News

Critical Update: Resolving the Microsoft Windows and CrowdStrike Outage

Early this morning, a widespread fault with Microsoft Windows machines running the CrowdStrike Falcon agent caused chaos around the globe – grounding flights, taking banks, hospital systems, and media offline, and causing a massive global disruption to companies and services around the world.

What Happened?

Cybersecurity firm CrowdStrike said that the issue believed to be behind the outage was not a security incident or cyberattack — the problem occurred when it deployed a faulty update to computers running Microsoft Windows.

Microsoft stated, “We have been made aware of an issue impacting Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, which may encounter a bug check (BSOD) and get stuck in a restarting state.”

Steps to Resolve the Issue

Microsoft Azure released a fix for this issue. For detailed instructions, visit: https://azure.status.microsoft/en-gb/status

1. Restart Your Virtual Machines

Many users have reported success by repeatedly restarting their VMs. Although it may take multiple attempts (as many as 15 in some cases), this has proven to be an effective troubleshooting step. You can restart your VMs through the Azure Portal or using the Azure CLI:

  • Using the Azure Portal: Navigate to your affected VMs and click on ‘Restart.’
  • Using the Azure CLI or Azure Shell: Follow the instructions here to restart your VMs: Azure CLI Documentation

2. Restore from a Backup

If you have backups from before 19:00 UTC on July 18th, restoring from these backups is a reliable solution. Here’s how you can do it if you are using Azure Backup:

  • Follow the instructions in this guide: How to Restore Azure VM Data

3. Repair the OS Disk

Another option is to repair the OS disk by attaching it to a repair VM. This allows you to delete the problematic file directly. Here are the steps:

  • Attach the OS disk to a repair VM through the Azure Portal.
  • Navigate to the disk and delete the file located at Windows/System32/Drivers/CrowdStrike/C00000291*.sys.
  • Detach the disk and reattach it to the original VM.

For detailed instructions on repairing the OS disk, refer to: Troubleshoot a Windows VM

.sys Removal Script

This script automatically finds and removes the problematic .sys file on the host. This script can be put on a USB drive and executed with administrative privileges for ease of use across multiple systems.

Ongoing Support

The affected update has been pulled by CrowdStrike. Customers that are continuing to experience issues should reach out to CrowdStrike for additional assistance.

Microsoft is continuing to investigate additional mitigation options for customers and will share more information as it becomes known. For current updates, visit: https://azure.status.microsoft/en-gb/status

Additional Resources
Critical Update: Resolving the Microsoft Windows and CrowdStrike Outage2024-07-19T21:03:15-04:00

False Promises, Real Losses: Navigating the Dangers of Romance Scams

Romance scams have become a significant financial threat, preying on individuals’ emotions and vulnerabilities. In 2023, consumers have lost $1.14 billion to romance scams, making it one of the most financially damaging forms of imposter fraud.

The financial and emotional toll on victims of romance scams is severe. The Federal Trade Commission (FTC) reported that the median loss per victim in 2023 was $2,000, the highest for any type of imposter scam. Furthermore, romance scams often lead to feelings of betrayal and embarrassment, making it difficult for victims to come forward and seek help. In many cases, victims are isolated from their friends and family, further exacerbating their vulnerability.

Romance scams involve criminals adopting fake online identities to gain victims’ trust and affection. These scammers manipulate victims into sending money or providing access to their financial accounts. Tracy Kitten, the director of fraud and security at Javelin Strategy & Research, emphasizes that these scams are particularly insidious because they exploit emotional connections. Once trust is established, victims are more likely to comply with the scammer’s requests, believing in the authenticity of the relationship.

Methods Used by Scammers

  • Building Trust: Scammers create convincing online profiles and develop relationships over time. They often claim to be working overseas or in the military, providing plausible excuses for not meeting in person.
  • Emotional Manipulation: Scammers exploit victims’ emotions, claiming to need money for medical emergencies, travel expenses, or legal fees. They may also use pressure tactics and isolation attempts to maintain control over the victim (Source 1: CNBC, Source 2: FBI).
  • Platform Selection: Many romance scams begin on social media platforms, with scammers reaching out through unsolicited messages. According to the FTC, 40% of victims who lost money to romance scams in 2022 were initially contacted via social media (Source: CNBC).

Detecting and Preventing Romance Scams

  • Requests for Money: The most significant red flag is when someone asks for money. Scammers often create urgent situations to prompt financial help.
  • Too Good to Be True: If a new contact seems overly interested and perfect, it may be a scam.
  • Refusal to Meet in Person: Scammers usually avoid in-person meetings, citing various excuses.
  • Isolation Attempts: If someone discourages you from discussing your new relationship with friends or family, be cautious.
  • Pressure Tactics: Scammers may rush the relationship and pressure you into making quick decisions (Source 1: CNBC, Source 2: FBI).

