Tag: florida | Page 6

Sarasota’s Florida Studio Theatre recovering from ransomware attack

February 25, 2021/in Internet Security

Florida Studio Theatre’s computer systems were shutdown by a ransomware attack that is under investigation by the Sarasota Police Department and other law enforcement agencies.

Florida Studio Theatre was hit by a ransomware attack on its business systems over Valentine’s Day weekend that compromised some internal office files, but Managing Director Rebecca Hopkins said Thursday there is no evidence so far that any patron information or credit card numbers were affected.

The attack happened on Feb. 12 and “basically shut us down. It shut down our network. We reacted immediately to it of course, but it was basically a business interruption,” she said.

Ticket Newsletter:Sign up to receive the latest news on things to do, restaurants and more every Friday

More:FST plans to reopen theaters in March

Theater staff was unable to access some project files until they were recreated in a safer system.

Hopkins said the theater immediately reported the attack to the Sarasota Police Department. Genevieve Judge, SPD public information officer, confirmed the case is under investigation and that police are working with “other local, state and federal law enforcement partners. These are often long and lengthy investigations that can take months.”

Hopkins said the theater coordinated quickly with its own IT staff and an outside IT firm to “pull the plug on our system.”

The hackers blocked the theater’s access to its ticketing system, Tessitura, until files and other systems could be rebuilt. Hopkins said the theater had to be cautious in how it replicated files and programs so the process didn’t compromise the investigation.

“This was a totally random thing. They hit a bunch of businesses. That is what they do. It’s not some angry Sarasotan who is made at us. They don’t know us from Tom,” Hopkins said. “They just managed to get in here. It happens to all kinds of businesses.”

Because of an increase in ransomware cases, Hopkins said the theater had taken out cyber insurance to protect the non-profit operation from potential financial losses.

Hopkins said the theater has been working with a “law firm that specializes in this to make sure we’re doing everything to the letter. They are advising us every step of the way. Our first concern at the organization is that we do exactly what we’re supposed to do.”

If any compromised information is…

Source…

Florida Water Plant Hackers Exploited Old Software And Poor Password Habits

February 15, 2021/in Computer Security

The world took notice when a cyber attacker breached a Florida city’s water treatment plant and tried to poison the water supply. New details about the incident reveal serious cyber security shortcomings at the plant.

Water Pipeline in Water Treatment Plant

getty

As reported by Ars Technica, a Private Industry Notification (PIN) from the FBI noted two major issues. One was that the compromised computer at the Oldsmar water treatment facility was running an “outdated Windows 7 operating system.”

That statement applies to pretty much any computer running Windows 7 at this point. As of January 14 last year Microsoft had stopped offering software updates, security updates or fixes and technical support for Windows 7. Ahead of that date Microsoft had warned that “While you could continue to use your PC running Windows 7, without continued software and security updates, it will be at greater risk for viruses and malware.”

Microsoft had already extended support for Windows 7 on a couple of occasions and the company provides plenty of notice when it’s ending support. Nevertheless it’s not uncommon for organizations to continue using an operating system beyond its end-of-support date.

Specialized applications — like those that control the water treatment system at the Florida plant — may not be compatible with a newer OS. Faced with the possibility of a broken piece of critical software, many organizations choose to continue running the outdated OS. This incident once again underscored just how risky that practice can be.

Another failing revealed in the Bureau’s notification is that staff all utilized the same password for remote access via the Teamviewer application. That same password was used on all of the plant’s computers and it’s believed that the attacker(s) used that password to break in.

That’s two very big cyber security strikes already. The third? The plant’s computers “appeared to be connected directly to the Internet without any type of firewall protection installed.”

Firewalls provide a first line of defense against unauthorized access. They’re an important part network security in any situation. In a case where the…

Source…

Florida water hack highlights risks of remote access work without proper security

February 15, 2021/in Computer Security

Cybersecurity experts have long warned that insecure remote work software is a major source of weakness for hacking.

a man in a military uniform: Pinellas County Sheriff Bob Gualtieri addresses the hack to the Oldsmar, Florida's water facility's control systems through remote access software.

