FBI - Oregon
Emergency Messages as of 11:54 am, Fri. Feb. 28
No information currently posted. Operating as usual.
Subscribe to receive FlashAlert messages from FBI - Oregon.
Primary email address for a new account:

Emergency Alerts News Releases  
And/or follow our FlashAlerts via Twitter

About FlashAlert on Twitter:

FlashAlert utilizes the free service Twitter to distribute emergency text messages. While you are welcome to register your cell phone text message address directly into the FlashAlert system, we recommend that you simply "follow" the FlashAlert account for FBI - Oregon by clicking on the link below and logging in to (or creating) your free Twitter account. Twitter sends messages out exceptionally fast thanks to arrangements they have made with the cell phone companies.

Click here to add FBI - Oregon to your Twitter account or create one.

Hide this Message


Manage my existing Subscription

News Releases
TT_-_PV_Communications.jpg
TT_-_PV_Communications.jpg
Oregon FBI Tech Tuesday: Building a Digital Defense With Your Communications (Photo) - 02/25/20

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence. 

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices

(Audio) 

Welcome to the Oregon FBI’s Tech Tuesday segment.  

This week: building a digital defense with your communications. 

Given the importance of communications in our lives today, it's no surprise that this particular set of technologies also represent a significant potential vulnerability. Communications can include personal and official email, messaging apps, and social media. 

Whether you are running a business or a political campaign, you should be aware of the potential dangers of cyber attacks through these various channels, and you should use the most secure methods of communication to reduce the likelihood of intrusion.

Keep in mind, most secure does not always mean easiest. Security and convenience often work on a continuum—with the most convenient practices tending to be the least secure. Use your best judgment for what makes sense for you. 

Pro-active steps you can take include addressing encryption, message retention, and access. 

Let’s start with encryption. Encryption encodes information, making it unreadable to anyone but those who have a key to decode the encrypted data. 

There are numerous ways to implement encryption so that even if an attacker gains access to your information, he or she will be unable to use it without a lot of effort. 

Look for trusted vendors of encrypted communication services for texting, email and voice; there are several solutions available, and some are free. 

Next: message retention. To help prevent attackers from stealing information, don't keep more than you need. 

You can do this by disabling the “archive” and “save old messages” features on your communication devices and applications. These are typically defaulted to automatically save. Disabling this feature is the electronic equivalent of shredding documents. 

Finally, depriving attackers of opportunities to attack can greatly improve your defenses.

Ensure only devices with a need to connect are granted access to your systems. This will reduce the resources needed to monitor and defend networks. One way of doing this is to create access control lists.

Access control lists typically consist of “white lists” or “black lists.” Whitelisting is a method of restricting access to only pre-approved devices or connections.?Blacklisting involves denying access to devices which are presumed or known to be not trustworthy. Blacklisting regions of the world that don’t have an approved or anticipated relationship with your business or campaign can greatly decrease the amount of threats your organization faces. 

Also, communications infrastructure shouldn't be left on 24/7. When you leave for the day, turn off devices and, where possible, turn off your office Wi-Fi networks, which can offer adversaries a potential route into your operations. 

Next week, we will talk about how to raise your cyber security stance when your employees or volunteers must use their personal devices in the workplace. 

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information. 

### 

5.jpg
5.jpg
FBI Seeking Information in Klamath Co. Electrical Substation Shooting (Photo) - 02/21/20

The FBI is offering a reward of up to $5,000 for information leading to the identification, arrest, and conviction of the person or persons responsible for the shooting of a Mid-State Electric Cooperative Substation.

On June 1, 2019, unknown suspects using high-caliber firearms shot at a transformer and power regulators located at the “Mowich” substation. Approximately 1,000 customers lost power due to the severe damage, which is estimated at more than $400,000.

To date, no group or person has claimed responsibility.

The seeking information poster can be found on the FBI’s website at https://www.fbi.gov/wanted/seeking-info/shooting-of-electrical-substation.

Anyone with information about the shooting is asked to call the FBI at (541) 773-2942 in Medford or at (503) 224-4181 in Portland.

# # #

Attached Media Files: 5.jpg
TT_-_PV_passwords.jpg
TT_-_PV_passwords.jpg
Oregon FBI Tech Tuesday: Building a Digital Defense With Passwords (Photo) - 02/18/20

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence.

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices.

(Audio)

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense with passwords… or rather passphrases.

We all use passwords. We use them for our phones, our computers, our email, and just about every other kind of personal account.

Unfortunately, many of us use simple passwords, such as Password1 or 1234, because they’re easier to remember. Some of us even reuse the same simple password for multiple accounts. 

If you use a simple password or pattern of characters, it’s considerably easier for an adversary to crack. Many businesses and sites require that passwords include uppercase letters, lowercase letters, numbers, and special characters. However, recent guidance from the National Institute of Standards and Technology, or NIST, advises that password length is much more important than password complexity. 

Instead of using a short, complex password that is hard to remember… consider using a longer passphrase. This involves combining multiple words into a long string of at least 15 characters. The extra length of a passphrase makes it harder to crack while also making it easier for you to remember.

