By Ernie Smith

Security experts say that cyberattackers are more likely to get experimental when distributing malware or attacking businesses in the new year. They may even rely on social engineering rather than a technical payload.
If you’re going to fight the threats that the internet has to offer in 2020, you’re going to have to get a little more creative.

That’s because attackers are getting more clever and trying some weird tactics.

According to security experts at firms such as Trend Micro and Avast, bad actors are trying unconventional things to stay a step ahead of IT staffs.

Speaking to IT World Canada, Trend Micro’s director of technology marketing, Myla Pilao, said that attackers are increasingly targeting areas that they might have previously avoided, including malware on the Linux platform and malware that aims to steal information rather than money. She also says that attackers will become harder to detect as they use more nontraditional methods to distribute or spread malware.

“These are the ones that probably would stay in our network, would stay in our devices, for a long time unattended,” Pilao told the outlet. “They would have a nontraditional way to evade detection. They will probably be using more blacklisting techniques. They might be doing more in the evasion techniques.”

One example of this is the PureLocker ransomware attack, which gained notice in November. What was weird about it? Rather than being written in a more traditional programming language like Java, JavaScript, or C++, PureLocker was written in PureBasic, a fairly obscure programming language based on the old-school BASIC language.

Additionally, malware is increasingly moving away from trying to infiltrate the App Store and instead toward trying to game the ad systems many free apps use.

“Getting malicious apps onto the Google Play Store and the Apple App Store is not an easy task, which is why cybercriminals are shifting towards subscription scams and fake apps integrated with aggressive adware to make money,” noted Nikolaos Chrysaidos, the head of mobile threat intelligence and security at Avast, in a recent news release.

Another nontraditional method that experts expect to see, according to MediaPost, is the rise of less-technical cyberattacks that rely on social engineering and attempt to compromise vendors that organizations rely on. Agari CMO and Chief Identity Officer Armen Najarian said that the attacks will involve “low-tech and social-engineered attacks at scale,” which tend to be more effective than more automated approaches.

“We fully expect cybergangs and cybercriminal organizations will organize and attempt fewer technical cyberattacks, like malware, starting early in 2020,” Najarian told the outlet.

To put it all another way: Stay on your toes in 2020. You’re going to need it.

“This article originally appeared on AssociationsNow.com. Reprinted with permission. Copyright ASAE: The Center for Association Leadership (January 2020), Washington, DC.”

IAVM member Neil McMullin, Senior Vice President, Shared Services, with Fern Exposition & Event Services, has been elected to serve as president of the Exhibition Service & Contractors Association (ESCA) following the organization’s most recent Winter Meeting in Las Vegas.

“Neil brings a level of expertise, passion, and insight to ESCA that will help continue our mission and support the exhibitions industry,” said Larry Arnaudet, Executive Director of ESCA.

McMullin has worked in the meetings and events industry as a general manager of convention centers, conference centers, arenas, and performing arts venues in various locations throughout the U.S., working for a private-venue management firm. He graduated with a degree in facility and business management from BYU. He is responsible for Fern’s field operations including quality control and the implementation of best practices in order to ensure a consistent delivery of high-quality services and products. McMullin also oversees all graphic design and production as well as technology services and carpet operations.

“I look forward to continuing to advance ESCA’s contributions to the industry while serving with the board and staff as President this year,” McMullin said. “We are a dedicated group that is passionate about the industry and the impact we create for our members.”

IAVM congratulates Neil on this deserved appointment!

By Michelle Riehle-Ludtke

The Los Angeles Convention Center (LACC) and in-house caterer Taste of LA by Levy Restaurants recently repurposed more than 800 meals from two GRAMMY® Week events, hosted by the Recording Academy®, to serve several Los Angeles-based nonprofit organizations.

The LACC Levy team partnered with Musically Fed to donate unused meals from the 2020 MusiCares® Person of the Year benefit gala and the GRAMMY Celebration® to the Los Angeles Mission, The Midnight Mission and Good Shepherd Center for Homeless Women & Children.

“We are thrilled to share the success of this initiative,” said Ellen Schwartz, General Manager, LACC. “As a facility committed to sustainability and community service, Musically Fed was a perfect partner to further our goals to reduce our environmental footprint while serving those in need.”

In the United States alone, nearly 40 percent of food is wasted per year and Musically Fed is working with the music industry to change that. The Phoenix-based nonprofit mobilizes artists, promoters, managers and venues to donate unused meals to local organizations.

“Our goal is to equip artists and their teams to leave each city with a lasting positive impact,” said Maria Brunner, Founder & Director, Musically Fed. “We are grateful to the Recording Academy and Levy for making this tremendous opportunity possible. We hope it serves as an example – and a challenge – for the rest of the music industry to get involved in the fight against hunger.”

Taste of LA by Levy worked alongside Musically Fed to ensure every bit of food was upcycled to local organizations in need after the conclusion of the GRAMMY Week events. This initiative builds on the LACC Levy team’s commitment to waste diversion. Since 2014, the LACC and Levy have worked together to donate 221 tons of food.

