Tag: assisting | SpinSafe

NZ spy agency assisting Waikato DHB after cyber attack/ransom demand

May 18, 2021/in Computer Security

Waikato DHB’s IT centre is the target of a major cyber security attack. Video / Waikato DHB

The nation’s spy agency has been scrambled in the aftermath of a crippling cyber attack and ransom demand that has brought Waikato District Health Board services to their knees.

But the DHB is adamant that no ransom will be paid to hackers who have launched a targeted attack on the organisation’s IT services today.

A spokesman for the National Cyber Security Centre (NCSC) – a branch of the Government Communications Security Bureau (GCSB) – told the Herald staff were providing support to Waikato DHB following today’s attack.

The spokesman said the NCSC’s role was to help protect New Zealand organisations of national significance “from advanced, persistent, primarily state-sponsored, cyber security threats”.

The agency did not usually divulge whether it was involved in specific incidents.

“We are very conscious that malicious cyber actors can monitor public commentary on and incident and for this reason, while the investigation and remediation efforts are ongoing, we will not provide additional details regarding its cause or the response to it.”

DHB chief executive Kevin Snee told Stuff “no ransom will be paid” and he did not know who was behind the attack.

Cyber security expert Bruce Armstrong told the Herald he believes it is a ransomware attack on Waikato DHB from Asia or the Middle East, similar to what has hit the Irish health system in recent days.

He believes it is similar in nature to the DDoS attacks that rocked the New Zealand Stock Exchange (NZX) last year and overran its system for days.

“Health organisations are highly prized as targets globally and health industries throughout the world are the most attacked and most expensive type of attacks that happen,” the Darkscope founder said.

“The normal pattern is they will warn the organisation they will do it, and run half an hour DDoS attacks, and if the ransom is not paid they will attack for hours at a time.

“The attack on the NZX played out over three days before they were able to completely stop its effect on their systems.”

He said ransomware attacks are not targeting patient data and the only interest is to get money from…

Source…

Manchester United hack: UK’s cyber security agency assisting the club

November 28, 2020/in Computer Security

The UK’s cyber security agency is assisting Manchester United over a cyber attack earlier this month which has left the football club unable to yet fully restore their computer systems.

The Premier League club confirmed the hacking on November 20 and said it was not “aware of any breach of personal data associated with our fans and customers”.

Source…

MOH, OPP assisting in investigation of suspected ransomware attack at Kingston hospital

November 6, 2020/in Computer Security

Hotel Dieu Hospital, a Kingston Health Sciences Centre (KHSC) site. Photo by Lucas Mulder.

A number of government agencies are assisting in the investigation into a suspected ransomware attack at Kingston Health Sciences Centre, according to the Ministry of Health.

“The Ministry of Health is aware of a potential REvil Ransomware incident at Kingston Health Science Centre. Kingston Health Science Centre is continuing to investigate their systems for signs of REvil ransomware and have brought in a third party to assist with the investigation. No compromised systems have been identified at this time and the investigation remains ongoing,” said Miriam Mohamadi, a spokesperson for the Ministry of Health.

“The Ministry of Health, Ministry of Government and Consumer Services Cyber Security Centre of Excellence, and Ontario Health are monitoring and taking the necessary steps to ensure assets and information are protected.”

The Ontario Provincial Police (OPP) have also been made aware of this issue and are actively investigating, Mohamadi said.

When approached with a number of questions regarding the matter, KHSC did not share many details.

“We have provided the information about the incident at KHSC,” a spokesperson for KHSC said on a phone call in the late afternoon of Friday, Nov. 6, 2020. “We have appropriate protocols in place to safeguard data and ensure ongoing resiliency of our systems.”

For further insight on what REvil Ransomware is and how it works, Kingstonist spoke with David Skillicorn, a Professor at Queen’s University’s School of Computing and Adjunct Professor in the Mathematics and Computer Science department of the Royal Military College. Skillicorn noted that KHSC’s website is up and running again, which poses the question: Did they restore their system while investigating the matter, or do they know what happened?

“Maybe they were just really good at their backups and they got everything back up and running fairly quickly, which is good to see if it’s true,” Skillicorn said.

“Part of the puzzle is: how do they know that they were actually hit unless something was actually taken out.”

Skillicorn described the REvil Ransomware, which is possibly…

Source…

Tag Archive for: assisting