© Pinellas County Sheriff’s Office via AP
Pinellas County Sheriff Bob Gualtieri addresses the hack to the Oldsmar, Florida’s water facility’s control systems through remote access software.

The issue was brought into stark relief on February 5, when hackers gained access to a Florida water treatment facility by using a dormant remote access software and then tried to poison the water supply. The hack was quickly caught by a human operator at the facility, but the incident highlights a potential economy-wide problem as the Covid-19 pandemic has pushed millions of workers to work from home.

“The problem is not the fact that remote software existed. I think the problem is that an adversary got hold of the credentials such that the adversary was able to access it,” said Damon Small, Technical Director of Security Consulting at NCC Group North America.

“What it underscores, speaking as an information security professional, is the need for strong authentication when critical infrastructures are going to use these sorts of remote access systems.”

As CNN has reported, the treatment plant had used multiple computers running an aging version of Microsoft Windows to monitor the facility remotely. All of the computers shared a single password to access an apparently disused version of the plant’s remote management software.

According to Pinellas County Sheriff Bob Gualtieri and a Massachusetts government advisory to public water suppliers, the hackers gained access to the water facility’s control systems through remote access software known as TeamViewer.

Martina Dier, a spokesperson for TeamViewer, said an investigation found no evidence of suspicious activity on its platform.

Why remote work can lead to hacks

The rise of remote work has provided flexibility for people to work without risking large gatherings of coworkers. But it has also left workers more vulnerable to targeted attacks. And, in some cases, it has put previously secured work functions online, accessible to anyone with the right credentials.

Eric Cole, a former CIA cybersecurity expert and author of…

Source…

Florida water treatment facility hack used a dormant remote access software, sheriff says

February 12, 2021/in Computer Security

A hacker who last week tried to poison a Florida city’s water supply used a remote access software platform that had been dormant for months, Pinellas County Sheriff Bob Gualtieri told CNN on Tuesday.

a group of people posing for the camera: On Monday, February 8, 2021, Sheriff Bob Gualtieri gave a press conference surrounding the unlawful intrusion to the City of Oldsmar's water treatment system. He was joined by Mayor Eric Seidel and City Manager Al Braithwaite.

© Pinellas County Sheriff’s Office
On Monday, February 8, 2021, Sheriff Bob Gualtieri gave a press conference surrounding the unlawful intrusion to the City of Oldsmar’s water treatment system. He was joined by Mayor Eric Seidel and City Manager Al Braithwaite.

The cyber-intruder got into Oldsmar’s water treatment system twice on Friday — at 8 a.m. and 1:30 p.m. — through a dormant software called TeamViewer. The software hadn’t been used in about six months but was still on the system.

“How they got in, whether it was through a password or through something else, I can’t tell you that,” said Gualtieri.

However, Oldsmar’s assistant city manager, Felicia Donnelly, told CNN that a password was required for the system to be controlled remotely.

TeamViewer, which is based in Germany and has more than half a million customers around the world using commercial licenses, said that there was no indication of suspicious activity.

“Based on cooperative information sharing, a diligent technical investigation did not find any indication for suspicious connection activity via our platform,” TeamViewer spokesperson Martina Dier told CNN on Wednesday.

Once inside the system, the hacker adjusted the level of sodium hydroxide, or lye, to more than 100 times its normal levels, Gualtieri said. The system’s operator noticed the intrusion and immediately reduced the level back. At no time was there a significant adverse effect to the city’s water supply, and the public was never in danger, he said.

The identity of the hacker, or hackers, isn’t yet known. Gualtieri praised the operator who spotted the attack on Friday and said current and former employees have been interviewed after early consideration of an insider threat. There are currently no suspicions or indications that’s the case, he said.

The incident highlights how some critical infrastructure systems are vulnerable to hacking because they are online and use remote access programs, sometimes with lax security.

Vulnerabilities in…

Source…

Tag Archive for: florida

Why remote work can lead to hacks

Vulnerabilities in…