Posts

Record 304.7 Million Ransomware Attacks Eclipse 2020 Global Total in Just 6 Months

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


  • Ransomware showed massive year-to-date spikes in the U.S. (185%), U.K. (144%)

  • Ryuk, Cerber, SamSam top families of the year, making up 64% of all ransomware volume

  • Government, education, healthcare, retail verticals increasingly targeted by ransomware

  • Up 59% year-to-date globally, IoT malware continues growth since 2018

  • Cryptojacking malware remains a key threat, up 23% year-to-date globally and up 22% in the U.S.

  • SonicWall’s patented RTDMI™ finding more never-before-seen malware than ever, posting a 54% year-to-date increase over the first half of 2020

MILPITAS, Calif., July 29, 2021 /PRNewswire/ — In the first half of 2021, ransomware attacks skyrocketed, eclipsing the entire volume for 2020 in only six months, according to the mid-year update to the 2021 SonicWall Cyber Threat Report published today. In a new paradigm for cybercrime, SonicWall is analyzing how threat actors are using any means possible to further their malicious intents.

SonicWall (PRNewsfoto/SonicWall)

SonicWall (PRNewsfoto/SonicWall)

Ransomware showed massive year-to-date spikes in the U.S. (185%), U.K. (144%)

With high-profile attacks against established technology and infrastructure, ransomware is now more prevalent than ever. Through the first half of 2021, SonicWall recorded global ransomware volume of 304.7 million, surpassing 2020’s full-year total (304.6 million) — a 151% year-to-date increase.

“In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions,” said SonicWall President and CEO Bill Conner. “This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord. With remote working still widespread, businesses continue to be highly exposed to risk, and criminals are acutely aware of uncertainty across the cyber landscape. It’s crucial that organizations move toward a modern Boundless Cybersecurity approach to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever.”

Ransomware running rampant
After posting record highs in both April and May, SonicWall recorded another…

Source…

Fallout From Hack of City Law Department Could Linger for Months

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Among the thousands of lawsuits New York City faces each year, this case was unexceptional — a man suing the city and several police officers over his arrest during a 2016 demonstration. But last week, the case hit a snag for an unusual reason: The city’s Law Department had been hacked, and lawyers were struggling to gain access to important documents.

“Practically all attorneys from the New York City Law Department still do not have remote access to electronic files,” wrote Jorge M. Marquez, a city attorney, to the judge on July 1, asking for an extension of deadlines in the false-arrest case.

Mr. Marquez noted that attorneys could enter the Law Department’s offices to review files but because of the pandemic, many attorneys, including himself, were not going into work. “It is currently unknown when this problem will be resolved,” he wrote, adding that the city hoped it would be in the coming weeks.

More than a month after hackers gained access to the Law Department’s computer system — which stores an untold amount of sensitive information — it is now apparent that the breach had a more profound effect than officials have publicly revealed. The department’s chief IT officer has been reassigned and replaced. And the fallout, as chronicled in internal communications obtained by The New York Times, may for months continue to affect the 1,000-lawyer agency that defends the city in court.

Many city Law Department employees have returned to the office on a limited basis, but the inability to retrieve documents remotely has slowed some of their work.

Laura Feyer, a spokeswoman for Mayor Bill de Blasio, said in a statement that the Law Department’s attorneys are “arranging on-site and remote work accordingly to ensure there is minimal impact to cases.”

Nick Paolucci, a Law Department spokesman, said that a majority of the department’s attorneys have been able to meet court deadlines and that the legal work of the city was moving forward.

But court records show the hack continues to complicate cases. In letter after letter to judges, the city’s attorneys have sought postponements in cases, saying that without access to electronic files, they could not prepare a…

Source…

Cyber security expert and Ethical Hacker needed for ongoing ID Theft, Harassment – Freelance Job in Information Security – Less than 30 hrs/week – 1 to 3 months

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


We already have a 6k digital forensic analysis of computer, phones. We have IP addresses and likely suspects. Our problem is that 1) my identity has been stolen and so I’m easy to find in databases- think cellular providers, ISP, banks, medical patient portals, government tax, soc sec. – anything with a database. I’ve had people call up companies and insurance providers pretending to be me and changing account info. They use their computers to access my accounts to change passwords- preventing me from banking or seeing a doctor. No matter if I choose att or Verizon or T-Mobile – they find me and my Apple ID. They have gotten past 2 factor. 2) The situation has now progressed into my work life – they have put malware on my work computer. Our understanding is that this started out as a personal  resentment due to an  inheritance issue but now the hacking, stalking, harassment has been handed over to professionals. The police have known about it for 2 years – now the County DA is looking into it – but I really have my doubts as to their ability to identify and stop these people. My ISP has written me letters from their legal department offering help – they know who’s doing it but they are shocked that no one has issued a subpoena for their records. This is what my husband and I need: a multilayered surveillance cyber security system. A VPN is not going to do it – the hackers ripped that protection off the computers and phones like it was nothing. These are persistent professional hackers getting paid for specific and targeted harassment. They never take any money even though it was there for the taking. Two years of account/data breaches but NO money was taken. While we wait and hope for the county da to investigate – we also have to get on with our lives. In addition to a new comprehensive cyber security system for our home, cars, phones – we would very much be interested in any reverse engineering or ethical hacking that Identifies the owners of 5 IP addresses – these addresses are within 3 miles of our home. The other IP addresses that were discovered in the digital forensic report are Russian.

Willing to consider multiple security solutions. Communication and…

Source…

3 months after cyberattack that threatened ‘public health crisis,’ Jersey City MUA computer systems still not fully restored

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The recent cyberattack at the Jersey City Municipal Utilities Authority inflicted damage that lasted months and threatened to cause a “public health crisis,” the agency said.

Officials from Jersey City and the autonomous utilities agency have said little about the Sept. 30 ransomware attack, which MUA documents said blocked access to “vital” water and sewer information.

But the MUA spent nearly half a million dollars to address the attack, and the agency’s computer systems were still not fully functional even three months after the cyber incursion, an MUA resolution passed last month shows.

At a Dec. 17 meeting, the MUA Board of Commissioners voted to approve a new $391,000 emergency contract with cyber security firm Digital Team Six for “technical restoration services,” according to a resolution obtained through an Open Public Records request. The new contract was “necessary to avert a public health crisis,” the resolution said.

“Despite repeated efforts … problems continued to be encountered with restoring all of the JCMUA’s internet technology network to full operation,” the resolution states, adding that “it has become increasingly apparent that advanced technical assistance will be required.”

But the extent of the potential “public health crisis” is unclear. JCMUA Executive Director Jose Cunha could not be reached for comment and MUA Board of Commissioners Chair Maureen Hulings declined to comment. Digital Team Six staff did not immediately respond to requests for comment.

The contract comes on the heels of an $18,675 contract with a different information technology firm, as well as a $25,000 contract with Pennsylvania law firm Mullen Coughlin to investigate the incident — putting known expenditures related to the incident at $434,675. MUA officials expected at least $25,000 of that to be covered by insurance.

It’s also unclear exactly what the hacker or hackers wanted to target. However, the attack caused the agency to “lose access to vital information and documentation related to the provision of water and sewerage services to the citizens of the City of Jersey City,” an October resolution reads.

In ransomware attacks, hackers block…

Source…