Tag Archive for: institutions

Consultant, school system officials say hackers pose common woes for institutions

/in


Jul. 16—While Joplin officials continue to mostly remain mum, a failure of the city government’s computer and telephone systems more than a week ago could have been the result of a ransom demand, a Joplin information technology expert says.

City systems seemed to be operating July 6, but city officials announced July 7 that the city’s computer systems were down. That interrupted the city’s internet-based telephone system and its online capabilities.

In a statement, the city called it a “network security incident” and said it was reported to a law enforcement agency.

There has since been no explanation of the cause and not much word on the status of the investigation. City officials did cite phone system restoration, but nothing about the computer systems. In recent days, the city has not made further statements or answered Globe questions sent to officials about the situation.

Ransomware attack?

John Motazedi, the owner of a local IT consulting firm, SNC Squared, speculated that the city might have been hit by ransomware, a malware program used to encrypt computer systems. Motazedi said his opinion is conjecture but that the failures reported by the city resemble what happens when hackers disable a system to demand a ransom payment.

Motazedi said there are several ways to infect a computer system with crippling software. It can be done by sending a coded program through an email that can unleash encryption through the system, downloading a malicious program without knowing it is infected, or by going into the system’s servers, the central brain of a computer system, to implant the encryption.

“Typically they get in through some administrative account because that account can get into other machines that are connected together,” Motazedi said. An administrative account is used by IT technicians to oversee computer operations and make changes to the system.

Once a system is overtaken by encryption of its programs, the user cannot operate the computer or the system but will instead receive a pop-up message to pay a certain amount of money to receive a code that can be used for decryption. Typically, internet criminals demand payment in bitcoins, a kind of online currency difficult to…

Source…

Why Banks & Financial Institutions Must Take Extra Cybersecurity Measures During Festive Season

/in


Technological advancement in the past few decades has changed the way people live and how businesses operate all over the world. Everything in our life has become easier, faster and much more convenient. However, it’s impossible to ignore the flip side to such a scenario. Today, more crimes are being conducted via the internet and a computer rather than a gun. 

Each year, a growing number of individuals and organisations fall prey to cyberattacks. As cyber threats continue to evolve, the facts and figures become more and more concerning. This is even more so for banks, NBFCs and institutions belonging to the financial sector – a sector associated with money, information and the public.

Cyberattacks On The Financial Sector

Cybercriminals have diverse reasons to target banks and other financial institutions. The financial sector houses the most sensitive data and liquid assets. By gaining access to a financial institution’s database, hackers can steal money or spy on organisations and its customers. They can sell the stolen confidential data and use the money to fund terrorist attacks. By hacking into a network, cybercriminals can even manipulate or disrupt markets, which interests state actors. 

Hackers can damage, destroy and misuse important data, intellectual property, steal money, commit fraud, embezzlement, and identity theft. Cyberattacks, even unsuccessful ones, carry the potential to disrupt usual business activities, leading to loss of financial and other resources. Besides affecting a financial institution’s solvency, cybersecurity failures can also ruin an organisation’s reputation, proving even more crippling than financial losses. As most of the banking system lies interconnected, the spillover of cyberattacks on other banks can even paralyse the overarching financial system of a state. 

Over the past few years, hackers have been carrying out more sophisticated and large scale attacks on this sector. In 2016, Bangladesh’s central bank became victim to one of them, losing nearly $100 million. In 2017, Equifax, a credit reporting agency, reported the largest publicly disclosed breaches in history. Sensitive personal…

Source…

US Treasury Warns of Increasing Ransomware Campaigns Against Coronavirus Vaccine Research Institutions

/in


US Treasury Warns of Increasing Ransomware Campaigns Against Coronavirus Vaccine Research Institutions

The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued a warning that alerts financial institutions in the United States about increasing ransomware attacks against coronavirus vaccine research organizations.

US Treasury Warns of Ransomware Attacks, Phishing Schemes Targeting Covid-19 Vaccine Research Institutions

According to the alert, FinCEN says that fraud, ransomware attacks, and “similar types of criminal activity” target the distribution of Covid-19 vaccines, which could affect their supply chains if proper actions are not taken on time.

The alert reads as follow in regards to ransomware campaigns:

Cybercriminals, including ransomware operators, will continue to exploit the Covid-19 pandemic alongside legitimate efforts to develop, distribute, and administer vaccines. FinCEN is aware of ransomware directly targeting vaccine research, and FinCEN asks financial institutions to stay alert to ransomware targeting vaccine delivery operations as well as the supply chains required to manufacture the vaccines.

Within the attacks, the bureau states that phishing schemes are on the rise by placing misinformation about Covid-19 vaccines as bait to catch victims. The alert provides a series of steps that institutions should follow to report such incidents to FinCEN.

The warning was published the same day that the U.S. Food and Drug Administration (FDA) issued two emergency authorizations for coronavirus vaccines.

Financial Companies That Facilitate Ransomware Payments Could Face Sanctions

But the ransomware campaigns’ incidents have another component that put extra weight on the financial institutions’ back. On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an advisory to highlight the sanctions risk associated with ransomware crypto payments.

In fact, the OFAC warns:

Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC…

Source…

U.S. charges target alleged Chinese spying at Harvard, Boston institutions – Reuters.com

/in
  1. U.S. charges target alleged Chinese spying at Harvard, Boston institutions  Reuters.com
  2. ‘Chinese economic espionage and theft is a real,’ U.S. Attorney Andrew Lelling says after arrest of Harvard p  MassLive.com
  3. Harvard professor among three charged with lying about Chinese government ties  CNN
  4. US charges three researchers with lying about links to China  BBC News
  5. Acclaimed Harvard Scientist Is Arrested, Accused Of Lying About Ties To China  NPR
  6. View full coverage on read more

“china espionage” – read more