Tag Archive for: demand

It’s Time to Demand More from IoT Developers

/in


Distributed Denial-of-Service (DDoS) attacks exploit the very foundation of online connectivity. By taking aim at the foundation of your site’s infrastructure, attackers can cause millions in damages, cutting their victim off from their own online presence. Since 2016, Internet of Things (IoT) devices have rapidly bolstered the ranks of DDoS botnets: now, over half a decade later, the number of online devices continues to increase exponentially. The repercussions of this are ricocheting throughout business and governmental organizations, making DDoS protection a vital part of a modern organization’s defenses.

How DDoS Is A Universal Threat

When you attempt to load a webpage, or access an application, your request travels from your browser, via your network, to the hosting server. This server handles the processing of such a request, identifying and returning the precise page you want to see. This cyclical process of request handling is the foundation of the internet: Google alone oversees the processing of 3.5 billion requests per day.

DDoS attacks aim to disrupt the legitimate traffic that a targeted server, organization or network usually relies on by overwhelming its critical infrastructure. Returning a page requires the server to dedicate a small amount of processing power to that task. Each request may only draw small amounts of power, but this directly scales with the number of users requesting a page. When a victim is targeted by the DDoS’ botnet, each bot is individually weaponized to continuously send requests to the victim’s app or site. This sudden influx of requests places incredible strain upon the supporting servers; it’s also impossible to simply block the flood of incoming IP addresses, thanks to the fact that each device looks identical to a legitimate user.

In the days of on-prem server stacks, DDoS attacks could easily wipe out an organization’s online presence: the processing power would exceed the server’s capacity, and simply make the site unavailable for legitimate users. Now, however, cloud computing has unshackled small businesses from local servers. The scalability of cloud-based server providers may mean that your…

Source…

Los Angeles Unified School District Hackers Demand Ransom

/in


(TNS) — The hackers who targeted the Los Angeles Unified School District have made a ransom demand, officials confirmed Tuesday, an indication that the attackers have extracted sensitive data or believe they can bluff the district into thinking that they have.

“We can confirm that there was a demand made,” L.A. schools Supt. Alberto Carvalho said. “There has been no response to the demand.”

Carvalho declined to disclose the amount of the ransom demand or any further information about what information, if any, the attackers may be holding.


He said that there have been “no new security breaches” and that the school system is continuing “our ramping up of apps and systems.”

Officials said they are optimistic that Social Security numbers and other sensitive information of employees remain secure. But the outlook could be different related to student information, such as grades, course schedules, disciplinary records and disability status. The district does not collect Social Security numbers for students and parents.

Earlier Carvalho disclosed that the attackers extended their deadline for entering into negotiations without specifically mentioning a ransom amount. The district, Carvalho added, is following the advice of experts and law enforcement, which includes the FBI as well as the Los Angeles Police Department.

In a related development, federal officials on Friday announced a new major grant program to help public agencies better secure themselves from cyber attack.

The demand for money was widely anticipated in the wake of the cyber attack, which was discovered in progress on the night of Sept. 3, the Saturday of Labor Day weekend.

Hackers will typically threaten to post sensitive data online if they are not paid, but it can be difficult to determine what they’ve obtained, and they might be lying.

In general, such payments are a bad idea, said Clifford Neuman, director of USC’s Center for Computer Systems Security.

“It is important for any organization impacted by ransomware to understand that even if they pay a ransom demand, they will still incur significant IT expense and delays to repair the system,” Neuman said….

Source…

Paralysed French hospital fights cyber attack as hackers lower ransom demand

/in


Issued on:

A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.

The GIGN elite tactical force of the French gendarmerie is involved in negotiating with the hackers who targetted the Corbeille-Essonnes hospital 10 days ago.

The attack has blocked access to all medical imaging storage and patient admissions systems.

GIGN negotiators, who usually work on counter-terrorism and hostage release operations, have been communicating with the attackers via the Protonmail secure email service.

According to the Parisien newspaper, they have managed to talk down the ransom from $10 million to $1 million.

France won’t pay

Even if the ransom has been negotiated down, the hospital will not pay.

“Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established,” the president of the board of the hospital, Medhy Zeghouf, told Le Parisien.

But the negotiations buy time for investigators who are trying to locate the attackers and regain access to the data.

The attack appears to be the work of the Lockbit group of Russian-speaking hackers, who have been behind several similar cyber attacks elsewhere in the world, notably in the United States, where private clinics are more likely to pay ransoms than hospitals in France.

Back to analogue

The hospital, meanwhile, continues to function, but at half capacity. Some 500 patients, including 13 children, have been transferred to other institutions.

Those patients left are being treated by doctors forced to communicate with pre-digital tools.

As digital security experts work to create a secure digital bubble around the hospital, staff have been prohibited from plugging in their computers.

Those most affected are the imaging services and the blood work laboratory, which have had to resort to burning data onto DVDs to share information.

And it takes five times as…

Source…

Hackers demand $10 million from Paris hospital after ransomware attack

/in


Malicious hackers are demanding $10 million from a French hospital they hit with ransomware last weekend.

The Hospital Center Sud Francilien (CHSF) in Corbeil-Essonnes, south-east of Paris, was struck late on Saturday night, causing major disruption to health services.

The following morning, CHSF announced that it had initiated an emergency “white plan” after the attack made it impossible for the hospital to access its business software, storage systems (including medical imaging), and information systems related to patient admissions.

In the absence of working computer systems, medical staff are resorting to the use of pen and paper with the inevitable disruption that can cause.

Patients requiring treatment are being referred to other hospitals in the area when appropriate, and major surgical procedures have been postponed.

The National Cybersecurity Agency of France (ANSSI) has been informed of the incident, and is assisting in the investigation.

Although not yet confirmed officially by the hospital, security experts believe that CHSF has been hit by a strain of the Ragnar Locker ransomware – which has also claimed the scalp of DESFA, one of Greece’s major natural gas operators, in recent days.

Attacks by the Ragnar Locker ransomware group have become notorious for their technique of not just demanding payment from their victims for a decryption key to recover their files, but also by threatening to release stolen data to the public, or sell it to other cybercriminals.

That certainly would be bad news if true in the case of this latest in a long line of ransomware attacks against French hospitals.

For now, it’s not known whether the hospital is prepared to enter negotiations with its attackers or not, and it is unclear whether it has definitively ruled out the possibility of paying the ransom.

Currently all the hospital has said is that the attack has not impacted the operation and security of the hospital building itself, and all of its networks remain operational.

With luck, sensitive medical information about the hospital’s patients has not fallen into the hands of cybercriminals.

In an update posted on its official Twitter account CHSF thanked its staff and hospital workers for their…

Source…