Tag Archive for: Attempt

South Staffordshire Water says it was target of cyber attack as criminals bungle extortion attempt | Science & Tech News

/in


South Staffordshire Water “has been the target of a criminal cyber attack”, the company has confirmed.

In a statement, it stressed it was “still supplying safe water to all of our Cambridge Water and South Staffs Water customers”.

“This is thanks to the robust systems and controls over water supply and quality we have in place at all times as well as the quick work of our teams to respond to this incident and implement the additional measures we have put in place on a precautionary basis.”

The statement was released after a ransomware group known as Cl0p claimed to have hacked a different water company’s networks.

Using its darknet site as part of a bungled cyber-extortion effort, the group posted what appeared to be stolen identification documents.

It is not clear how the criminals managed to misidentify the victim company.

Alongside releasing files, the group criticised the company’s security and suggested that other hackers could break into the network and cause significant damage.

Cl0p typically encrypts the files on victims’ computer networks to make the IT systems unusable unless those victims make an extortion payment, often stretching into the millions of dollars.

In this instance, Cl0p claims to have decided not to encrypt the company’s files. Instead it is demanding an extortion payment to prevent the release of the stolen data, and to explain how it managed to break in to the network.

The group claims to be able to access the company’s SCADA (supervisory control and data acquisition) systems which are the software used to manage industrial processes, such as those at water treatment facilities.

In another unverified claim which is disputed by South Staffs Water, the extortionists state: “It would be easy to change chemical composition for their water but it is important to note we are not interested in causing harm to people.”

Sophisticated systems

Most water companies have sophisticated systems in place to ensure the quality of their water, including several checks and balances which are resilient against individual subsystem failures.

Ransomware groups often over-state their access into victims’ networks for the sake of extortion, expecting that their…

Source…

FBI Investigating Hacker Attempt To Poison Bay Area Water: Report

/in




The NBC report marked the first time this hack was brought to light.

© Shutterstock
The NBC report marked the first time this hack was brought to light.

BAY AREA, CA — The Federal Bureau of Investigation is looking into a hacker’s attempt to poison an unnamed San Francisco Bay Area water treatment plant in January, NBC News reported.

The hacker knew the username and password of a former employee’s TeamViewer account, which allowed them to remotely obtain access to the plant’s computers, NBC reported. The hacker deleted computer programs used to treat drinking water.

The plant discovered it had been hacked the next day, then reinstalled the water treatment programs and changed its passwords, NBC reported. There were no reports of anyone being sickened by the water.

Loading...

Load Error

NBC’s report marked the first time this incident was made public. The news agency said it reviewed a February report from the Northern California Regional Intelligence Center.

The method used in this attack is the same as one reported in February, when an Oldsmar, Florida water plant operator watched as his computer mouse moved around his screen and opened programs, eventually raising the levels of sodium hydroxide, or lye, by more than 100 fold to a level that could cause illness and corrode pipes, The Washington Post reported. The hacker also used TeamViewer to gain access to the employee’s screen.

Fortunately, the employee quickly reversed the lye levels and water quality was not significantly impacted, The Post reported. Nobody was sickened.

The U.S. Cybersecurity and Infrastructure Security Agency and National Security Agency recommended in July 2020 that operators of critical infrastructure take immediate action to safeguard against “foreign powers attempting to do harm to U.S. interests or retaliate for perceived U.S. aggression.”

These vulnerabilities have become increasingly apparent as more companies shift to remote operations and monitoring, outsource operations, and seek to accommodate a decentralized workforce, the agencies wrote.

Read more from NBC Bay Area and The Washington Post.

Continue Reading

Source…

Latest Russian hack attempt largely fended off by US agencies, White House says

/in


Ransomware attacks, explained

Ransomware is an ever-evolving form of malware that scrambles a victim organization’s data with encryption, then criminals demand a ransom in exchange for software decryption keys.

WASHINGTONThe White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month’s planned presidential summit.

Officials downplayed the cyber assault as “basic phishing” in which hackers used malware-laden emails to target the computer systems of U.S. and foreign government agencies, think tanks and humanitarian groups. Microsoft, which disclosed the effort late Thursday, said it believed most of the emails were blocked by automated systems that marked them as spam.

As of Friday afternoon, the company said it was “not seeing evidence of any significant number of compromised organizations at this time.”

Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter.

Computer hacker

FILE – Computer hacker point-of-view.

RELATED: US pipeline operators ordered to increase cyber defenses after ransomware attack

“I don’t think it’ll create a new point of tension because the point of tension is already so big,” said James Lewis, a senior vice president at the Center for Strategic and International Studies. “This clearly has to be on the summit agenda. The president has to lay down some markers” to make clear “that the days when you people could do whatever you want are over.”

The summit comes amid simmering tensions driven in part by election interference by Moscow and by a massive breach of U.S. government agencies and private corporations by Russian elite cyber spies who infected the software supply chain with malicious code. The U.S. responded with sanctions last month, prompting the Kremlin to warn of retribution.

Source…

St. Anthony to upgrade city cybersecurity after hacking attempt | Local News

/in


The City of St. Anthony will be upgrading its email and computer system threat protection after an unsuccessful hacking attempt that occurred last month.

“They were knocking at our door,” said City Clerk Patty Parkinson. “They were there trying to get in.”

During the city council meeting on April 22, Parkinson announced to the council that she got a call from the FBIa informing her that hackers were trying to gain access to the city’s online system.

“At first when I got the call I was like ‘yeah right, whoever you are —Mr. FBI’,” Parkinson said. “Here we are in little St. Anthony, Idaho but the thing that’s happening is they’re getting people. That’s how they make their money and they’re busy.”

Ransomware is a type of malicious software or malware, used by hackers, that prevents an individual, agency or business from accessing computer files, systems or networks, according to the FBI. Hackers then demand a ransom for the return of access.

In 2019, the city of Riviera Beach, Florida, paid nearly $600,000 in ransom to hackers who took control of the city’s computer system.

The city has had hackers attack its website before. Parkinson said she once got a call from an anonymous hacker that wanted a ransom payment to give back control to the city’s website in 2016. She did not give in to the ransom and told the hackers the city would handle its business physically, informing them that they could have the website.

Little did the hackers know they had taken control of the website for St. Anthony, Idaho when they were trying to take over the website for St. Anthony, Minnesota, she said.

“I finally drove down to them that we weren’t St. Anthony, Minnesota. The next day everything was fine, up and running. Didn’t cost us a dollar,” Parkinson said.

The hackers were angry at a St. Anthony, Minnesota police officer who shot a black man at a traffic stop and wanted to retaliate against the city and its police department by taking control of the city’s website, Parkinson said. The officer was charged with second-degree manslaughter but was found to be not guilty.

“After that, I walked into…

Source…