Overview:

• Phish Tale of the Week
• Chinese APT Group Volt Typhoon Exploits Critical Versa Director Vulnerability
• NPD Breach Exposes Nearly 3 Billion: What You Need to Know
• How can Netizen help?

Phish Tale of the Week

Often times phishing campaigns, created by malicious actors, target users by utilizing social engineering. For example, in this SMS, the actors are appearing as an undisclosed company, offering remote jobs. The message tells us that a company is looking for multiple partners to join their team, and offers us the opportunity to contact them further for information on a remote job. It seems both urgent and genuine, so why shouldn’t we visit the link they sent us? Luckily, there’s plenty of reasons that point to this being a scam.

Here’s how we can tell not to click on this link:

1. The first warning sign for this SMS is the context in which it was sent. When I recieved this SMS, I immediately knew not to click on the link due to the fact that I did not recently inquire anywhere about any remote work; Real companies looking to recruit qualified employees would not reach out to numbers in this way. On top of that, it’s very apparent that this message was blasted out to random numbers: the message doesn’t even include my name or attempt to provide any level of familiarity that would convince me to click on their fake WhatsApp link.
2. The second warning signs in this email is the messaging. This message tries to create a sense of opportunity and urgency in order to get you to take action by using language such as “All you need is a computer to start working” and “If you are interested: please contact.” Phishing and smishing scams commonly attempt to create a sense of urgency/confusion in their messages in order to get you to click their link without thinking about it first. Always be sure to thoroughly inspect the style and tone of all texts before following a link or other attachment sent through SMS.
3. The final warning sign for this email is the wording. The grammar is strange and unprofessional, a real job offer or recruiter would not begin their email with “I’m Lauren and we’re currently looking for multiple partners to join our team,” without specifying where they work, or what the job entails. Additionally, the formatting of the word “WhatsApp” is incorrect, with dashes strewn throughout the messaging app’s name. All of these factors point to the above being a smishing text, and a very unsophisticated one at that.

General Recommendations:

A phishing attack will typically direct the user to click on a link where they will then be prompted to update personal information, such as a password, credit card, social security, or bank account information. A legitimate company already has this sensitive information and would not ask for it again, especially via your text messages. 

1. Scrutinize your messages before clicking anything. Have you ordered anything recently? Does this order number match the one I already have? Did the message come from a store you don’t usually order supplies from or a service you don’t use? If so, it’s probably a phishing attempt.
2. Verify that the sender is actually from the company sending the message.
3. Did you receive a message from someone you don’t recognize? Are they asking you to sign into a website to give Personally Identifiable Information (PII) such as credit card numbers, social security number, etc. A legitimate company will never ask for PII via instant message or email.
4. Do not give out personal or company information over the internet.
5. Do not click on unrecognized links or attachments. If you do proceed, verify that the URL is the correct one for the company/service and it has the proper security in place, such as HTTPS.

Many phishing messages pose a sense of urgency or even aggressiveness to prompt a form of intimidation. Any email requesting immediate action should be vetted thoroughly to determine whether or not it is a scam. Also, beware of messages that seek to tempt users into opening an attachment or visiting a link. For example, an attachment titled “Fix your account now” may draw the question “What is wrong with my account?” and prompt you to click a suspicious link.

Cybersecurity Brief

In this month’s Cybersecurity Brief:

Chinese APT Group Volt Typhoon Exploits Critical Versa Director Vulnerability

A serious vulnerability in Versa Director, identified as CVE-2024-39717, has been exploited by the Chinese advanced persistent threat (APT) group Volt Typhoon. This zero-day flaw, uncovered recently, has far-reaching consequences for organizations using Versa Director to manage their SD-WAN environments.

Versa Director is a key tool for managing network configurations in SD-WAN setups. The vulnerability affects its user interface customization feature, particularly the option to change the favicon. This feature, which lets users with high-level roles like Provider-Data-Center-Admin or Provider-Data-Center-System-Admin adjust the platform’s appearance, also permits the upload of files with a .png extension. Unfortunately, this extension can be easily exploited to hide malicious payloads as seemingly benign image files.

