Tag Archive for: Cities

Payment card thieves hack Click2Gov bill paying portals in 8 cities

/in
Payment card thieves hack Click2Gov bill paying portals in 8 cities

Enlarge (credit: Mighty Travels / Flickr)

In 2017 and 2018, hackers compromised systems running the Click2Gov self-service bill-payment portal in dozens of cities across the United States, a feat that compromised 300,000 payment cards and generated nearly $ 2 million of revenue. Now, Click2Gov systems have been hit by a second wave of attacks that’s dumping tens of thousands of records onto the Dark Web, researchers said on Thursday.

The new round of attacks began in August and have so far hit systems in eight cities, six of which were compromised in the previous episode, researchers with security firm Gemini Advisory said in a post. Many of the hacked portals were running fully up-to-date systems, which raises questions about precisely how the attackers were able to breach them. Click2Gov is used by utilities, municipalities, and community-development organizations to pay bills and parking tickets as well as make other kinds of transactions.

“The second wave of Click2Gov breaches indicates that despite patched systems, the portal remains vulnerable,” Gemini Advisory researchers Stas Alforov and Christopher Thomas wrote. “It is thus incumbent upon organizations to regularly monitor their systems for potential compromises in addition to keeping up to date on patches.

Read 6 remaining paragraphs | Comments

Biz & IT – Ars Technica

Smashing Security #142: Mercedes secret sensors, smart cities, and ransomware runs riot

/in

Darknet Diaries host Jack Rhysider joins us to discuss how cities in Texas are being hit by a wave of ransomware, how Mercedes Benz has installed a tracker in your car (but not for the reason you think), the security threats impacting smart cities, and a new feature coming to your Facebook app.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.

Graham Cluley

While one Texas county shook off ransomware, small cities took full punch

/in
They did.

Enlarge / They did. (credit: Hemera Technologies/Getty Images)

Few details have emerged about the coordinated ransomware attack that struck 22 local governments in Texas last week. But five local governments affected by the attack have been identified.

On August 20, the Texas Department of Information Resources revised its initial report that 23 “entities” had been affected by the ransomware attack, reducing that count by 1. And a Texas DIR spokesperson said in a statement that about a quarter of the local governments affected have been able to at least partially restore normal operations.

That includes Lubbock County, which apparently escaped major disruptions. Lubbock County judge Curtis Parrish told Magic 106.5 Radio that the county’s IT department “was right on top of it… they were able to get that virus isolated, contained and dealt with in a very quick manner so it did not affect any other computers or computer systems here in Lubbock County.”

Read 7 remaining paragraphs | Comments

Biz & IT – Ars Technica

$1.1 million in two weeks – Florida cities pay out big to ransomware gangs

/in

Cybercriminals have learnt something very valuable in the last couple of weeks: in order to regain access to their data, cities in Florida are prepared to pay out huge Bitcoin ransoms to hackers.

Read more in my article on the Tripwire State of Security blog.

Graham Cluley