“At Levy, we are continuously looking for new ways to repurpose leftover food and create less waste,” said Patrick Smart, General Manager, Taste of LA by Levy, LACC. “Utilizing Musically Fed’s services during GRAMMY Week was a very positive experience and we hope to inspire our peers to join us in making a difference.”

Michelle Riehle-Ludtke is Marketing & Community Relations Specialist at the Los Angeles Convention Center.

Pictured: Musically Fed employees drop off repurposed meals from GRAMMY Celebration® at The Midnight Mission, Los Angeles on January 26, 2020.

By R.V. Baugus

Public assembly venues aren’t the only targets for violent attacks — either from terrorists outside the United States as well as homegrown terrorism. And while security is a staple at public assembly venues along with other recent targets including nightclubs, schools, workplaces, theaters, malls, and more, there is one place where the presence of security might still feel awkward, and that is at faith-based venues.

The most recent involving a significant death toll happened November 5, 2017 in Sutherland Springs, Texas, during a worship service. The shooting left 26 dead and 20 injured at First Baptist Church but was far from the first church shooting in the United States. More than 91 people have been killed in at least 22 church-related shootings since 1999, with at least 8 shooters then killing themselves also, for a total of 99 dead, according to a compilation by AL.com.

Further, in 2017, church security expert Carl Chinn compiled a database of deadly force incidents at faith-based organization in the United States – a deadly force incident being defined as any attack, suicide, suspicious death, or deadly force intervention. His database started in 1999 and covered 1,705 incidents in which 617 victims died, not including suicide victims or shooters killed in action).

With the Religious Conference Management Association (RCMA) in Irving, Texas, for its annual conference and trade show, IAVM Director of Education/Life Safety Mark Herrera presented to a faith-based audience on the topic of “Increasing Observational Capabilities: Exceptional Focus, Performance & Control in Extreme Situations,” at the Irving Convention Center.

Churches, seen seemingly forever as safe havens from danger, sadly are not any longer. To assume so merely enhances the odds of dire consequences at some point.

Herrera pointed out that it is a wrong answer for anyone at a faith-based venue to say that the responsibility for security belongs to an individual carrying that title. The responsibility for ensuring that a house of worship belongs to everyone within its walls.

“If you are exposed to crisis, you better be equipped to help deal with it and help others,” he said to open his session before a room of rapt listeners.

Terrorism existed before 9/11, but it took that tragedy to bring the matter of safety and security into a very clear light and stir organizations into action to protect lives and assets.

“It was an awful incident,” Herrera said about 9/11, “but there really was something good to come out of it. Sixty terrorist plots have failed since 9/11. There are domestic counter-terrorism tools now put into place since 9/11 that have helped stop terrorists from operating on U.S. soil.”

Herrera pointed out the naivete in thinking that all terrorist plots come from abroad. He noted that there have been 60 Islamist inspired plots against the homeland since 9/11, with 49 considered homegrown terror plots.

For churches without a security and safety plan, the consequences could be devastating in terms of injuries to persons, damage to property, loss of revenue, higher insurance premiums, and loss of reputation.

“More people today want to feel secure where they go,” Herrera said.

Technology also plays a role in violent activity, where Herrera said that extremists utilize encrypted messages in social media to plan and plot attacks.

Herrera stressed the importance of taking action, whether that is reporting someone to an authority, or, in an unexpected event of someone opening fire, having a ready plan to act to counter force with force or at the very minimum to have an exit plan that is known in advance. He showed a video where a backpack was intentionally set on a Las Vegas street and was walked around by passersby who seemed oblivious to the backpack or might have noticed it but decided to not do anything about it.

“There are several challenges when it comes to security for congregations,” he said. “They are places of mass gatherings, there could be a lack of emergency action plans and a lack of training for what we call the ‘new norm,’ and a lack of a visible deterrent.”

Herrera offered some valuable tips to attendees to bring a positive conclusion to the session. He noted that the non-verbal risk mitigatory is a strong one whereby 80 percent of communication is non-verbal. He also shared that it is correct to profile behavior and not people.

“Someone does not meet the baseline for the environment that individual is in, then I don’t care whether that person is tall or short, round or thin, don’t care about the color of their skin,” Herrera said. “Someone walks into your church with a backpack and wearing camouflage, that individual raises suspicion.”

SOME FATAL SHOOTINGS THAT HAVE HAPPENED AT U.S. HOUSES OF WORSHIP FROM 2012-2018 (from Associated Press):

Oct. 27, 2018: A gunman believed to have spewed anti-Semitic slurs and rhetoric on social media entered Tree of Life Congregation synagogue in Pittsburgh and opened fire, killing 11 and wounding six, including four police officers.

Nov. 5, 2017: Dressed in black tactical-style gear and armed with an assault weapon, 26-year-old Devin Kelley opened fire at the First Baptist Church of Sutherland Springs, Texas, killing 26 people and wounding about 20 others.