The core issue is that the platform does not rigorously validate these file uploads. As a result, authenticated users with administrative privileges can upload files that contain malware or backdoors. Once inside, attackers can leverage this access to infiltrate downstream networks, steal credentials, and carry out further malicious operations.

Given its potential impact, this vulnerability has been rated highly severe. CVE-2024-39717 carries a CVSS v2 base score of 8.3 and a CVSS v3 base score of 7.2, reflecting the substantial risk of data breaches and unauthorized access it poses.

Volt Typhoon, a state-sponsored hacking group from China, has taken advantage of this flaw to breach and compromise networks. Their campaign, which began in early June 2024, has primarily targeted Internet Service Providers (ISPs) and Managed Service Providers (MSPs). The group has used this exploit to deploy custom web shells and extract sensitive credentials, affecting several organizations within the ISP, MSP, and IT sectors.

Organizations using Versa Director should act quickly to address this vulnerability by updating to version 22.1.4 or later. It’s also crucial to review and strengthen security configurations and remain vigilant for any signs of compromise. By applying these updates and practices, organizations can reduce the risk of exploitation and safeguard their networks against ongoing threats.

To read more about this article, click here.

NPD Breach Exposes Nearly 3 Billion: What You Need to Know

In what’s shaping up to be one of the most staggering data breaches in history, nearly three billion people have had their personal information exposed. The breach targeted National Public Data (NPD), a background checking service run under the name Jerico Pictures. The breach became widely known after a class-action lawsuit surfaced in early August, raising serious concerns about the sheer scale of the incident.

The lawsuit claims that this massive breach happened during a cyberattack back in April, compromising the personal data of nearly three billion people. NPD and Jerico Pictures initially kept quiet, not confirming any details of the attack. However, by the end of August, NPD finally broke their silence, admitting on their website that a third party had gained unauthorized access to their data systems as early as December 2023. The data then leaked out between April and over the summer.

Before this breach, Yahoo’s 2013 incident held the record as the largest, affecting all 3 billion of its user accounts. That attack exposed things like names, email addresses, phone numbers, and birthdates, though luckily it didn’t include financial information. The NPD breach, however, is a different story. This time, far more sensitive information was leaked—Social Security numbers, mailing addresses, and other personal details.

NPD, which is based in Coral Springs, Florida, and owned by Jerico Pictures, specializes in gathering background information by scraping data from non-public sources. What makes this breach especially troubling is that many of those affected likely didn’t even realize NPD had their personal data in the first place.

The information that was leaked included names, email addresses, phone numbers, Social Security numbers, and physical addresses—basically everything a criminal would need to cause serious damage.

The breach came to the public’s attention after a lawsuit was filed accusing NPD of negligence and violating their duty to protect the data. The lead plaintiff, Christopher Hofmann, says he first found out about the breach on July 24, 2024, when his identity theft protection service alerted him that his personal information had popped up on the Dark Web as part of the “nationalpublicdata.com” breach.

According to the lawsuit, back on April 8, 2024, a criminal organization called “USDoD” posted a database titled “National Public Data” on a hacker forum named “Breached.” This database supposedly contained the personal details of nearly 2.9 billion people and was being sold for a jaw-dropping $3.5 million.

NPD’s breach notification has urged those affected to keep a close eye on their financial accounts. They’ve recommended obtaining free credit reports from Equifax, Experian, and TransUnion. Additionally, cybersecurity company Pentester has set up a tool at npd.pentester.com that allows individuals to check if their data was part of the breach. By entering your name and birth year, you can see a list of breached accounts and even the last four digits of the exposed Social Security numbers.

While it’s impossible to undo the breach, there are steps you can take to reduce your vulnerability to identity theft. Many people are turning to identity theft protection services, which offer account monitoring and restoration support. Though these services can’t prevent breaches from happening, they can be invaluable in helping you respond quickly if your information is misused.

