National Oceanic and Atmospheric Administration (NOAA)
WTI is thrilled and honored to announce that we have been awarded a National Oceanic and Atmospheric Administration (NOAA) Mission Information Technology Services (NMITS) Multiple-Award Blanket Purchase Agreement contract. We are extremely grateful for the hard work, complementary IT expertise, and powerful past performance of our incredible team.
GSA Includes CMMC Requirements in Governmentwide Acquisition Contracts
The General Services Administration (GSA) will be including Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) requirements in the new Polaris small business governmentwide contract (GWAC), the second of GSA’s large contracting vehicles to include them, following 8(a) STARS III. The GSA’s concept is that CMMC will not be a firm requirement for the GWAC, but the language allowing the option to require CMMC will be included at the master contract level so that DoD customers can incorporate CMMC requirements in individual task orders. This will allow DoD customers to continue to utilize GSA GWACs as CMMC is rolled out over the next several years.
Ransomware Attack Jeopardizes Production of 300 COVID-19 Ventilators Per Day
Boyce Technologies, Inc., an FDA-approved manufacturer of ventilators during the COVID-19 pandemic, has been attacked with DoppelPaymer ransomware. The ransomware gang has threatened to leak stolen data from the company, including purchase orders, assignment forms and other sensitive data, unless an undisclosed ransom is paid by the firm. Ransomware and file encrypting malware attacks on companies serving the healthcare sector have been on the rise since the beginning of the COVID-19 pandemic. Prior to this attack, Boyce Technologies was producing around 300 ventilators a day that have been used in New York and increasingly in other areas. This attack potentially puts production of the ventilators – and lives – at risk.
Cybersecurity Maturity Model Certification (CMMC)
While the Cybersecurity Maturity Model Certification (CMMC) is still a work in progress, the CMMC Accreditation Body (CMMC-AB) is coming close to finalizing its processes for training and accreditation, and action will soon be underway. WTI is staying in communication with the CMMC-AB, following the rapidly updated information coming from the CMMC-AB through its National Conversations series, and readying our assessors to begin the training and certification process so that our company can begin taking the lead as a CMMC Certified Third-Party Assessment Organization (C3PAO). In the meantime, we are helping defense industrial base (DIB) contractors with gap analyses, documentation inventories, policy assessments, and plans for remediation so that they will be prepared for certification as soon CMMC goes into play.
In 2020, mobile devices are becoming the prime phishing attack vector as hackers increasingly employ machine learning techniques and view the cloud as a fertile ground for compromise.
CDC, IRS and Other Government Sites Hit by Phishing Scams
Phishing campaigns to lure citizens to fake websites are nothing new, but in our current environment, fraudsters are launching targeted efforts to spoof Americans into handing over their banking credentials in return for pandemic relief payments.