Steps to Take

  1. Reverse Search Images: Use online tools to verify the authenticity of the profile pictures.
  2. Check Privacy Settings: Limit the information you share publicly on social media.
  3. Take Your Time: Ask detailed questions about the person’s background and verify their answers.
  4. Avoid Financial Transactions: Never send money or share financial information with someone you have only met online.
  5. Meet in Public: If you decide to meet, choose a public location and inform someone you trust about the meeting.

Reporting Scams

If you encounter suspicious profiles or messages online, it’s crucial to report them promptly. Inform the platform you’re using and for more detailed guidance on reporting cybercrimes, visit Cyber Florida’s reporting page at Cyber Florida Reporting. Victims can also find support through organizations like The Cybercrime Support Network, offering counseling and recovery groups.

Information retrieved from the CNBC and the FBI online resources.

More resources:

False Promises, Real Losses: Navigating the Dangers of Romance Scams2024-07-18T13:42:35-04:00

Innovative Virtual Cyber Program for Florida Public Schools

Teaching Digital Natives

Cyber Florida and Teaching Digital Natives Introduce Innovative Virtual Cyber Program for Florida Public Schools

No-cost curriculum supports Florida legislative requirements

July 15, 2024—Tampa, Fla— The Florida Center for Cybersecurity, also known as Cyber Florida at USF, and Teaching Digital Natives are delighted to introduce a collaboration to bring a new program to Florida Public Schools, titled Cyber Hygiene and Digital Citizenship. Developed by Teaching Digital Natives, this innovative virtual learning program features a gamified, interactive virtual reality environment designed for elementary and middle school-aged students.

In response to recent Florida legislation, the program includes curriculum covering social media etiquette to meet the mandated requirements for instruction on the social, emotional, and physical effects of social media.

To encourage students to learn about good cybersecurity practices and consider cybersecurity as a potential career path, Cyber Florida at USF is sponsoring a substantial number of seats on a first come – first serve basis in Florida public schools.

The virtual reality experience is currently offered in both English and Spanish languages and incorporates real-life locations where cyber threats are likely to take place, including in home, school, and even a local restaurant. One of the advantages of the digital curriculum is its agility. The Cyber Hygiene and Digital Citizenship course can be run synchronous or asynchronous allowing flexibility to complete on the student’s own timeline.

The program covers four core modules that include 20 lessons, five-to-seven minutes each, for about two hours of learning. These short and engaging lessons are designed to keep the attention of students and increase their learning retention.

Cyber Florida at USF is dedicated to advancing cybersecurity across Florida for grades K-12, leading cyber workforce development initiatives, and facilitating advanced applied research. Cyber Florida also engages millions through awareness campaigns and resources, safeguarding vulnerable populations and organizations.

Cyber Florida at USF Director Ernie Ferraresso says, “Incorporating Cyber Hygiene and Digital Citizenship highlights our commitment to integrate cybersecurity awareness and career education in Florida’s public schools while fulfilling our broader mission to lead the nation in cybersecurity education, research, and community engagement.”

Teaching Digital Natives is a non-profit educational initiative that provides technology, cybersecurity and digital literacy for kids. Its mission is to educate today’s youth and families and retool underserved communities to mitigate the dangers of the online world. It also aims to cultivate a strong technology workforce, making the Internet a more secure experience for everyone.

Teaching Digital Natives Director of Outreach Danielle Reyes says, “Our immersive, device-agnostic platform was created after years of research and development with leading professionals in the cybersecurity and education industries and aligns with the national standards for cybersecurity education. Additionally, our program supports the instructional requirements of House Bill 379, ensuring comprehensive education on the effects of social media. We are so excited to partner with Cyber Florida at USF to bring this program to Florida Public Schools at no cost to them.”

For more information and to submit a registration request, visit: https://www.teachingdigitalnatives.org/cyber-fl-program/.

ABOUT CYBER FLORIDA
The Florida Center for Cybersecurity at the University of South Florida, commonly referred to as Cyber Florida at USF, was established by the Florida Legislature in 2014. Its mission is to position Florida as a national leader in cybersecurity through comprehensive education, cutting-edge research, and extensive outreach. Cyber Florida leads various initiatives to inspire and educate both current and future cybersecurity professionals, advance applied research, and enhance cybersecurity awareness and safety of individuals and organizations.

