Tag: authority | Page 3

Pakistan Telecom Authority asked to suspend mobile phone services in Islamabad as security measure for OIC meeting | Indiablooms

December 19, 2021/in Mobile Security

Islamabad/IBNS: The Pakistan Telecommunication Authority (PTA) has been directed to suspend cellular services in certain areas of Islamabad city ahead of the Organisation of Islamic Cooperation (OIC) conference from Dec 17 to 19, according to media reports.

Moreover, the capital administration on the recommendation of the Foreign Office may announce a local holiday on Monday (Dec 20), reports Dawn News.

The interior ministry has asked the PTA to suspend mobile phone service and it is likely that the service will be suspended around routes the delegates will be using and adjacent to areas where they will be staying, the newspaper reported.

The Red Zone will remain sealed as a security measure for the conference.

Officials of the local administration and police told Dawn News that the Red Zone will be sealed for foolproof security of visiting delegates from 62-member states of the OIC.

Well-equipped policemen along with personnel of paramilitary troops and army are being deployed to the entry points of the Red Zone, they added.

Source…

Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority • The Register

June 16, 2021/in Internet Security

An organisation whose network was infected by Ryuk ransomware has spent $8.1m over seven months recovering from it – and that’s still not the end of it, according to US news reports.

The sum, spent by Baltimore County Public Schools, will doubtless raise some eyebrows and the public breakdown of the costs will be eye-opening for the infosec industry and potential corporate ransomware victims alike.

A spreadsheet obtained by Fox 45 News Baltimore, a TV station, revealed the $8.1m spending and also broke it down into individual line items.

NEW:

We’re learning more about the price tag of ongoing recovery from the ransomware attack on @BaltCoPS in November.

BCPS provided this line-by-line breakdown of costs — now totaling more than $8.1 million dollars.@FOXBaltimore pic.twitter.com/07Lp7D4laQ

— Amy Simpson (@AmySimpsonTV) June 15, 2021

Of the full sum, $2m alone was spent on “ERP cloud transition and recovery” with provider CGI. A Dell (VMware) Carbon Black cloud-based endpoint security licence for one year of Windows protection came in at $699,298, while $606,648 was spent on device monitoring and tracking.

Just $2m of the $8m spend was covered by insurance, the spreadsheet showed, also noting $11,500 in ransomware negotiation costs. There was no line item explaining whether a ransom was paid or if so, how much it was.

As we reported when it first happened, the BCPS network was infected by Ryuk ransomware in November last year. 115,000 children were unable to access remote classes (being held online due to the pandemic) and were cut off from school for a week while administrators rebuilt critical systems.

The attention of news outlets moved on after a few days (possibly a result of BCPS’ $50,000 spend with FTI Consulting on PR advice), but the enduring tech and financial damage is still being felt months later.

Infosec firm Sophos said in April that the average cost of getting over a ransomware attack is $2m, a sum that “has more than doubled in a year”. Last year French-headquartered IT outsourcer Sopra Steria said a Ryuk attack was set to cost it between 40 and 50 million euros after “a previously…

Source…

Steamship Authority continues to deal with ransomware hack, Maura Healey sounds alarm on cyberattacks

June 9, 2021/in Computer Security

A ransomware attack continues to make rough seas for the largest ferry service to Nantucket and Martha’s Vineyard, which is still experiencing disrupted operations nearly a week after it’s systems were torpedoed by unknown actors.

While the Steamship Authority’s online booking system remained down Tuesday, the Authority announced that people can now make or change reservations by calling its Mashpee Reservation Office.

“The Steamship Authority is continuing to work with our team internally, as well as with local, state, and federal officials externally, to address the June 2, 2021, ransomware incident,” the Authority said in a statement. “Our investigation into this incident is ongoing, and with the assistance of third-party cybersecurity and forensic investigators we are working to determine the full nature and scope of the event.”

“Scheduled trips to and from the islands continue to operate safely as scheduled, although some delays in the ticketing process may occur,” the Authority said.

Although some credit card access is now available at terminals and parking lots, the Authority is still recommending that people bring cash to speed up the ticketing process.

In the wake of the local hack, Massachusetts Attorney General Maura Healey on Tuesday urged Bay State businesses and government agencies — including law enforcement — to immediately assess their existing data security practices, and take appropriate steps to upgrade security measures.

“Leaders from the public and private sectors have an important and critical responsibility to public safety and welfare to protect against these threats,” Healey said. “We strongly encourage all Massachusetts businesses and government organizations to take the appropriate steps to strengthen data security and ensure its computer networks are secure as required by law.

“Our office will work with federal law enforcement partners to identify and hold the criminals responsible for these ransomware attacks accountable,” she added.

A recent attack on JPS SA — a Brazilian company known as the world’s largest meat processing company — led to production shutdowns and lost profits and wages.

Last month, a…

Source…

SolarWinds CEO gives chief security officer authority and air cover to make software security a priority

March 26, 2021/in Computer Security

New leader is also making changes to the software development process to make it harder for attackers to find vulnerabilities.

SolarWinds CEO Sudhakar Ramakrishna is making changes at the board level and in daily operations to change the company’s security mindset. The company launched a Secure by Design initiative in response to the recent cybersecurity attack. This project is designed to build security into the design phase of software development and to make security an ongoing instead of an after-the-fact priority.

During a panel discussion about cybersecurity, Ramakrishna said he used his experience as an engineer and a manager to shape the company’s response to the attack. He created a cybersecurity committee for the board that includes him and two sitting board members. He also said that he has given the company’s chief security officer the power to stop any software release if necessary to address security concerns.

“We’re providing independence, confidence and air cover to build a level of comfort and create a seat at the table,” he said.

He said companies have to raise the profile of security officers to the board level to illustrate the importance of the role to the entire company.

“Otherwise it just becomes a cost line item in the P&L,” he said.

Ramakrishna described his plan for changing the company’s security culture during a “Big Breaches” panel discussion with the authors of a new book and several industry security experts.

In a discussion about how to reduce the frequency of these attacks, Jimmy Sanders, head of security for Netflix and ISSA International Board of Directors, said that the industry needs to adopt a different approach to security, one that requires bad actors to succeed with an attack multiple times to gain access instead of just once.

SEE: Identity theft protection policy (TechRepublic Premium)

Ramakrishna said his company is experimenting with an approach like this. The…

Source…

Tag Archive for: authority