Tag Archive for: face

Indiana companies face million-dollar decisions as ransomware attacks spike | News

/in


FRANKLIN – In October 2021, Johnson Memorial Health went dark.

A cyberattack had infiltrated the health system’s networks and claimed to possess large amounts of patients’ personal information. The ransomware group was demanding a $3 million Bitcoin payment.

Rather than oblige, hospital administrators decided to go offline to determine the extent of the breach and prevent losing any more data, explained Dave Dunkle, president and CEO of the network.

Soon, hosptial staff were operating in the digital dark age, using paper forms to document all their procedures. Couriers scurried between departments hand-delivering blood-draw orders. With monitoring equipment down, more nurses were called in to the critical-care unit to physically observe each patient.

“It was rough,” Dunkle said. “It was very rough.”

The ransomware group never got paid, but the attack still cost the healthcare system millions of dollars to deal with the fallout. More than two years later, the hospital still hasn’t recovered financially.

“You don’t get that lost business back,” he said. “With margins being so slim for community hospitals like ours, we’re still suffering from the lost income during the attack.”

‘PAIN POINT’

Johnson Memorial Health is just one of thousands of Indiana businesses and organizations struggling to rebound after being targeted by a malware or ransomware scheme.

In recent years, the amount of money lost due to internet crimes has skyrocketed across the state. In 2019, Hoosier victims reported losing over $24 million. Last year, that number more than tripled to $73.5 million, according to data from the most recent FBI Internet Crime Report.

That’s despite the fact the number of reported cybercrime victims in Indiana actually declined by around 1,000 since 2020, when nearly 12,800 fell prey to an attack.

During the first six months of this year, insurance claims for ransomware attacks increased nationally by 27% compared to the second half of 2022, according to Coalition, a company that sells cyber…

Source…

Cumberland County and Hoke County Registers of Deeds face ransomware

/in


The Cumberland County Register of Deeds’ online records were temporarily offline Thursday after ransomware infected one of the servers this week, Register of Deeds J. Lee Warren Jr. said.

The ransomware was discovered Wednesday afternoon on a server hosted in Greensboro, Warren said. Only one server was impacted, and no data was lost or compromised, he said.

“We’ve disabled that server, and we’re rebuilding that server and we’re rebuilding our website,” Warren said. “The images are on a separate server, and they weren’t affected.”

The attack also disabled Hoke County’s Register of Deeds website, Register of Deeds Elaine Brayboy said Thursday.

“Our documents were not in any way compromised,” she said. “We should be back up and going no later than Saturday.”

The online search function for the Cumberland County Register of Deeds is temporarily down after a ransomware attack, Register of Deeds J. Lee Warren Jr. said Thursday.

Warren said his office is working with the North Carolina Local Government Information Systems Association’s IT Strike Team and the North Carolina National Guard, members of the four-part North Carolina Joint Cybersecurity Task Force.

The North Carolina Department of Information Technology and North Carolina Emergency Management also belong to the task force, according to NCDIT spokesperson Nicole Meister.

Source…

The Evolving Face of Cybersecurity

/in


Without an incident response plan, it can take a business an average of 71 days to recover. A business with a plan might recover in 20 days.

Without an incident response plan, it can take a business an average of 71 days to recover. A business with a plan might recover in 20 days. That’s a difference of 51 days during which business is compromised, if not suspended. “What’s your loss of revenue?” asked Connery.

And, a cyber incident doesn’t end with the demand for money from the attackers, or with the lost revenue while the business struggles to perform during and after the attack. There are also regulatory fees, new Securities and Exchange Commission (SEC) reporting regulations, Federal Trade Commission (FTC) standards, notification of government entities and notification of customers whose information was compromised.

For businesses without a plan, recovery will take time. Backups may have been destroyed. Systems need to be rebuilt. “If that happens inside your organization, you must have options,” said Connery. “You have to think through what the next steps are going to be.”

One option is to pay the hackers to get data back. Another is to use an old copy of data that might be six months out of date. And the whole time the business is losing customer faith, losing time, losing revenue.

When it comes to cyberattacks, it isn’t if a business is at risk. It is. It isn’t if there’s an attack. It’s when.

Common Threats and Vulnerabilities

“Cyberattacks can take various forms,” explained Mark Doering, chief information security officer, Link Technologies. “There’s phishing and malware and denial of service attacks, which is preventing access to systems, social engineering which is the phone calls and texts you get soliciting a response and pretending to be someone else.”

There are also structured query language (SQL) injections, which attack data applications by injecting malicious SQL statements into entry fields for execution, affecting execution of predefined SQL commands and allowing attackers to spoof identity and tamper with data; zero-day attacks that exploit previously unknown vulnerabilities in systems; and nation-state cyberattacks from foreign entities.

“From my perspective, [Nevada sees] pretty much the same sorts of phishing attacks, ransomware,…

Source…

Alleged Trickbot, Conti ransomware members face US, UK sanctions – SC Media

/in



Alleged Trickbot, Conti ransomware members face US, UK sanctions  SC Media

Source…