ABOUT TEACHING DIGITAL NATIVES
Founded in Miami in 2017, Teaching Digital Natives is a nonprofit initiative focused on equipping youth with essential skills in technology, cybersecurity, soft skills, and leadership. Teaching Digital Natives is dedicated to empowering young people and families with the knowledge and tools needed to navigate the online world safely and confidently, fostering a secure digital environment for future generations.

Innovative Virtual Cyber Program for Florida Public Schools2024-08-06T13:05:16-04:00

Cyber Florida Leads Election Security Tabletop Exercise (TTX)

On 8 May, over sixty representatives from fourteen counties participated in an in-person TTX hosted by Cyber Florida at Hunter’s Green in Tampa. County Supervisors of Elections (SoEs), Law Enforcement (LE) personnel and those in Information Technology (IT) roles were joined by representatives from the FBI, Florida Digital Service (FLDS), the Cybersecurity & Infrastructure Security Agency (CISA), the University of West Florida (UWF), and Florida International University (FIU) (two of Cyber Florida’s state training program partners) to address this critical topic. The FBI, CISA, and UWF spoke to the group about the importance of election security, how their organizations provide support, and how state and county officials can connect with them.

Following those informative presentations, Norwich University Applied Research Institute (NUARI) orchestrated a four-hour session using scenarios developed in concert with Cyber Florida, SoEs, and LE personnel. NUARI’s DECIDE tool virtually presented scenario events to the different sets of “players” in the room, who had to articulate how they would respond to the events. The advantages of holding the event in person became obvious as numerous discussions and networking occurred at every table and among the SoEs, LEs, and IT personnel throughout the day—organic discussions that could not be replicated in a strictly virtual environment.

Cyber Florida infused the new, state-funded cyber range (hosted by SimSpace) to provide a technical, hands-on dimension to the experience. IT personnel from three counties and University of South Florida students in Cyber Florida’s Security Operations Center Apprentice Program were confronted with various cyber events on the range. At the conclusion, IT participants were asked to share the events detected and actions taken. Notably, their presentations were clear and concise—even to those in non-technical roles—underscoring the importance of IT personnel being able to explain things in “plain English” to managers and executives who may need to take or authorize specific actions.

Feedback from participants included these comments:

  • “We need to revise our Incident Response Plan to include many of the things we learned today.”
  • “Learned a lot about resources available to us: CISA, FBI, Cyber Florida, FLDS and other state orgs.”
  • “The opportunity to have in-person networking was great.”
  • “The use of tech and opportunity to collaborate amongst many counties was great.”
  • “We need to codify our processes and know our key POCs.”
  • “We need more training events like this.”

Cyber Florida thanks the Pasco County SoE, Kristie Crump, and the Pasco County Sheriff’s Office (specifically Chuck Esposito), who contributed expertise and used their SoE and LE networks to help us garner the support and participation of other counties.

Cyber Florida is working with FIU to co-host another in-person TTX in the Miami area in August and will endeavor to host one in the Jacksonville area in September. As we do this, we will also need support from SoE and LE personnel in those parts of the state.

Cyber Florida Leads Election Security Tabletop Exercise (TTX)2024-06-28T11:55:24-04:00

National Cyber Director Releases Workforce and Education Strategy

June 25, 2024 – Washington, D.C.: The Office of the National Cyber Director (ONCD) today released the National Cyber Workforce and Education Strategy: Initial Stages of Implementation, outlining the progress made since the office initially released the strategy in 2023. In a blog post announcing the report, titled “Unleashing America’s Cyber Talent,” Assistant National Cyber Director for Workforce, Training and Education Seeyew Mo, noted that “…demand for cyber talent is only going to grow. We are at a crucial point where we all must work together – across the Federal Government, private sector, academia and non-profits, and other stakeholders…”

Mo went on to outline several initial successes, including, “unprecedented” coordination across 35 Federal agencies; a shift in Federal hiring toward a skills-based approach to IT positions; identification of Federal investment opportunities to provide more access to these careers for Americans; and the cooperation of more than one hundred of agencies, associations, foundations, and academic institutions yielding $95 million in investments, 13,000 new hires in the field, and more than 1 million trained.

Cyber Florida at USF is proud to participate in this national initiative through several programs, including CyberWorks—which is part of the national CyberSkills2Work program—and the National Centers of Academic Excellence program managed by the National Security Agency.

