Tag: Attack | Page 179

City Has Opportunity To Learn From Ransomware Attack: Cybersecurity Expert

March 1, 2021/in Internet Security

A cybersecurity expert believes Saint John has an opportunity to learn from the ransomware attack that took down its network last November.

Last week, City Manager John Collin told council that a third-party review found it very unlikely the attack had caused the city to lose any confidential data like personal payment info.

Dominic Vogel is the founder & chief strategist of Cyber SC. He says the city can use their experience with cybercriminals to prepare for the future.

“This affords them the opportunity to build security in right while there are still lots of cities and municipalities that feel ‘oh, we dodged a bullet, but we don’t need to invest in cybersecurity,’” Vogel said. “They’re sort of living in a false world.”

Vogel pointed out that there are never any guarantees that no personal information was lost in a breach, however it is reassuring that a third-party company was consulted and found no evidence of payment information going missing.

The concern now is that the city and residents let its guard down once again.

Vogel says hackers don’t necessarily need payment information to consider an attack successful. Instead, they can use other info to launch future successful phishing attacks.

“(Non-payment) information can be used to craft more believable phishing emails that can be sent to you,” he said. “And if those emails are more believable, you’re more likely to fall victim to that.”

So long as the city remains vigilant, and considers the advice of cybersecurity experts, Vogel believes last November’s attack could prove to be a helpful learning experience.

“What we need to see long-term from the city and this executive, is they don’t have short-term memory and think ‘oh, we survived this. Nothing bad happened, no data was compromised. We’re not going to change our ways.’ I’m very hopeful that they do change their ways.’”

Source…

Saginaw Township schools investigating ransomware attack | News

February 27, 2021/in Internet Security

An investigation is being done about a ransomware attack that happened to Saginaw Township Community Schools.

Saginaw Township Community Schools Superintendent, Bruce Martin knew there might be a problem last Sunday.

“We were starting to get some emails from teachers saying they were having trouble getting into our network,” Martin said.

Turns out the district was the target of a ransomware attack, but Martin said their ability to conduct the business of education wasn’t affected.

“We have a tremendous amount of support from Saginaw Intermediate School District and their tech team, and we were actually able to get everything back online on Monday,” Martin said.

Carl Heiden, President and CEO of Heiden Technology Solutions said these types of attacks are occurring more often.

“About 90 percent of all ransomware attacks, malware, spyware, all those attacks are initiated by a user essentially clicking on a link whether it be in an email or on a website,” Heiden said.

Heiden said the best way to stop the unwanted disruptions is to make sure you always click on a verified link.

“It’s that user education user prevention,” Heiden said. “Essentially if it sounds too good to be true chances are it is.”

Martin said the FBI is investigating what caused the ransomware attack. The district is also trying to determine if any data was compromised.

In the meantime, Martin said the district will review its safeguards to see what can be done to stop these attacks from happening again.

“That’s part of what we’re working on right now and trying to narrow that down and see where our vulnerabilities are because obviously that’s the number one thing we can do to prevent this in the future is to patch up any holes that might be out there,” Martin said.

Source…

Sarasota’s Florida Studio Theatre recovering from ransomware attack

February 25, 2021/in Internet Security

Florida Studio Theatre’s computer systems were shutdown by a ransomware attack that is under investigation by the Sarasota Police Department and other law enforcement agencies.

Florida Studio Theatre was hit by a ransomware attack on its business systems over Valentine’s Day weekend that compromised some internal office files, but Managing Director Rebecca Hopkins said Thursday there is no evidence so far that any patron information or credit card numbers were affected.

The attack happened on Feb. 12 and “basically shut us down. It shut down our network. We reacted immediately to it of course, but it was basically a business interruption,” she said.

Ticket Newsletter:Sign up to receive the latest news on things to do, restaurants and more every Friday

More:FST plans to reopen theaters in March

Theater staff was unable to access some project files until they were recreated in a safer system.

Hopkins said the theater immediately reported the attack to the Sarasota Police Department. Genevieve Judge, SPD public information officer, confirmed the case is under investigation and that police are working with “other local, state and federal law enforcement partners. These are often long and lengthy investigations that can take months.”

Hopkins said the theater coordinated quickly with its own IT staff and an outside IT firm to “pull the plug on our system.”

The hackers blocked the theater’s access to its ticketing system, Tessitura, until files and other systems could be rebuilt. Hopkins said the theater had to be cautious in how it replicated files and programs so the process didn’t compromise the investigation.

“This was a totally random thing. They hit a bunch of businesses. That is what they do. It’s not some angry Sarasotan who is made at us. They don’t know us from Tom,” Hopkins said. “They just managed to get in here. It happens to all kinds of businesses.”

Because of an increase in ransomware cases, Hopkins said the theater had taken out cyber insurance to protect the non-profit operation from potential financial losses.

Hopkins said the theater has been working with a “law firm that specializes in this to make sure we’re doing everything to the letter. They are advising us every step of the way. Our first concern at the organization is that we do exactly what we’re supposed to do.”

If any compromised information is…

Source…

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

February 25, 2021/in Computer Security

Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities.

“The purpose of the attack was the mass contamination of information resources of public authorities, as this system is used for the circulation of documents in most public authorities,” the National Security and Defense Council of Ukraine (NSDC) said in a statement published on Wednesday.

The NSDC’s National Coordination Center for Cybersecurity (NCCC) termed it a supply chain attack aimed at the System of Electronic Interaction of Executive Bodies (SEI EB), which is used to distribute documents to officials.

Calling it a work of threat actors with ties to Russia, the NSDC said the malicious documents came embedded with a macro that, when opened, stealthily downloaded malicious code to control the compromised system remotely.

“The methods and means of carrying out this cyberattack allow to connect it with one of the hacker spy groups from the Russian Federation,” the agency said.

While the NSDC did not take any names, it’s not immediately clear when the attack took place, how long the breach lasted, and if any of the infections were successful.

The development comes two days after the NSDC and NCCC warned of massive distributed denial-of-service (DDoS) attacks singling out websites belonging to the security and defense sector, including that of the NSDC.

“It was revealed that addresses belonging to certain Russian traffic networks were the source of these coordinated attacks,” the NSDC said, while stopping short of directly accusing the country.

The NCCC also stated the “attackers used a new mechanism of cyberattacks” that involved using a previously undocumented strain of malware that was planted on vulnerable Ukrainian government servers, and in the process, coopted the devices into an attacker-controlled botnet.

The infected systems were then used to carry out further DDoS attacks on other Ukrainian sites, the agency said.

Source...

[the_ad_group id="27628"]

Tag Archive for: Attack