Netizen recommends these key steps to safeguard your information:

• Sign up for credit monitoring that works around the clock.
• Turn on two-factor authentication for your online accounts.
• Be wary of unsolicited requests for personal information.
• Regularly check your bank statements for suspicious activity.
• Use a PIN when verifying debit card purchases.
• Consider placing a fraud alert on your credit file, which alerts creditors to confirm your identity before approving new accounts.

For further details on this breach, Netizen’s Monday Security Brief from August 12th covers it more extensively.

Another option is to freeze your credit. This step can prevent third parties from accessing your credit report, adding another layer of protection. It does require you to use a PIN for any changes to your credit status, but it can be a valuable tool, especially after a breach of this size.

While we can’t always control how third-party companies manage our personal data, we can take proactive steps to protect ourselves from the consequences of their mishandling.

To read more about this article, click here.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

Today’s Topics:

• FBI Lapses in Securing Sensitive Storage Media Exposed by OIG Audit
• Pavel Durov Arrested: French Police Target Telegram’s Content Oversight Issues
• How can Netizen help?

FBI Lapses in Securing Sensitive Storage Media Exposed by OIG Audit

The FBI’s handling of sensitive and classified electronic storage media has recently come under scrutiny, according to an audit by the Department of Justice’s Office of the Inspector General (OIG). The report reveals several critical weaknesses in the FBI’s procedures for managing decommissioned storage devices, such as hard drives and thumb drives, which contain both sensitive but unclassified information and classified national security information (NSI).

The audit found that once these devices were removed from computers marked for destruction, they were often left unaccounted for and improperly stored. In some instances, internal hard drives from Top Secret systems were kept on pallets in shared spaces for extended periods, without proper oversight or protection.

The OIG’s investigation highlighted a significant issue: the FBI personnel failed to properly label and track these storage devices after their removal. While computers were labeled with appropriate classification markings, the extracted storage media were often left as standalone items without any indication of their classification level. This lack of labeling and accountability created substantial risks, making it challenging to verify whether these devices had been destroyed or accessed by unauthorized individuals.

At the facility where these storage devices were meant to be destroyed, there were major gaps in physical security. Media that was marked as non-accountable—those removed from sensitive systems—was stored on a pallet with torn wrapping in a shared workspace accessible to nearly 400 personnel. This facility also housed other FBI operations, including logistics and IT equipment fulfillment, which further complicated security measures. Contractors from at least 17 companies and FBI task force officers had access to the facility, adding to the security concerns.

The OIG report revealed that the FBI could not account for whether any devices had been removed from the unsecured pallets. Both FBI supervisors and contractors admitted that no process was in place to track or monitor the media after extraction.

Furthermore, the audit pointed out deficiencies in the FBI’s procedures for securing electronic media before destruction. According to the Open-Storage Secure Areas, Closed-Storage Secure Areas, and Controlled Unclassified Areas Policy Guide (1264PG), FBI personnel are required to follow a clean desk policy and store classified materials in locked containers at the end of each day. However, the audit found that these standards were not consistently followed.

In response to the OIG’s concerns, the FBI stated that they would start storing unsanitized hard drives and solid-state drives (SSDs) in a secure cage within the facility until they could be processed properly. Despite this commitment, the OIG noted during follow-up visits in early 2024 that additional security measures, such as a new camera system, had been delayed. As of June 2024, the FBI was still working on obtaining a waiver to install video surveillance at the facility.

To address these vulnerabilities, the OIG has provided the FBI with several recommendations to improve its control over the storage and disposal of electronic media. These include:

• Revising procedures to ensure that all storage media containing sensitive or classified information are properly accounted for, tracked, and sanitized before destruction.
• Implementing measures to clearly mark electronic storage media with the appropriate classification level, in line with FBI and DOJ policies.
• Enhancing physical security controls at facilities where media is stored and processed, to prevent loss or theft.

The audit underscores the need for the FBI to strengthen its procedures for managing sensitive storage media, particularly at facilities where media is destined for destruction. With nearly 400 individuals having access to the facility and media being left unsecured for long periods, the risk of unauthorized access or loss is significant.