For example, a phrase such as VoicesProtected2020WeAre is a strong passphrase. Even better – a passphrase that combines multiple unrelated words such as “director month learn truck.”

Here are the recommendations from the National Institute of Standards and Technology (NIST) for your organization:

  • Require everyone to use longer passwords or passphrases of 15 or more characters without requiring uppercase, lowercase, or special characters.
  • Only require password changes when there’s a reason to believe your network has been compromised.
  • Have your network administrators screen everyone’s passwords against lists of dictionary words and passwords known to have been compromised.
  • To help prevent a denial of service attack against your email service, don’t lock a user’s account after a certain number of incorrect login attempts. That way, even if an adversary floods your network with purposefully incorrect login information, your users won’t be locked out of their accounts.
  • Don’t allow password “hints.”

Finally, some people use password keeper programs. These programs store all of your passwords in one place, sometimes called a vault. Some programs can even make strong passwords for you and keep track of them all in one location, so then the only password or passphrase you have to remember is the one for your vault.

The downside of using a password keeper program is that if an attacker cracks your vault password, then he or she knows all of your passwords for all of your accounts. But many IT professionals agree, the benefit of a password keeper program far outweighs this risk. A little research should help you get started. 

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information.

###

TT - Bots - GRAPHIC
TT - Bots - GRAPHIC
Oregon FBI Tech Tuesday: Building a Digital Defense Against Bots (Photo) - 02/11/20

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence. 

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices

(Audio) 

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense by understanding how foreign actors use both technology and our emotions to interfere in elections. 

Let’s start with the basics. A “bot” is a program that can simulate human behavior. You likely encounter bots on a regular basis. It can be something as simple as “chatting” with a customer service representative at an online business or asking for help on a shopping site. Today, though, we are going to talk about how foreign actors use bots on social media platforms to drive discord and decision-making. 

The Department of Homeland Security (DHS) warns that bots “use artificial intelligence, big data analytics, and other programs or databases to imitate users posting content.” 

The bots start by targeting divisive issues big and small. The issue could be the upcoming election or the appropriate pizza topping. They don’t care about a winning side – it’s all about making people stake out very different positions.  

By getting people to respond, they are able to start building a large following. Once an influencer or a bot network identifies you as someone willing to engage, they often rename accounts and reuse them for multiple issues. 

That large following allows the foreign actors to be effective in spreading misinformation and hate speech, both of which can generate an emotional reaction by those involved in the debate. Feeling anger or extreme satisfaction can cause you to ignore signs of what’s going on and encourage you to like, repost, or share the info to even more people. 

In the end, the foreign actors and their bots impact our ability to have fair and free elections by polluting our political discussions about the candidates and the issues. What can you do? 

Be wary of accounts or profiles where the posts are only working to drive extreme views. Trolls are in it to make you mad – don’t let them. You can also check an account’s activity history. Is it very new? Was it created years ago but started posting a huge volume of content just recently? Has it changed its name repeatedly? Do some basic online research to see if you can determine if that very-American sounding group is really a legitimate organization. 

Finally, if in doubt – take your conversations off-line. Focus on verifiable facts and encourage your friends and family to do the same 

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information. 

###

Attached Media Files: TT - Bots - AUDIO , TT - Bots - GRAPHIC
TT - Cosuming Info - GRAPHIC
TT - Cosuming Info - GRAPHIC
Oregon FBI Tech Tuesday: Building a Digital Defense with How You Consume Information (Photo) - 02/04/20

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence. 

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices

(Audio) 

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense relative to how you consume information. 

When you find information on the internet, it’s important to remember that the creator likely had a purpose in writing that post. Things are often put online to a) make money or b) to influence the viewer’s perceptions of an issue or problem. 

It’s really important to consider the source of the information. Who posted this material online, and why? You should start by checking the profile of whomever appears to be posting the information. Do a search to see if the poster is a real person and what their qualifications may be. Specifically, look for: 

  • How recently the account was created? 

  • Whether there are conflicting posts (such as the person supports an issue in one post, but is against it in another)? 

  • Whether there are non-sensical posts or profile info doesn’t make sense?  (Many bots just throw a bunch of words together to make it look like content.) 

  • How quickly are the posts hitting? (No human can send 100 posts in 30 seconds.) 

Now, on to the content. Check to see if the headline matches the story. Oftentimes those trying to spread misinformation will use an emotionally-charged headline, but the body of the story doesn’t contain facts that you can verify elsewhere. Can you vet the information through one or more separate, trusted sources? Is what you are reading opinion masking as fact? What related information might have been left out of the material you’re accessing? 

Consider whether the post or article generated a strong emotional reaction in you – it could be anger or desperation – happiness or satisfaction. If so, the purpose of the post may have been to get you to react and re-post without thinking or verifying.  

Social media platforms give foreign actors a way to connect with and manipulate you—so someone who appears to be a like-minded supporter might actually be a foreigner who wants to trick you into sharing propaganda. 

The bottom line? Keep a healthy skepticism when you’re looking at information on the Internet. Consider why something might have been posted online and who stands to gain from that information.  

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information. 

###