Tag Archive for: forced

Threat posed by mainland hacker forced GMH to shut down network | News

/in


A hacker somewhere in the U.S. mainland got past the protective firewalls of Guam Memorial Hospital’s network and started exploring, which put all of the hospital’s interconnected computer systems at risk of cyberattack, according to the hospital’s legal counsel, who said the hospital provided information to federal investigators and is scheduled to meet with the FBI Wednesday.

The hospital, whose IT staff found evidence of an unauthorized network user on the evening of March 2, shut down all of its nearly 100 computerized systems — from phones to email — at 8 a.m. March 4 in order to increase security measures and prevent any damage or theft of information.

Hospital staff found evidence the unauthorized user had accessed the system “multiple times in the past.”

According to the hospital, there is no evidence that patient information, financial information or employee records were accessed, manipulated or destroyed.

There also were no demands for payment in connection with the incident, according to the hospital.

No disciplinary action was taken against any hospital employee in connection with the incident, according to GMH legal counsel.

The systems shutdown also affected the hospital’s satellite operations, at the skilled nursing facility in Barrigada Heights and at the prison clinic in Mangilao.

Hospital visitation was severely restricted for several days in order to allow employees to focus on restoring systems.

The hospital started operating manually during the shutdown, keeping records on paper, and as of Tuesday had restored about 75 percent of its computer systems. Some phone lines and email addresses, for non-critical employees and departments, still were not working as of Tuesday.

“The nature of the (unauthorized) access was identified, and an individual is identified as being the likely actor,” said hospital attorney Jeremiah Luther, who declined to provide further details about the security flaw or how the network was hacked.

Luther said the hospital will not publicly disclose the “likely actor’s” name in the interest of justice.

“We were told by our IT people that the threat to our system, to patient health…

Source…

Guardian staff forced to work out of former brewery after ransomware attack

/in


Staff at The Guardian have been forced to work out of a former brewery as a crippling ransomware attack heads into its third month.

The newspaper has taken up office space at the Phoenix Brewery in west London as its King’s Cross headquarters remains shuttered following the cyber attack.

Staff are said to be frustrated following an extended period of enforced working from home. 

But one journalist said the temporary offsite location, next to Westfield shopping centre, was inconvenient for the majority of staff who are used to commuting into north London.

Editor Kath Viner lives in west London after marrying Adrian Chiles, a broadcaster and Guardian columnist, last year. 

A source said Ms Viner and a small number of other employees had been working from the headquarters in King’s Cross for the vast majority of the time.

The Guardian has taken over the temporary office space from telecoms provider TalkTalk.

Chief executive Anna Bateson and her husband Max are personal friends with TalkTalk executive chairman Sir Charles Dunstone. One industry insider said the group had holidayed together on Sir Charles’ yacht.

The makeshift office arrangements come two months after The Guardian was hit by a ransomware attack that shut down many of the newspaper’s computer systems and forced it to close its building at Kings Place.

Hackers gained access to payroll data, meaning employees’ names, addresses, salaries and passport details have been exposed.

The Guardian has said hackers are most likely to have gained access to the information through a so-called phishing attack, which attempts to trick staff into clicking booby-trapped links.

While the company was initially concerned about an “attack on journalism” by a foreign state, it is understood this scenario is now considered unlikely.

It is not clear whether bosses have paid the ransom, but the incident has been reported to the Information Commissioner’s Office. The data watchdog has the power to fine The Guardian up to £17.5m if any failings are discovered in relation to the breach.

A source at the newspaper said the print team had been working “like madness” since the attack and had been forced to…

Source…

Hackney Council could be forced to answer questions about IT security training after Psya ransomware

/in


A council hit by a cyber attack could be forced to answer questions about the IT and security training it gave staff when they were forced to work from home because of the pandemic.

Cyber criminals struck Hackney Council in October 2020, with Pysa, or Mespinoza, ransomware paralysing some of its online services.

Four months later, employees’ and residents’ data was allegedly published on the dark web by hackers who claimed it came from the attack on the London council’s IT systems.

The council said the attack affected “a limited set of data, it has not been published on a widely available public forum, and is not available through search engines on the internet”.

The National Crime Agency is still investigating the attack, as is the National Cyber Security Centre.

Missing data

The attack has cost the council millions of pounds and it is still missing data across many services.

It said the most critical services were Mosaic for social care, Academy for its benefits and revenues, and M3 for planning and land charges and delivering modern digital tools in housing.

Other local authorities have been targeted by hackers. Gloucester Council became the latest victim when it was attacked for the second time in December, when hackers hit services including revenue and benefits and planning.

Salisbury, Copeland and Islington councils were also affected by cyber attacks over the 2017 August bank holiday, when hackers unsuccessfully asked for a bitcoin ransom in return for data.

The attack on Hackney affected benefits data. Some people were unable to perform property searches, which affected some house sales in the east London borough.

Information commissioner to take action

The council now faces action from the information commissioner after refusing to say whether it gave council staff security training when they were required to work from home during the pandemic.

Liberal Democrat campaigner Darren Martin submitted a Freedom of Information request to ask the council what IT security training was given to staff in the two years leading up to the cyber attack.

“If it turns out that the attack that has left our vital services crippled in the borough since 2020…

Source…

Newfoundland forced to revert to ‘paper-based system’ after possible cyber attack on health-care network

/in


A catastrophic computer network failure that’s forced Newfoundland and Labrador’s health-care workers to revert to a “paper-based system” may be a sign of cyber attackers getting better at what they do.

Thousands of Newfoundlanders in need of non-emergency surgeries, cancer treatment and diagnostic imaging have had their appointments cancelled after an IT failure that was reported over the weekend.

While emergency care continues, doctors and nurses have had to resort to pen and paper for many of the administrative tasks that would ordinarily by accomplished by their computer networks.

“We know only what we know, which is that we have a possible cyber attack. It has taken out the brain of the data centre,” said Health Minister John Haggie, during a news conference Monday.

“Our main aim here, between the department and the health authorities, is to mitigate the effect and maintain some continuity of service for the people of this province who need treatment for which they cannot wait.”

The possible cyber attack comes on the heels of two incidents last week — a ransomware attack on the TTC, which shut down vital communications systems, and a reported attack on the city of Clarence-Rockland, Ont., after which the city shut down its email service as a precaution. And in early 2020, a ransomware virus started to encrypt data on the P.E.I. government network before IT staff there were able to contain it.

One cyber-security company says that the frequency of such attacks has not necessarily increased over the past several months, but that the skill of the attackers has been growing, to the point that they are pursuing bigger — and more lucrative — targets.

Last year, there were more than 4,200 cyber attacks in Canada, says Brett Callow, a threat analyst with Emsisoft. The cyber-security firm has particular expertise in ransomware — those cyber attacks in which the perpetrators threaten to delete or encrypt an organization’s data unless they’re paid off.

Most of those attacks were directed at small businesses, which meant the incidents didn’t draw as much media attention and often stayed under the radar. Still, those attacks cost Canadian businesses an estimated $659…

Source…