The OIG continues its broader audit of FBI contracts and procedures and is urging the FBI to take immediate action to safeguard its electronic storage media. The FBI has been asked to provide an update on its response to the recommendations within 90 days.

For more information or questions about the audit, the OIG encourages contacting Michael E. Horowitz, Inspector General, or Jason R. Malmstrom, Assistant Inspector General for Audit, at the DOJ.

Pavel Durov Arrested: French Police Target Telegram’s Content Oversight Issues

In a notable turn of events for digital privacy and cybersecurity, Pavel Durov, the founder and CEO of Telegram, has been arrested in France. The arrest, reported by French television network TF1, stems from a warrant related to an ongoing investigation into Telegram’s content moderation practices.

The focus of the investigation is Telegram’s alleged failure to properly moderate content on its platform, which has reportedly facilitated a range of criminal activities. These include drug trafficking, child exploitation, money laundering, and fraud. Critics argue that Telegram’s lax approach to content moderation has enabled it to become a significant hub for criminal enterprises.

Guardio Labs, a cybersecurity firm, has raised alarms about Telegram’s role in the criminal ecosystem. A recent report from the firm describes Telegram as a thriving platform where cybercriminals trade tools and data. “This messaging app has become a major conduit for seasoned and emerging cybercriminals, enabling them to exchange illicit tools and victims’ data,” the report states.

Telegram, which is headquartered in Dubai, has over 950 million monthly active users as of July 2024. The app has recently expanded its features, including an in-app browser and a Mini App Store, positioning itself as a multifunctional super app similar to Tencent’s WeChat.

Durov was apprehended at Paris’ Bourget Airport upon arriving from Azerbaijan. French law enforcement, including the Gendarmerie des Transports Aériens (GTA) and the Office National Antifraude (ONAF), detained him. The arrest warrant was issued by the Office des Mineurs (OFMIN), a branch of the French National Police’s judicial direction, due to allegations that Telegram’s lack of effective moderation made Durov complicit in the crimes facilitated through the app.

Authorities suspect that Durov’s alleged failure to cooperate with law enforcement, along with his provision of tools such as disposable phone numbers and cryptocurrencies, contributed to serious crimes like drug trafficking, child exploitation, and fraud. “Durov made a critical error by entering France knowing he was a person of interest,” a source close to the investigation commented.

The arrest marks a significant moment in the global effort to hold tech platforms accountable for criminal activities conducted through their services. The case not only aims to disrupt the criminal networks utilizing Telegram but also seeks to spur European countries towards greater cooperation in combatting cybercrime.

Telegram, known for its robust encryption and capacity for large, private groups, has faced criticism for its role in criminal activities. “Telegram has emerged as a platform of choice for organized crime,” an investigator noted, underscoring concerns about its use in the distribution of banned content and coordination of criminal activities.

As the investigation progresses, the impact of this high-profile case on future regulatory measures for digital platforms and their responsibility in content moderation remains to be seen.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

Today’s Topics:

• OpenAI Shuts Down Iranian Influence Campaign Leveraging ChatGPT
• Ransomware Attack Cripples Flint, Michigan’s Online Services: City Scrambles to Restore Operations
• How can Netizen help?

OpenAI Shuts Down Iranian Influence Campaign Leveraging ChatGPT

Last Friday, OpenAI announced the suspension of several accounts tied to a covert Iranian influence operation known as Storm-2035. This campaign used OpenAI’s ChatGPT to generate content aimed at swaying opinions around the U.S. presidential election and other hot-button issues. The operation has raised alarms about the potential misuse of artificial intelligence in geopolitical schemes.

The Storm-2035 operation focused on creating content that targeted audiences across the political spectrum in the United States. According to OpenAI, “This week we identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as Storm-2035.” The content spanned topics from U.S. politics to the Gaza conflict, Israel’s role in the Olympic Games, and politics in Venezuela.

The operation aimed to stir division by engaging with both conservative and progressive audiences, appearing to align with their respective viewpoints. The articles were published on five websites posing as legitimate news outlets, each tailored to appeal to different segments of the U.S. population. “The first workstream produced articles on U.S. politics and global events, published on five websites that posed as both progressive and conservative news outlets,” OpenAI noted.