National Cyber Director Releases Workforce and Education Strategy2024-10-07T16:38:50-04:00

Update to Program to Enhance Cybersecurity

Cyber Florida Announces Update to Program to Enhance Cybersecurity for Critical Infrastructure Organizations

The Critical Infrastructure Protection program assessment aligns with the recently released National Institute of Standards and Technology Cybersecurity Framework 2.0

June 6, 2024—Tampa, Fla—Cyber Florida, in partnership with Idaho National Laboratory (INL), has updated its Critical Infrastructure Protection (CIP) program to align with the recently released National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, widely used to reduce cybersecurity risk across public and private sectors and subsectors. Cyber Florida’s multi-assessment platform leverages the Department of Homeland Security’s Cyber Security Evaluation Tool’s (CSET®) containing both the NIST 2.0 CSF Standard Question Set and Ransomware Readiness Assessment modules. The tools and resources available through the CIP program are state-funded and provided at no charge for Florida’s private and public critical infrastructure organizations.

NIST CSF 2.0 is designed for all audiences, businesses, critical infrastructure (CI) sectors, and organizations, regardless of their degree of cybersecurity sophistication. NIST CSF 2.0 has added governance to the CSF’s core guidance to help organizations assess and achieve their cybersecurity goals.

“Since October 2022, more than 655 Florida organizations, companies, businesses, and government agencies have participated in the CIP program,” said Bryan Langley, Lead Program Manager at Cyber Florida. “We continue to support, develop and adopt greater cybersecurity measures and services to support the State of Florida’s public and private sector CI owners and operators.”

The State of Florida’s Legislature funded the risk assessment effort to support the state’s public and private sector entities with numerous, no-cost benefits for participating organizations, companies, and businesses. The assessment covers the NIST CSF 2.0 desired outcomes and provides several reports detailing an organization’s strengths and weaknesses to determine and leverage cyber risk reduction resources from Florida agencies, universities, and colleges. Measuring success comes from both the improvements made by the participants based on their individual reports and using the customized statewide dashboard (visualization tool) developed by INL to analyze CI sector/subsector risk across the state.

The CIP program is intended to assist small and medium-sized enterprises and resource-constrained county and municipal government entities in implementing basic cybersecurity protocols and policies to achieve a fundamental cybersecurity posture. This comprehensive initiative is designed to fortify the cybersecurity resilience of public and private critical infrastructure across the state.

In an era of increasing cyber threats and incidents, safeguarding critical infrastructure is paramount. The CIP program aims to empower organizations by providing high-quality cybersecurity resources, training, and support to defend against evolving cyber risks and recover from incidents. The resources available on the platform include the following:

  • A 20-question NIST CSF and DHS Ransomware Readiness Assessment (RRA) aligned entry-level assessment based on the most-reported cybersecurity gaps from the initial statewide risk assessment period between October 2022 and June 2023.
  • A Cybersecurity Incident Response Plan Template to help organizations think through and plan how to recover from a cyber incident.
  • A 154-question assessment that covers key cybersecurity desired outcomes and practices outlined in the NIST CSF 2.0 and the DHS RRA.

To learn more about the CIP program and how your organization can participate, please visit the program’s official webpage: https://cyberflorida.org/cip or contact the program lead, Bryan Langley at bjlangley@cyberflorida.org.

ABOUT CYBER FLORIDA
The Florida Center for Cybersecurity at the University of South Florida, commonly referred to as Cyber Florida at USF, was established by the Florida Legislature in 2014. Its mission is to position Florida as a national leader in cybersecurity through comprehensive education, cutting-edge research, and extensive outreach. Cyber Florida leads various initiatives aimed at inspiring and educating both current and future cybersecurity professionals, advancing industry research, and enhancing cybersecurity awareness and safety of individuals and organizations.

Update to Program to Enhance Cybersecurity2024-08-05T11:14:04-04:00

Teaching Digital Natives Webinar

Join our Operation K12 team to explore Teaching Digital Natives.

In this webinar, we’ll explore the dynamic realm of Teaching Digital Natives. Join us to delve into a comprehensive cybersecurity program designed to equip educators with effective strategies, compelling content, and inspiration for both summer camps and middle school courses.

Teaching Digital Natives Webinar2024-09-20T10:25:43-04:00

National Cyber Director Releases Cyber Workforce Resources

April 26, 2025—Washington, D.C.—The Office of the National Cyber Director (ONCD) developed the National Cyber Workforce and Education Strategy (NCWES) and Fact Sheet to address this national security and economic imperative.  The NCWES meets President Biden’s call in the 2023 National Cybersecurity Strategy (NCS) for ONCD to develop a strategy to expand the national cyber workforce, increase its diversity, and expand access to cyber education and training. Implementation of the NCWES will expand opportunities nationwide for good-paying jobs in cyber. ONCD released a report on the initial implementation of the NCWES to provide an update on progress.

