Cyber security growing concern for local government | News

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

Cities and counties all over Indiana are putting together budgets, but one topic that may get more attention than in past years is cyber security. Ransomware attacks hit the headlines earlier this year when hackers shut down an oil pipeline that runs up the east coast. That was followed with computer attacks that hit the nation’s largest meat supplier, JBS. But increasingly those attacks are impacting local governments. One of the biggest came in north Texas where a dozen communities lost the ability to use their computers to do police work, operate utilities and about anything else you do at town hall.

“This used to kind of be in the back of everyone’s mind,” said Washington City Clerk-Treasurer Beth McGookey. “Now it is moving to the front.”

For the city of Washington, keeping the computers safe is important.

“Cyber security is a big topic,” said Washington Mayor Dave Rhoads. “I would like to think we are secure, but you can never be 100% secure. We have an information technology director (Michael Folsom). I know he is always working on ways to make us more secure. We have firewalls and software that looks for malicious emails or other attacks. We also have a lot of off-site storage so that we can restore things in the event of an attack. I know we have done a lot to protect our network.”

For Washington, the protection is not just for the city, but also for the utilities. With electric, water, sewer and storm water utilities a hacker could, at the minimum, disrupt billing and at the worst impact operations.

“Mike is constantly watching our systems and working with department heads to try and keep everything secure,” said Rhoads.

While a larger community like Washington may be able to beef up computer operations to make them safer, some smaller communities may not have access to the same computer expertise.

“I don’t think we are any more exposed than the normal household, but I don’t know what we have in terms of security for our systems,” said Montgomery Town Board President Mike Healy. “Until a couple of years ago it really wasn’t anything to think about, now it is.”

Healy says at one time he was on a board…


Hackers Got Past Windows Hello by Tricking Webcam | News

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

These Windows Hello bypasses would not be easy to carry out in practice.

A new method of duping Microsoft’s Windows Hello facial recognition system shows a little hardware fiddling can trick the system into unlocking when it should not.

Credit: Ars Technica

Researchers at the security firm CyberArk uncovered a security feature bypass vulnerability in Microsoft’s Windows Hello facial recognition system that permitted them to manipulate a USB webcam to unlock a Windows Hello-protected device.

CyberArk’s Omer Tsarfati said, “We created a full map of the Windows Hello facial-recognition flow and saw that the most convenient for an attacker would be to pretend to be the camera, because the whole system is relying on this input.”

Hackers would need a good-quality infrared image of the victim’s face and physical access to the webcam to take advantage of the vulnerability.

Said Tsarfati, “A really motivated attacker could do those things. Microsoft was great to work with and produced mitigations, but the deeper problem itself about trust between the computer and the camera stays there.”

Microsoft has released patches to fix the issue.

From Ars Technica
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA

No entries found


Study, Telecom News, ET Telecom

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

Global 5G roaming subscribers to reach 210 million in 2026, up 4,500% during 2021-26: StudyNEW DELHI: The number of global roaming subscribers using 5G services will reach increase from 4.5 million in 2021 to 210 million in 2026, growing by over 4,500%, as operators accelerate fifth-generation network rollouts and the international travel industry recovers from the Covid-19 pandemic, according to a study by Juniper Research.

The findings recommend that operators must now focus on increasing 5G roaming support in order to support the future rise in demand for data when roaming over 5G networks.

“As demand for international travel returns, operators must adjust to the significant uptake of 5G subscriptions during the pandemic. A failure to provide 5G roaming capabilities in key travel destinations will diminish brand reputation amongst subscribers and lead to churn to competitors,” Research author Scarlett Woodford noted.

Additionally, operators should also develop features such as roaming analytics, sponsored roaming, and steering of roaming.

With the proliferation of 5G roaming, vendor competition around the abovementioned 5G-enabled services will also intensify.

The findings underlined that vendors must also address subscribers’ demand for bandwidth and latency when roaming over 5G to home network connectivity, by offering value-added services.

It also projects the global roaming data traffic from 5G subscribers to reach 770 petabytes (PB) by 2026, from 2.6PB in 2021, representing enough data to stream 115 million hours of 4K video from platforms like Netflix.

The findings observed that the projected rise in data will necessitate 5G roaming data contracts between operators to provide roaming subscribers with comparable user experiences whilst roaming.


Valley News – Malware on employee’s company computer led to cyber attack on UVM Medical Center

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

One afternoon in late October, the information technology department at the University of Vermont Medical Center started receiving reports of glitching computer systems across its network.

Employees reported they were having trouble logging into business and clinical applications.

Some reported the systems weren’t working at all. Within a few hours, the IT department began to suspect the hospital was experiencing a cyberattack.

The possibility was very much on the IT team’s radar, as several other major hospital networks nationwide fell victim to cyberattacks earlier last fall.

Immediately, UVM Medical Center cut off all internet connections to the network to protect what data it could. Soon after, the department discovered a text file on a network computer, apparently left by the perpetrators of the attack.

“It basically said: ‘We encrypted your data; if you wanna get the key to un-encrypt it, contact us,’ ” explained Doug Gentile, senior VP of network information technology at the medical center. “There was no specific ransom note, no specific dollar amount or anything like that, it was just: ‘Here’s how you contact us.’ ”

The department immediately contacted the FBI and opted not to reach out to the attackers. “Even if you contact them, even if you pay them, you have no guarantee they’re gonna deliver anything,” Gentile said.

Over the ensuing weeks, UVM Medical Center worked closely with the FBI to investigate the source of the attack while the hospital operated without access to most of its data for several weeks.

“Of course we have standard procedures for if systems go down, but being down for two to three weeks is beyond what we ever expect. It was stressful for people,” Gentile said. The attack cost the hospital between $40 million and $50 million, mostly in lost revenue.

But it could have been worse.

“While it was a significant inconvenience and a big financial hit, the fact that no data was breached was huge,” Gentile said. When the cyberattack was discovered, hospital officials feared patient data could be stolen. Things like Social Security numbers, insurance information, and medical records were all on the line.

Often, in cases like…