Despite its widespread efforts, the operation didn’t really take off. OpenAI pointed out that most of the content didn’t get much attention on social media platforms. “Similar to the covert influence operations we reported in May, this operation does not appear to have achieved meaningful audience engagement,” the company explained. Using Brookings’ Breakout Scale, the operation was categorized as being at the low end of Category 2. This means that while there was some activity across multiple platforms, there was no sign that real people picked up or widely shared the content.

The operation’s limited success extended beyond social media. OpenAI found “no indication that the web articles created using ChatGPT were shared on social media platforms.” Moreover, the attempt to generate engagement by mixing political content with lighter posts about fashion and beauty—probably to appear more authentic or build a following—also fell flat.

Storm-2035 used ChatGPT to create both long-form articles and shorter social media comments in English and Spanish. These were posted across multiple accounts on platforms like X (formerly Twitter) and Instagram. The operation had a strategy: asking ChatGPT to rewrite existing social media comments to push the campaign’s agenda. “Some of the X accounts posed as progressives, and others as conservatives. They generated some of these comments by asking our models to rewrite comments posted by other social media users,” OpenAI elaborated.

The topics covered were diverse, ranging from U.S. domestic politics to international issues like the Gaza conflict and Scottish independence. This content was then strategically mixed with lighter topics like fashion to create a more diversified and seemingly genuine online presence.

The disruption of Storm-2035 is part of a broader effort by tech companies and governments to combat foreign influence operations. Microsoft, for example, had previously highlighted the activities of Storm-2035 in its reports, describing it as an Iranian network “actively engaging U.S. voter groups on opposing ends of the political spectrum with polarizing messaging.” This network was known for trying to manipulate public opinion on issues like the U.S. presidential candidates, LGBTQ rights, and the Israel-Hamas conflict.

Additionally, Microsoft identified similar tactics used by other foreign influence operations, including those linked to Russian networks like Ruza Flood (also known as Doppelganger), Storm-1516, and Storm-1841 (also known as Rybar). These operations have been characterized by their use of AI and social media to amplify misleading or outright false information across multiple platforms.

One concerning trend in these influence operations is the evolution of tactics as they adapt to increased enforcement by social media companies and governments. For instance, Meta reported that Doppelganger had shifted its focus towards non-political posts and ads in an attempt to evade detection. These posts often spoofed entertainment and lifestyle news outlets, using compromised accounts to create ads that, when clicked, redirected users to politically charged content on counterfeit domains. “The posts contain links that, when tapped, redirect users to a Russia war- or geopolitics-related article on one of the counterfeit domains mimicking entertainment or health publications,” Meta noted.

The adaptation of such tactics highlights the ongoing challenge of securing democratic processes against foreign interference, particularly in the context of the 2024 U.S. election. As OpenAI pointed out, “Notwithstanding the lack of meaningful audience engagement resulting from this operation, we take seriously any efforts to use our services in foreign influence operations.”

In response to these threats, OpenAI emphasized its commitment to transparency and proactive measures to prevent the misuse of its AI technologies. The company has been actively sharing threat intelligence with government agencies, campaign teams, and industry stakeholders to support a coordinated response against foreign influence operations. “OpenAI remains dedicated to uncovering and mitigating this type of abuse at scale by partnering with industry, civil society, and government, and by harnessing the power of generative AI to be a force multiplier in our work,” the company stated.

This collaborative approach is crucial as the methods used by influence operations continue to evolve. By leveraging AI tools to detect and disrupt these activities, OpenAI and other tech companies aim to protect the integrity of information and democratic processes worldwide.

Ransomware Attack Cripples Flint, Michigan’s Online Services: City Scrambles to Restore Operations

The City of Flint, Michigan, finds itself in the throes of a severe ransomware attack that has left critical online services crippled since August 14, 2024. The attack, which has drawn the attention of both federal and state authorities, has had widespread repercussions, affecting various aspects of daily operations and leaving residents and city officials alike grappling with uncertainty.