The NCWES aims to both equip all Americans with foundational cyber skills and increase access for all workers, regardless of college degree status, to good, meaningful jobs in cyber. There are hundreds of thousands of cyber jobs across the country that are available now and offer high earnings potential and the opportunity to protect our organizations, businesses, communities, and country.

If you are a job seeker, see the Guidance and Resources sheet for how you can explore these skills and jobs.

For educators, the NCWES supports instruction for skilled cyber workers and the teaching of foundational cyber skills to all Americans.  It supports educational models that encourage the development of skills-based alternatives to four-year degrees and the alignment of adaptive digital skills to continuously evolving industry needs.

If you are an educator, see the Guidance and Resources sheet for how you can explore these skills and jobs.

For employers, the NCWES encourages cross-sector employment initiatives to expand and diversify the cyber workforce through skills-based hiring, training, and career development.

If you are an employer, see the Guidance and Resources sheet for actions you can take to expand and diversify your cyber workforce.

National Cyber Director Releases Cyber Workforce Resources2024-10-08T14:17:20-04:00

Cyber Florida Hosts the Inaugural CyberLaunch Competition

On March 1, 2024, Cyber Florida proudly hosted the inaugural CyberLaunch Competition in Orlando, Florida. The event marked a resounding success, with over 900 students from 97 schools and 44 districts uniting to test their cybersecurity skills, overcome new challenges, and network with potential employers in the cyber industry!

As Florida’s first statewide high school cybersecurity competition, CyberLaunch aimed to introduce high school students to the universe of cybersecurity careers through the fun of a statewide competition. The event provided a safe, cost-effective, and low-pressure environment for students to showcase their abilities, collaborate as teams, and gain valuable experience in the thrilling world of cybersecurity competitions.

CyberLaunch featured two competition tracks to cater to diverse skill levels, and both competitions were created with the help of EC-Council. The Guided competition was designed for competition beginners, and the Advanced Capture-The-Flag (CTF) was tailored for those with previous experience in CTF competitions.

Here are the notable winning teams from each category:

Guided Winning Teams –

1st place | NeoCity Academy (Osceola County) Teacher: Juan Tovar

2nd place | – Bayshore High School (Manatee County) Teacher: Chuck Routhier

3rd place | Doral Academy (Miami-Dade) Teacher: Jose Luis Del Valle/ Luis Santa Cruz

4th place | NeoCity Academy (Osceola County) Teacher: Juan Tovar

Advanced CTF Winning Teams:

1st place | John A. Ferguson Senior High School (Miami-Dade)Teacher: Maria Hernandez

2nd place | Crooms Academy of Information Technology (Seminole County) Teacher: Halima Fisher

3rd place | Hernando High School (Hernando County) Teacher: Mason Lewis

Beyond the competition, CyberLaunch featured an exhibit hall featuring more than 50 companies and organizations. Students had the chance to network with industry professionals, explore potential career paths, and gain insights into the diverse opportunities available in the ever-evolving field of cybersecurity.

This event not only celebrated the remarkable achievements of Florida’s high school students but also highlighted the crucial role educators play in nurturing the next generation of cybersecurity professionals. The Cyber Florida team is committed to continuing this journey of empowerment, fostering a future where students and teachers alike thrive in the vast and exciting landscape of cybersecurity possibilities.

Stay tuned for more details regarding the 2025 CyberLaunch Competition!

Cyber Florida Hosts the Inaugural CyberLaunch Competition2024-07-26T10:06:05-04:00

Teaching Digital Natives

Join our Operation K12 team to explore Teaching Digital Natives.

In this webinar, we’ll explore the dynamic realm of Teaching Digital Natives. Join us to delve into a comprehensive cybersecurity program designed to equip educators with effective strategies, compelling content, and inspiration for both summer camps and middle school courses.

Teaching Digital Natives2024-04-23T14:06:05-04:00

CONTACT US

Cyber Florida at USF
4202 E. Fowler Avenue, ISA7020
Tampa, FL 33620

Office meetings by appointment only

PRIVACY POLICY

Copyright 2024 The Florida Center for Cybersecurity at the University of South Florida. Information on this website is made available for general educational purposes only and should not be used in lieu of obtaining competent legal advice from a licensed attorney or cybersecurity professional with sufficient expertise necessary to address your specific needs. Use of this website does not create any special or fiduciary relationship between you and the Florida Center for Cybersecurity or the University of South Florida.