Tag Archive for: Chatham

Yet another computer hack | Chatham Daily News

/in


It seems that hardly a day passes that we do not read about another computer hack of a company with a large database of information, exposing the personal information of millions of customers.

The latest in this sad parade of perfidy is a data breach at T-Mobile affecting almost 50 million people. T-Mobile is a leader in 5G wireless communication and has more than 100 million customers.

The breach involved details of customers and prospective customers who had applied for credit. It included names, birthdates and social security and driver licence numbers — all the information needed to spoof someone’s identity.

And It gets worse. About 850,000 customers also had their personal identification numbers stolen.

In a statement, T-Mobile said: “Customers trust us with their private information and we safeguard it with the utmost concern. A recent cybersecurity incident put some of that data in harm’s way, and we apologize for that. We take this very seriously, and we strive for transparency in the status of our investigation and what we’re doing to help protect you.”

Nice words but this is at least the fourth security breach at T-Mobile.

Security breaches happen all the time. Consider: Yahoo, three billion accounts compromised; Alibaba, 1.1 billion pieces of user data exposed; Linkedin, 700 million users compromised; Facebook, 533 million users compromised; Marriott International,500 million users compromised. The list goes on and on.

The most prevalent reason for breaches is that companies do not take adequate care with their customer’s data.

The worst part is that people who trusted these companies with their data are now faced with potential identity theft, changing PINs, replacing debit and credit cards and anxiously waiting to see if they have been compromised.

The companies say sorry and sometimes pay a fine, but life goes on until the next security breach.

There is no excuse for multiple security breaches at large companies.

Sure, software is complicated and you cannot always be aware of bugs in a program until a breach occurs. But there are things that can be done to minimize the odds of suffering a breach and also…

Source…

Ransomware cyber attack hit Chatham County’s network hard; data stolen

/in


Pittsboro, NC – Chatham County Manager Dan LaMontagne presented an update regarding the October 2020 cyber attack to the Chatham County Board of Commissioners at its regular meeting on February 15, 2021. The following details are included in LaMontagne’s report.

Hacker

The Incident
On October 28, 2020, Chatham County Management and Information Systems (MIS) staff identified a ransomware attack against the County network that resulted in the encryption of much of its network infrastructure and associated business systems. MIS staff quickly isolated the affected systems by stopping communication across the county network and externally. Staff immediately reported the crime to the Chatham County Sheriff’s Office as well as enlisted assistance from other local and state agencies with specialized ransomware experience.

Forensic analysis revealed that ransomware entered the County network through a phishing email with a malicious attachment. The threat actor, identified as DoppelPaymer, acquired data from a limited number of County systems although the data that was acquired could not be specifically determined.

DoppelPaymer’s infection routine (image courtesy of Trend Micro)

Like many modern ransomware families, DoppelPaymer’s ransom demands for file decryption are sizeable, ranging anywhere from US$25,000 to US$1.2 million. Starting in February 2020, the malicious actors behind DoppelPaymer launched a data leak site. They then threaten victims with the publication of their stolen files on the data leak site as part of the ransomware’s extortion scheme.

The Impact
As a result of the cyber attack, the county lost the use of its computers, internet access, office phones and voicemail. The county acquired loaner laptops from other counties, towns and Chatham County Emergency Management.

“Securing these critical resources did not result in additional expenses being incurred by the County and were instrumental in the process of getting us back on our feet as quickly as possible,” said LaMontagne.

Emergency Management was able to provide temporary internet access points and phones. Staff set up temporary email addresses for internal communication and access…

Source…

Chatham County, N.C., Systems ‘Inoperable’ After Cyberattack

/in


(TNS) — An unidentified “cyber incident” breached Chatham County’s communication systems Wednesday, County Manager Dan LaMontagne said.

The attack rendered the government’s network, email and phone lines “inoperable for an undetermined amount of time,” LaMontagne said in an email to The News & Observer.

“We are working with law enforcement and support agencies so we can recover from this incident as soon as possible. Our priority is to restore our systems in a secure manner and maintain the provision of critical services,” he said.

The incident did not affect the county’s early voting or 911 communications, he said.

When asked for details about what happened and how the system was breached, public information officer Kara Dudley said the county is “still evaluating the impact.”

Chatham County has not identified who was behind the incident.

“Departments are developing plans to deliver non-critical services. We will provide updates as they become available,” Dudley said in an email.

Fears of foreign influence

A recent Elon University poll of 1,259 North Carolina voters found “more than 40% have little to no confidence that the election’s outcome will escape the influence of foreign governments,” according to a news release.

The Russian government has led cyber attacks on state and local governments across the United States in the days leading up the Nov. 3 election, Politico reported Oct. 22.

Cyber security across the Triangle

The city of Durham and Durham County suffered a malware attack in March, The N&O has reported.

The virus was a type of ransomware, called Ryuk, known to attack local governments and demand large payments in return.

Since March’s malware attack, Durham County has made changes to its computer and security system, chief information officer Greg Marrow told county leaders Oct. 12.

The county implemented a two-factor authentication process for…

Source…