade and redesign the education portal.

TMA Executive Director Honored for Association Leadership and Professional Contributions

/0 Comments/in , /by

The American Society Association Executives (ASAE) recently announced that TMA Executive Director Celia Besore was selected to join with nine other Association executives ASAE’s 2021 Class of Fellows.

The Fellows program bestows an honorary recognition upon exceptional association leaders making noteworthy and sustained contributions of leadership to their organizations, ASAE and the association management profession.

Celia joins 273 association industry professionals who have received this designation since the program’s inception in 1986.

ASAE is a membership organization of more than 48,000 association executives and industry partners representing 7,400 organizations.

Please join in congratulating Celia on this momentous honor.

New Standards Subcommittee Will Address NFPA 730 and 731

/0 Comments/in , , /by

NFPA 730 – Guide for Premises Security and NFPA 731 – Standard for the Installation of Electronic Premises Security Systems are two documents of interest to TMA and its membership.

 

TMA has created a sub-committee within the Standards Committee to monitor and influence these documents. Rick Sheets, who has been involved with these NFPA documents since 2005 and is a current sitting member of the Technical Committees, will lead this effort as the Chairman of the TMA NFPA 730/731 Subcommittee.

 

If you would like to take part in assisting TMA by volunteering to be on the TMA NFPA 730/731 Subcommittee, please contact Bryan Ginn at bginn@tma.us. If you have any questions about NFPA 730/731, please contact Rick Sheets at Rs8486@att.com or 940-390-6989.

 

We will schedule a meeting once the TMA committee members are onboard to begin reviewing the current public comments and discuss TMA’s position and any comments TMA should submit on behalf of our membership.

 

Below is the NFPA schedule for the documents:


Next Edition: 2023


Revision Cycle: Fall 2022

 

First Draft

• Public Input Closing Date: January 6, 2021

• First Draft Report Posting Date: October 27, 2021

 

Second Draft

• Public Comment Closing Date: January 5, 2022

• Second Draft Report Posting Date: October 5, 2022

 

Motions Committee Report (NITMAM)

• NITMAM Closing Date: November 2, 2022

• NITMAM Posting Date: December 14, 2022

TMA Joins in Appealing CA Background Check Legislation

/0 Comments/in , , /by

On July 15th, TMA joined a diverse group of over 20 trade associations and businesses in signing on to an amicus letter to the California Supreme Court, requesting that the Court reverse a lower court decision on a background check decision.

If left standing, this decision would render most employment in the state severely delayed, and in many cases, they will no longer be possible at all. The amicus effort was led by the Consumer Data Industry Association (CDIA) and the Professional Background Screening Association (PBSA).

On May 26, 2021, the California Court of Appeals, 4th A.D (starting from Riverside County) called for the removal of significant identifiers (date of birth or driver’s license number) from criminal records.

Why is TMA involved?

You, our members, as well as others in our industry, protect people’s lives and property. Every day, businesses and families in California, as well in other states, trust that the people working in our industry are reputable and trustworthy people. Anything that would hamper our members’ abilities to conduct background checks could cause irreparable harm to our members’ customers. Drivers’ licenses are the most commonly used form of identification. Removing date of birth and driver’s license numbers as data identifying criminal defendants will handicap you and background check companies from being able to have a complete picture of an individual and be able to screen out those who should not be entrusted with people’s lives and property.

There is not likely a certain date by which the Court will decide to accept, or reject, the request. If that changes, TMA will alert you. In the event that the Court decides not to take this case, CDIA and PBSA will coordinate a strategy to seek redress by different means. That work will again require a large coalition of support.

View the full list of signatories on TMA’s website at http://tma.us/tma-joins-in-appealing-harsh-ca-background-check-legislation/

If you have any questions, please contact TMA Executive Director Celia T. Besore at ceo@tma.us or (703) 660-4913.

Amicus signatories included:

  • California Bankers Association
  • California Chamber of Commerce
  • California Credit Union League
  • California Financial Services Association
  • Checkr, Inc.
  • Coalition for Sensible Public Records Access
  • Electronic Security Association
  • Lyft, Inc.
  • Moco Incorporated
  • National Consumer Reporting, Association
  • National Public Records Research Association
  • Public Records Retrieval Network
  • Security Industry Association
  • Southern California Rental Housing Association
  • Sue Weaver CAUSE: Commit to Always Using Screened Employees
  • The Monitoring Association
  • Tribal Gaming
  • Protection Network
  • Uber Technologies, Inc.
  • Vector Security, Inc.
  • Western Burglar Alarm and Fire Alarm Association.

The Monitoring Association Welcomes its 50th FirstNet® Certificant

/0 Comments/in , , , /by

The Monitoring Association (TMA) is pleased to announce the addition its 50th FirstNet certificate, systems integrator Convergint Technologies, LLC. (Renton, WA). FirstNet is the nationwide public-safety wireless broadband network platform, built and deployed through a first‐of‐its‐kind public‐private partnership between the First Responder Network Authority (FirstNet Authority) and AT&T. The FirstNet Authority is an independent authority of the U.S. Department of Commerce. In April 2019, under an agreement with AT&T, TMA began issuing a Certificate of Verification to qualified alarm companies for the use of FirstNet services for alarm transport communications.

For companies to obtain a who meet accepted alarm industry standards that result in the transmission of public safety related alarms from systems designed primarily to protect life and/or property (e.g. robbery, burglary, unlawful intrusion, fire, emergency medical) to a Central Station Monitoring Facility that confirms and verifies the authenticity of the alarm and notifies a Public Safety Answering Point (PSAP) for relay to a public safety agency for the purpose of initiating an emergency response.

Public‐safety related alarms are critical to alerting first responders of emergencies requiring their urgent response.

As we mentioned above, for an alarm services company to apply to use FirstNet services for alarm transport communications as an extended primary user in support of public safety, it must first verify compliance through receipt of a TMA Certificate of Verification.

The alarm services company can then seek approval for eligibility to use FirstNet services by presenting the TMA Certificate of Verification to AT&T along with their contract(s) and/or service order(s), or to another alarm services company who will be providing FirstNet services from AT&T.

The TMA Certificate of Verification must be renewed every 12 months from when the initial TMA Certificate is issued.

For more information, please contact Tara Compher at 703‐660‐4913 or tcompher@tma.us.