Tag Archive for: americas

America’s Vulnerable Energy Infrastructure Is A Threat To National Security

/in


With news reports of attacks on U.S. power grids rising to an all-time high last year, cyber security and energy infrastructure robustness are being called into question. As well as strengthening energy infrastructure in line with green transition developments and the increased connectivity of renewable energy operations, the U.S. must consider improving its cybersecurity to ensure it is resilient to being hacked, as threats against the grid continue to rise.  A Government Accountability Office (GAO) review conducted in 2019 revealed some of the main challenges to grid security. These included the need to hire a skilled workforce to manage cybersecurity, limiting the sharing of classified information between the public and private sectors, resource limitations, reliance on other critical infrastructure that requires cybersecurity strengthening, and uncertainty about how to best implement cybersecurity standards. Further, the report suggested that although the Department of Energy (DoE) had developed plans “to implement the national cybersecurity strategy for the grid”, these plans “do not fully address risks to the grid’s distribution systems.” For example, the supply chain-related vulnerabilities of distribution are largely overlooked as the DoE focuses on resolving threats to the grid’s production and transmission systems. Related: Energy, Metals Investments To Boom In 2023

Greater digitalisation in recent years has put the grid at higher risk of attack by criminals, terrorists, hacktivists, and foreign governments. The electric grid relies on industrial control systems, which manage electrical processes and physical functions like opening and closing circuit breakers. Since many systems are now using technologies that connect to the internet – to improve remote monitoring, thereby reducing cost and boosting efficiency – this makes them more vulnerable to hacking

The GAO believes the DoE can enhance cybersecurity by focusing on three key tasks: the adoption of a cybersecurity framework, the establishment of risk management programmes, and the implementation of the Federal cybersecurity strategy for the electric grid, which includes the…

Source…

Ransomware attacks on America’s health care systems more than doubled from 2016 to 2021, exposing the personal health information of millions

/in


The annual number of ransomware attacks on health care provider organizations more than doubled from 2016 to 2021, exposing the personal health information of nearly 42 million individuals. A new report from the University of Minnesota School of Public Health (SPH), published in the Journal of the American Medical Association (JAMA) Health Forum, shows that ransomware attacks on healthcare providers are not just increasing in frequency, they are also becoming more severe — exposing larger quantities of personal health information and affecting large organizations with multiple health care facilities.

To conduct the study, researchers created a database called the Tracking Healthcare Ransomware Events and Traits (THREAT), a unique tool that for the first time allows researchers to track the occurrence of ransomware attacks on health care provider organizations.

Ransomware is a type of malicious software that prevents users from accessing their electronic systems and demands a ransom to restore access. While some prominent ransomware attacks on health care delivery organizations have received media attention, there is currently no systematic documentation of the extent and effect of ransomware attacks on our health care system. 

In the first-ever comprehensive analysis of ransomware attacks on U.S. health care providers, researchers documented that between 2016 and 2021:

  • 374 instances of ransomware attacks on health care delivery organizations exposed the personal health information of nearly 42 million individuals. 
  • Ransomware attacks more than doubled on an annual basis, from 43 to 91 per year. 
  • The number of individuals whose personal health information was exposed increased from approximately 1.3 million in 2016 to more than 16.5 million in 2021. 
  • Disruptions in care for patients as a result of ransomware incidents occurred in 166 — or 44% — of attacks.
  • Among health care delivery facilities, clinics were the most frequent targets of ransomware attacks, followed by hospitals, ambulatory surgical centers, mental/behavioral health facilities, dental practices and post-acute care organizations. 

“As health care delivery organizations have…

Source…

INTERPOL Working Group highlights cyber threats across the Americas

/in


Buenos Aires, Argentina – The evolving digital landscape in the Americas has increased the challenges and vulnerabilities regarding cybersecurity. Countries across the region now face cybercrime attacks ranging from Business Email Compromise and online scams to ransomware and money laundering.

Cybercrime Threat

Financially motivated groups have not only targeted organizations across Latin America, primarily with ransomware, but they have also broadened the scope of their operations. In the first half of 2020, Latin America for example recorded the world’s highest cyber-attack rates, with nearly three times more attacks via mobile browsers than the global average.  

For example, Costa Rica became the victim of large-scale ransomware attacks initiated by a group called Conti in April 2022. Starting in the Costa Rican ministry of finance, the cyber-assault ultimately involved 27 different ministries in a series of interlinked attacks. Conti’s action left parts of Costa Rica’s digital infrastructure crippled for months, while at the same time disrupting public healthcare and the pay of some public sector workers.

One of Argentina’s largest internet service providers, Telecom Argentina also suffered a major ransomware attack involving around 18,000 computers in 2020. In this incident, hackers demanded a $7.5 million ransom, while employees were prevented from accessing databases and internal VPNs.

In this context, the 7th INTERPOL Americas Working Group on Cybercrime met from 12-16 September in Buenos Aires, Argentina to assess threats and trends across the region. The meeting brought together over 90 participants from 32 member countries, 4 international organizations and 13 public and private entities.

Group photo of participants at 7th INTERPOL Americas Working Group on Cybercrime.

Opening remarks by Craig Jones, Director of Cybercrime, INTERPOL.

Opening remarks by Juan Carlos Hernandez, Chief of Argentinian Federal Police and Member of INTERPOL Executive Committee.

Source…

Bridgestone Americas Hacked: LockBit Ransomware Gang Claims Responsibility

/in


The LockBit ransomware gang has returned.

Bleeping Computer report mentioned that the ransomware gang recently took responsibility for the cyberattack on Bridgestone Americas, one of the world’s largest tire manufacturers. 

LockBit claims to have stolen data important or sensitive enough to threaten Bridgestone with the leaking of these data. 

What is LockBit?

LockBit is currently one of the most active ransomware gangs that ask for large amounts of money as ransom for stolen information. The ransomware gang previously targeted global IT consultancy Accenture in August 2021, according to a separate Bleeping Computer report.

The ransomware gang uses LockBit, a self-spreading malware that uses tools like Windows Powershell and Server Message Block to spread itself within an organization, per a Kaspersky report. 

Industrial cybersecurity expert Dragos mentioned in its report that the ransomware gang actively targeted companies in the industrial and manufacturing sector in 2021. Dragos’ report also mentioned that the transportation sector and food and beverage sector were the second and third most targeted sectors, respectively. 

Currently, LockBit is threatening Bridgestone with the release of the data it stole in its attack on the tire manufacturer in late February. The ransomware gang also did not mention what data it stole or the amount it was asking to keep the data from being leaked. 

Bridgestone also didn’t mention if the leaking of the stolen data will be detrimental to the company.

What Happened?

The tire manufacturer mentioned that it detected an IT security incident on February 27 and has “proactively notified federal law enforcement” about the incident. Bridgestone has since determined that the incident is the result of a ransomware attack but has no evidence to prove it was a targeted attack. 

The company decided at the time to disconnect many of its manufacturing and retreading facilities in Latin America and North America from its network to “contain and prevent any potential impact…,” per WRDW-TV’s article.

Read Also: Anonymous Continues Hacking of Russia, Targets Streaming Services

The disconnection resulted in the shutting down first…

Source…