Tag Archive for: Attack

Progress being made in Covington cyber attack

/in


COVINGTON, La. — Some progress has been made after the City of Covington’s computer system was hijack by hackers late last week. 

However, it could still be weeks before everything is fully operational.

“We should expect a ransom note in order to get our information back to us, they have not done that as of yet, so we don’t know how much they’re asking,” Mayor Mark Johnson said.

City of Covington officials aren’t waiting though. In fact, for six days straight and counting, a team of experts has been working to get things up and running.

“Something called the Cyber Security Alliance, a state consortium consisting of the State Homeland Security Cyber Experts, Louisiana State Police and New Orleans Field Office of the Secret Service were all in Covington City Hall within 240 minutes dissecting our equipment,” Johnson said.

So, here’s what they do know. According to Johnson, the City of Covington’s computer systems were hacked last Wednesday night.

“The bad guys found a way to go through Microsoft Outlook Email, that was their loophole,” he said.

Police, fire, public works and other city employees were all locked out of their computers. It also shut down their phone system, which is still down. Now about a week later, some employees are back online, while other departments are having to improvise.

“Public works is fully functional, cultural arts and events, parks and recreation, building permits, everyone now is operating,” Johnson said. “Utility Billing was severely hampered because most of what they do is on the computer. Now, they’re using another method where they write it down on paper when you pay your bill….

Source…

Ransomware attack forces college to tell students to stay at home • Graham Cluley

/in


A UK college says it has closed its campus buildings for one week, and advised students that all lessons and lectures will be taking place online, following a ransomware attack.

South & City College in Birmingham, which has over 20,000 students aged 14 and over, says that it suffered a “major ransomware attack” that has disabled many of its core IT systems.

As a result, yesterday the college informed students it was shutting its eight sites, and reverting to online teaching while IT specialists attempt to recover systems.

Sign up to our newsletter
Security news, advice, and tips.

The news will cause further upheaval to college students, who only returned to face-to-face tuition last week, following an extended lockdown in the UK caused by the Coronavirus pandemic.

South & City College says it became aware of the attack on Saturday 13 March, and asked students to study from home:

“Our campus buildings will therefore be CLOSED TO STUDENTS for a week from Monday 15 March to allow our IT specialists to fix the issue.

“On Monday, March 15 we will revert to online teaching for the rest of the week for all areas. We are therefore asking you to access your online lessons from Monday, as you did during lockdown.

“There may be some disruption during this time and we ask that you please bear with us and contact your tutor you have any problems.

“Thank you for your cooperation and patience during this time. Keep an eye on our social channels for any updates.”

Details of precisely which strain of ransomware has infected the college have not been made public.

The college says it has reported the incident to the Joint Information Systems Committee (JISC) Security Response Team, Action Fraud, Information Commissioners Office (ICO), the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC).

Last September, the NCSC, in co-ordination with JISC, issued an alert and guidance for colleges and universities following a series of ransomware attacks.

Clearly that advice wasn’t good enough to prevent South & City College Birmingham from falling foul of ransomware.

Ransomware victims in the UK education sector have included Dundee and…

Source…

Ransomware Attack Should Have Been Anticipated

/in


(TNS) — Buffalo Public Schools leaders were taken by surprise by the ransomware attack on the district’s network Friday. But they shouldn’t have been.

Cybercriminals are particularly fond of targeting government agencies and school districts, which are generally less likely to devote the financial resources necessary to guard against attacks, according to cybersecurity experts.

“It’s very common for schools to be targeted,” said  Holly Hubert , founder of Amherst-based GlobalSecurityIQ.

According to the K-12 Cybersecurity Resource Center, nearly 350 cyberattacks on school districts or educational agencies were publicly reported in 2019, three times more incidents than the year before. But that figure has been rising over the past year.

Close to home, the Victor Central School District near Rochester was down for a week early last month due to a ransomware attack.

Not only are school districts less likely to hire cybersecurity experts or invest in the outside services needed to prevent ransomware and other cybersecurity attacks, experts said, but school districts have become even more vulnerable because they’ve had to fast-track new remote learning models due to the coronavirus pandemic.

“They were trying to do the best they could to keep things moving, but obviously if you move too quick, you’re going to leave vulnerabilities that people can take advantage of,” said  Kyle Cavalieri , president of the Buffalo-based  Avalon Cyber , which has offices in multiple states.

He referenced information from the FBI and Department of Homeland Security stating that more than half of reported ransomware attacks on state and local governments and schools in August and September involved schools, which keep valuable, confidential information and are less likely to have top-level cybersecurity.

“They’re kind of low-hanging…

Source…

Buffalo Public Schools working to resolve ransomware attack

/in


The school district posted on Twitter Saturday morning saying it’s working with “technology industry experts and law authorities to resolve the ransomware event.”

BUFFALO, N.Y. — The Buffalo Public School District says it’s still working to resolve problems connected to a ransomware attack on its computer system Friday.

The school district posted on Twitter Saturday morning saying it’s working with “technology industry experts and law authorities to resolve the ransomware event.” 

The Buffalo Public School District went on to say that it continues to work on protecting its information systems and will provide updates as “progress is made toward Monday’s school day.”

Superintendent Dr. Kriner Cash told reporters Friday that if the situation is not resolved over the weekend school may be canceled next week. All remote instruction was cancelled Friday as a result of the ransomware event. 

According to Cash, the school district approved a $40,000 emergency contract with Grey Castle for a cyber security investigation. The FBI is also assisting the district.

School officials say no demands have been made at this time; however, they say the FBI believes the ransom may be between $100,000 to $300,000 and could be negotiable.

“This could have a significant impact on our operations going forward into next week,” Cash said. “We are hoping that we can solve this issue this weekend. We will be bringing the consultant on site and getting to work right away, but it may take time, and we just don’t know until we know exactly the depth and the breadth of the problem.”


Source…