Tag Archive for: michigan

Large Michigan healthcare provider confirms ransomware attack

/in


One of the largest healthcare systems in Michigan confirmed that it is dealing with a ransomware attack after a notorious hacker gang boasted about the incident.

A spokesperson for McLaren HealthCare said the organization recently detected suspicious activity on its computer network and immediately began an investigation.

“Based on our investigation, we have determined that we experienced a ransomware event. We are investigating reports that some of our data may be available on the dark web and will notify individuals whose information was impacted, if any, as soon as possible,” a spokesperson said.

McLaren operates 13 hospitals across Michigan, as well as other medical services such as infusion centers, cancer centers, primary and specialty care offices and a clinical laboratory network. The company has more than 28,000 employees and also has a wholly owned medical malpractice insurance company.

Earlier this month, the company reported outages affecting billing and electronic health record systems. According to the Detroit Free Press, McLaren had to shut down the computer network at 14 different facilities — a situation that got so bad that employees had to communicate through their personal phones.

The spokesperson said McLaren has “retained leading global cybersecurity specialists to assist in our investigation, and we have been in touch with law enforcement. We have also taken measures to further strengthen our cybersecurity posture with a focus on securing our systems and limiting disruption to our patients and the communities we serve.”

The spokesperson added that systems “remain operational” but did not respond to requests for comment about whether billing and record systems had been restored to functionality. They did not say whether a ransom would be paid.

The Black Cat/AlphV ransomware gang took credit for the attack in a post on its leak site early on Friday morning.

The gang — which initially did not name the company before hours later adding McLaren’s name — claimed to have stolen 6 TB of data, allegedly including the personal data of millions as well as videos of the hospitals’ work.

mclaren-healthcare-michigan-map.pngImage: McLaren HealthCare

Michigan’s Emergency Management…

Source…

University of Michigan shuts down internet due to security concern

/in


ANN ARBOR, Mich. – Internet service at the University of Michigan was cut off by the university after a cybersecurity threat was detected on Monday, the first day of fall classes for many students.

“We recognize that cutting off online services to our campus community on the eve of a new academic year is stressful and a major inconvenience. We sincerely apologize for the disruption this has caused. Our Information Assurance team, in partnership with leading cybersecurity service providers, detects, deflects, and mitigates a steady stream of malicious actors every hour of every day.

Sunday afternoon, after careful evaluation of a significant security concern, we made the intentional decision to sever our ties to the internet. We took this action to provide our information technology teams the space required to address the issue in the safest possible manner.”

—> System-wide power outage forces 5 schools in Ann Arbor to close

The university said it may be several days before all online services return to normal activity. Here’s some info they offered for students:

  • It appears that the impact is not the same across the university or on all campuses. All clinical applications at Michigan Medicine are functional and no patient care has been disrupted.

  • Classes are meeting on all three campuses. Faculty members will, to the best of their abilities, communicate directly with students directly regarding any needed adjustments. Please check ro.umich.edu/calendars/schedule-of-classes to view public course schedules and locations.

  • Campus leaders recognize that many students rely on U-M systems to access class information and navigate campus, especially on the first day of classes. Consideration will be given to students for impacts to class attendance or assignments that depend on U-M systems while our teams work to restore service.

  • Campus remains open. Residence halls, dining facilities, classroom buildings, and all university offices are operational. Individual units are making local decisions about where (on campus or remotely) employees are best able to fulfill their roles.

  • In recognition of the challenges faced during this outage, students will not incur late registration or…

Source…

Michigan man sentenced for sexual assault of underage girl in Limerick

/in


NORRISTOWN — A Michigan man already serving time in federal prison for manufacturing child pornography while engaging in text communications with a teenage Montgomery County girl admitted in county court that he met and sexually assaulted the girl at a Limerick Township hotel.

Mark Allen Hillis, 60, of Southgate, Mich., was sentenced in county court to 15 to 30 years in a state correctional facility after he pleaded guilty to charges of involuntary deviate sexual intercourse with a person under 16, unlawful contact with a minor and sexual abuse of children photographing and depicting sexual acts in connection with incidents that occurred in December 2019.

Hillis also must complete three years’ probation following parole, meaning he will be under court supervision on the county charges for 33 years.

The county sentence, imposed by Judge Thomas C. Branca as part of a plea agreement, will run concurrently with a 25-year federal sentence Hillis received in U.S. District Court in Philadelphia last November after he pleaded guilty there to charges of enticing a minor to engage in criminal sexual activity, traveling to engage in illicit sexual conduct, manufacturing and attempted manufacturing of child pornography, transferring obscene material to a minor, and possessing child pornography.

Under the federal and county sentences, Hillis won’t be eligible for parole until he’s in his 80s.

With the county charges, prosecutors essentially handled the charges related to Hillis’ hands-on contact with the underage girl at the Limerick hotel.

Assistant District Attorney Gabriella Glenning sought a significant state prison term against Hillis.

“The defendant fostered a relationship with a 13-year-old, built her trust, made her feel like they had a relationship and under that had her send him nude photographs of herself and then ultimately meeting up with her in person to accomplish his goal. That is heinous,” Glenning said. “To facilitate a hands-on offense is just horrendous.”

Prosecutors said the charges arose from Hillis’ sexual exploitation of the underage girl by using the internet and text messaging over a period of months, by traveling from…

Source…

Security concerns raised over internet voting for Michigan military spouses

/in


Because of an editing error, this story has been corrected. House Bill 4210 would expand electronic ballot return for deployed military members to their spouses and voting-age dependents.

In Michigan’s quest to make voting more accessible in recent years, it has enacted automatic voter registration, excuse-free absentee voting and an upcoming early in-person voting period.

But the latest proposal worries some of the same election security experts who have praised the changes and worked with Democrats in charge: returning ballots over the internet.

The idea is “well intentioned” but could “seriously undermine the security of Michigan’s elections,” said J. Alex Halderman, a University of Michigan professor and nationally recognized cybersecurity expert.

Halderman and other experts warned House elections committee lawmakers Tuesday in a hearing on House Bill 4210. It would expand electronic ballot return for deployed military members, allowed by legislation that passed last year and will be implemented in 2024, to their spouses and voting-age dependents.

“The bedrock of Michigan elections has long been the simple fact that every vote is cast on a piece of paper which can’t later be changed in any kind of cyber attack,” said Halderman, who was appointed by Secretary of State Jocelyn Benson to co-chair an election security commission for 2020.

Related: Michigan National Guard nets $26M for women-focused facility upgrades

But Benson argues Michigan can maintain its election integrity by continuing conversations with national cybersecurity professionals and federal agencies, and by following the lead of the 31 other states that have implemented this.

“We’re exploring a hybrid model that would be custom-built for Michigan and still require the voter overseas to print and sign their ballot before scanning and returning it,” said Benson, who once lived on a military base with her husband.

Similar to how Colorado does it, she explained, the local clerk would print what is returned and run it through the tabulator, creating an auditable paper trail. Voters would also be encouraged to mail a follow-up hard copy of their ballot.

She added that this electronic voting portal is…

Source…