The ransomware attack has hit Flint hard, especially in terms of its ability to process payments and maintain communication with its residents. The city’s core payment processing system, BS&A, was among the hardest hit. This disruption means that residents have been unable to make online or credit card payments for essential services like water, sewer, and taxes. In response, city officials have moved quickly to ensure that residents are not penalized during this period of turmoil. “We want to assure everyone that no late fees will be applied, and water shutoffs are not going to happen while we work through this,” a city spokesperson said.

Beyond payment processing, the attack has had significant implications for the city’s communication infrastructure. Flint’s GIS maps have been taken offline, and there are major gaps in the city’s email, phone, and voicemail systems. These disruptions have made it challenging for city employees to maintain regular contact with residents, adding to the overall sense of disarray.

Despite these setbacks, Flint’s public safety services, including 911, dispatch, law enforcement, and fire operations, have remained fully operational. Public works services, including waste collection and water utilities, are also functioning normally, providing some relief amid the chaos.

Flint Mayor Sheldon Neeley addressed the public with a mix of resolve and concern as the city continues to grapple with the fallout. “We are working tirelessly to resolve this issue and minimize the impact on Flint residents. I want to thank our staff and partners for their hard work and dedication during this difficult time,” Mayor Neeley stated.

The attack is being treated with the utmost seriousness, with both the FBI and the Michigan Attorney General’s Office now involved in the investigation. Cybersecurity experts have been called in to assess the full extent of the damage and to help the city in its recovery efforts. However, despite the best efforts of all parties involved, there is no clear timeline for when the city’s systems will be fully restored.

One of the most pressing concerns for city officials is the potential exposure of sensitive personal data belonging to Flint’s residents and employees. The city is actively investigating whether any such data has been compromised in the attack. “We are investigating whether resident or employee personal data has been impacted. As always, we encourage individuals to take action to protect themselves from identity theft,” read a statement from the city. This ongoing uncertainty has understandably left many residents feeling anxious and concerned about their personal security.

Flint’s struggles are part of a larger, disturbing trend that has seen municipalities and organizations across Michigan targeted by increasingly sophisticated cyberattacks in recent months. While the situation in Flint is particularly severe, other cities in the state have faced similar challenges, forcing them to take drastic measures to protect their systems and services.

Flint’s response, however, has been bolstered by the unfortunate fact that they are not alone in facing such challenges. The city is able to draw on tested resources and strategies from these previous incidents as it works to bring its services back online. Mayor Neeley expressed confidence that, despite the current difficulties, the city would emerge stronger and more resilient in the face of these cyber threats.

As the city works to restore normal operations, Flint has implemented several temporary measures to ensure that essential services can continue.

• Payments: Given that the BS&A system is offline, residents are now limited to making payments via cash or check. While this is far from ideal, city officials have emphasized that it is a necessary step to prevent further disruptions.
• Communication: The city’s phone and voicemail systems are currently unreliable, and while some employees are able to access email, communication remains a challenge. Residents have been urged to be patient and persistent in their attempts to reach city services.
• Website Access: The city’s website, hosted on a separate server, remains largely intact, but several linked platforms, including the billing system and GIS maps, are unavailable. Despite these challenges, the website continues to serve as a vital source of information for residents seeking updates on the situation.

Public health services have fortunately remained fully operational throughout the ordeal. Flint residents can still access water testing kits and filters at designated locations, ensuring that this essential service remains uninterrupted.

While the full impact of the ransomware attack on Flint is still unfolding, city officials have been steadfast in their commitment to overcoming this crisis. The involvement of federal and state law enforcement agencies, as well as top-tier cybersecurity experts, underscores the seriousness of the situation and the city’s determination to address it head-on.

“We are working around the clock to restore our systems and to ensure that this kind of disruption doesn’t happen again,” said Mayor Neeley. The road to recovery may be long and fraught with challenges, but Flint’s leadership and residents alike remain hopeful that the city will emerge stronger from this ordeal.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.