Sept 24, 2017: Emanuel Kidega Samson, 25, was charged with killing a woman and wounding six other people with gunshots at Burnette Chapel Church of Christ in Nashville, Tennessee.

Aug. 13, 2016: Imam Maulana Alauddin Akonjee and his friend Thara Uddin were fatally shot as they left a New York City mosque. Oscar Morel, 35, was charged with second-degree murder.

Aug. 9, 2016: A shooting during a party at a Jersey City, New Jersey, church left 17-year-old Leander Williams dead and two teenage girls wounded. Daequan Jackson, 18, was charged with murder.

April 24, 2016: Mark Storms fatally shot 27-year-old Robert Braxton III during Sunday services in a suburban Philadelphia church. Storms, 46, argued self-defense, but was sentenced to 10 to 20 years in prison for voluntary manslaughter.

Feb. 28, 2016: Rev. William B. Schooler, 70, was fatally shot by his 68-year-old brother inside an office at St. Peter’s Missionary Baptist Church in Dayton, Ohio, as Sunday services were winding down. Daniel Schooler was found guilty of murder and sentenced to 31 years to life in prison.

June 17, 2015: Nine black worshippers including a pastor were killed by Dylann Roof, a 21-year-old white supremacist, after he prayed with them for nearly an hour. The shooting happened at historic Emanuel African Methodist Episcopal Church in downtown Charleston, South Carolina. Roof was convicted of federal hate-crime and obstruction-of-religion charges and sentenced to death.

April 13, 2014: Neo-Nazi and former Ku Klux Klan leader Frazier Miller Jr. fatally shot Dr. William Corporon and his 14-year-old grandson Reat Underwood outside an Overland Park, Kansas, Jewish center as they arrived for a community event. He then drove to a Jewish retirement community where he fatally shot Terry LaManno, who was visiting her mother.

March 31, 2013: A 28-year-old man fatally shot his father during Easter services at the Hiawatha Church of God in Christ in Ashtabula, Ohio. Reshad Riddle then made a rambling statement at the pulpit while yelling about God and Allah, still holding his handgun as panicked worshippers fled the church.

Dec. 2, 2012: Elementary school music teacher Gregory Eldred, 52, shot his ex-wife, Darlene Sitler, while she played the organ during a church service at the First United Presbyterian Church in Coudersport, Pennsylvania.

Oct. 24, 2012: A former facilities maintenance employee at World Changers Church International in College Park, Georgia, opened fire, killing church volunteer Greg McDowell, 39, while he was leading a prayer. Police arrested Floyd Palmer, 51, who was found guilty but mentally ill and sentenced to life in prison.

Aug. 5, 2012: Six members of the Sikh Temple of Wisconsin, in Oak Creek, were fatally shot by a white supremacist, Wade Michael Page. Page was shot by a responding officer and later killed himself.

May 9, 2012: Joseph Lewis Jr., 84, was fatally shot while sitting in a car guarding Victory Way Assembly Church of God in Christ in Detroit, Michigan. Two teenagers, 15-year-old Anthony Williams and 18-year-old Alandre Boone, attacked him while a Bible study took place inside. Police suspected robbery was the motive. Both teenagers were tried and convicted as adults for second-degree murder.

May 3, 2012: A homeless man killed himself after fatally shooting a priest and a church secretary at St. Peter’s Episcopal Church in Ellicott City, Maryland. Police said Douglas Franklin Jones had been turned away from the church food bank about two weeks earlier for visiting every day instead of weekly.

Source: News reports.

Pictured: Jeffrey Perrin, Hyatt Hotel & Resorts, Chicago; Mark Herrera, IAVM; and Tim Litherland, Visit Denver, The Convention & Visitors Bureau

IAVM members should plan to join us this Friday, February 7, at 4 PM EST, for a very important webinar with major stakeholders concerning the Coronavirus outbreak.

Among those participating in the approximate 45-minute webinar include the Center For Disease Control, American Red Cross, US Travel, and Department of Homeland Security.

Joe Bresee, Associate Deputy Incident Manager with the Centers for Disease Control and Prevention (CDC), will speak on Friday’s panel, as will Brad Keiserman representing the American Red Cross, and Tori Barnes, Executive Vice President, Public Affairs & Policy with the U.S. Travel Association.

“This webinar will also be inclusive of other associations involving meeting planners, organizers, and service contractors,” said Mark Herrera, IAVM Director of Education/Life Safety. “All those working within environments involving mass crowds from small to large where all types of events are held will benefit greatly from the webinar.”

The webinar will provide participants an update on the current emerging Coronavirus threat, which has sickened more than 20,000 people and killed almost 500 people in China. Plan to learn about the current travel restriction and precautionary measures to take when traveling. The webinar will also provide insight on how the government, health officials, and American Red Cross are working to prepare for and halt the spread of the Coronavirus.

IAVM looks forward to providing information and resources that can assist members and those from other associations to better prepare for this emerging threat.

CLICK HERE to register for the webinar!