Posts

Ransomware groups continue assault on healthcare orgs as COVID-19 infections increase

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Ransomware groups have shown no signs of slowing down their assault on hospitals, seemingly ramping up attacks on healthcare institutions as dozens of countries deal with a new wave of COVID-19 infections thanks to the potent Delta variant. 

Vice Society, one of the newer ransomware groups, debuted in June and made a name for themselves by attacking multiple hospitals and leaking patient info. Cybersecurity researchers at Cisco Talos said Vice Society is known to be “quick to exploit new security vulnerabilities to help ransomware attacks” and frequently exploits Windows PrintNightmare vulnerabilities during attacks. 

“As with other threat actors operating in the big-game hunting space, Vice Society operates a data leak site, which they use to publish data exfiltrated from victims who do not choose to pay their extortion demands,” Cisco Talos explained last month. 

Cybersecurity firm Dark Owl added that Vice Society is “assessed to be a possible spin-off of the Hello Kitty ransomware variant based on similarities in the techniques used for Linux system encryption.” They were implicated in a ransomware attack on the Swiss city of Rolle in August, according to Black Fog. 

image4.png

The Vice Society leak site. 


Cisco Talos

Multiple hospitals — Eskenazi Health, Waikato DHB and Centre Hospitalier D’Arles — have been featured on the criminal group’s leak site and the group made waves this week by posting the data of Barlow Respiratory Hospital in California.

The hospital was attacked on August 27 but managed to avoid the worst, noting in a statement that “no patients were at risk of harm” and “hospital operations continued without interruption.”

Barlow Respiratory Hospital told ZDNet that law enforcement was immediately notified once the hospital noticed the ransomware impacting some of its IT systems. 

“Though we have taken extensive efforts to protect the privacy of our information, we learned that some data was removed from certain backup systems without…

Source…

Ransomware attacks increase dramatically during 2021

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The frequency of ransomware attacks has increased dramatically over the past year, with 93% more carried out in the first half of 2021 than the same period last year, according to Check Points mid-year security report.

The surge in attacks has been fuelled by the rise of the “triple extortion” ransomware technique whereby attackers, in addition to stealing sensitive data from organisations and threatening to release it publicly unless a payment is made, are also targeting the organisations customers, vendors or business partners in the same way.

Accompanying the dramatic increase in ransomware attacks, organisations have also experienced a 29% increase in the number of cyber attacks globally, with the highest growth seen in the Europe Middle East and Africa (EMEA) region and the Americas, at 36 and 24% respectively.

While the Asia-Pacific (APAC) region only saw an increase in attacks of 13%, it experienced the highest number of cyber attacks weekly at 1,338. EMEA’s weekly number was 777, while the Americas was at 688 per week.

The report further noted a step up in the number of attacks targeting supply chains during 2021, including the high-profile attack on SolarWinds from December 2020, as well as the attacks on Codecov in April and, most recently, Kaseya in July.

Following the takedown of the Emotet botnet operation, which was fully eliminated in April 2021, the report also noted that a number of other malwares – including Trickbot, Dridex, Qbot and IcedID – are quickly gaining popularity.

“In the first half of 2021, cyber criminals have continued to adapt their working practices to exploit the shift to hybrid working, targeting organisations’ supply chains and network links to partners to achieve maximum disruption,” said Maya Horowitz, vice-president of research at Check Point Software.

“This year, cyber attacks have continued to break records and we have even seen a huge increase in the number of ransomware attacks, with high-profile incidents such as Solarwinds, Colonial Pipeline, JBS or Kayesa. 

“Looking ahead, organisations should be aware of the risks and ensure that they have the appropriate solutions in place to prevent, without…

Source…

FBI warns of increase in ransomware, cyberattacks on businesses

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The FBI is warning that all businesses are at risk of being targets of ransomware and other cyberattacks.

Whether from nation-states like China, Russia, Iran and North Korea, cybercriminals are looking to interfere, intrude and hold hostage for cash. 

Cyberattacks are becoming more intense, more frequent and more dangerous.

Dallas FBI Special Agent in Charge Matthew DeSarno says the ever-evolving threats can cripple their intended targets.

“It is certainly a threat to national security, and we’ve seen a significant increase in attacks against private sector companies and government agencies at all levels,” he said.

Cybercrime is on the rise through phishing scams and other means. And as fraud increases, so does the need to protect your identity. (iStock)

There have also been attacks against critical infrastructure, like the colonial pipeline and the hack attack of JBS meat producers that interrupted a big part of the meat supply for a time.

Some estimates say more than 15,000 companies were hit with ransomware last year.

“Our statistics aren’t complete because we just flat out don’t know how many companies have been hit,” DeSarno said “Many companies are attacked and may have paid the ransom and never report it at all.”

What the FBI does know is that there are at least 100 different ransomware variants right now. 

“We are starting to see ransomware variants attack the supply chain and specifically in some instances the IT supply chain,” DeSarno said.

During the Fourth of July weekend, a U.S. IT software provider was attacked. 40,000 businesses on five continents were warned to take emergency steps to try and prevent networks from being hijacked. Though, thousands were victims.

DeSarno cautions corporate execs have to focus on and invest in cybersecurity

“Because a single cyber incident can really damage your bottom line, top line, reputation and in some cases your existence as a company,” he warned.

DeSarno is calling it one of the greatest challenges we’ve…

Source…

Infinite Group aims to fight ‘cyber warfare’ with Nodeware product as client incidents increase

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


() () recently rebranded as IGI Cybersecurity, President and COO Andrew Hoyen tells Proactive the Pittsford, New York-based group is working to help its clients fight ‘cyber warfare.’

Hoyen says the group has seen incident response increase amongst its clients.

It leverages its product Nodeware to identify gaps in environments to identify vulnerabilities to be better prepared if something does happen.

Add related topics to MyProactive

Create your account: sign up and get ahead on news and events

NO INVESTMENT ADVICE

The Company is a publisher. You understand and agree that no content published on the Site constitutes a recommendation that any particular security, portfolio of securities, transaction, or investment strategy is…

In exchange for publishing services rendered by the Company on behalf of named herein, including the promotion by the Company of in any Content on the Site, the Company receives from said issuer annual cash…

FOR OUR FULL DISCLAIMER CLICK HERE

Source…