Tag Archive for: pandemic

Hackers prey on public schools, adding stress amid pandemic | Health

/in


ALBUQUERQUE, N.M. (AP) — For teachers at a middle school in New Mexico’s largest city, the first inkling of a widespread tech problem came during an early morning staff call.

On the video, there were shout-outs for a new custodian for his hard work, and the typical announcements from administrators and the union rep. But in the chat, there were hints of a looming crisis. Nobody could open attendance records, and everyone was locked out of class rosters and grades.

Albuquerque administrators later confirmed the outage that blocked access to the district’s student database — which also includes emergency contacts and lists of which adults are authorized to pick up which children — was due to a ransomware attack.

“I didn’t realize how important it was until I couldn’t use it,” said Sarah Hager, a Cleveland Middle School art teacher.

Cyberattacks like the one that canceled classes for two days in Albuquerque’s biggest school district have become a growing threat to U.S. schools, with several high-profile incidents reported since last year. And the coronavirus pandemic has compounded their effects: More money has been demanded, and more schools have had to shut down as they scramble to recover data or even manually wipe all laptops.

People are also reading…

“Pretty much any way that you cut it, incidents have both been growing more frequent and more significant,” said Doug Levin, director of the K12 Security Information Exchange, a Virginia-based nonprofit that helps schools defend against cybersecurity risk.

Precise data is hard to come by since most schools are not required to publicly report cyberattacks. But experts say public school systems — which often have limited budgets for cybersecurity expertise — have become an inviting target for ransomware gangs.

The pandemic also has forced schools to turn…

Source…

Security Navigator 2022 Report From Orange Cyberdefense Sheds Light On Digital Pandemic / Digital Information World

/in


Cyber attacks that can lead businesses to terminate themselves or protect themselves from further attacks are spreading rapidly. This is why experts are now referring to these attacks as a “digital pandemic”.

Europe’s leading security service provider, Orange Cyberdefense, has recently shared their Security Navigator report for 2022. This report features research work along with some insights on the system and views from some leading experts based on the cyber threats globally.

As per the report, the ongoing year witnessed almost 95,000 cyber attacks. The number of attacks went up by 45,398 from the previous year. Similarly, in comparison to thirty-seven attacks per month in 2020, the ongoing year is led by almost forty-two attacks. Such attacks that were mostly reported by the victims were based on system malware, network abnormalities (for example, tunneling), abnormalities faced in accounts and getting phished through socially engineered attacks.

According to the statistical analysis, small-scale businesses had the lowest attack rate of just seventeen percent. While dissecting further into the types of attacks, it was observed that almost thirty-five percent were linked with system malware, closely followed by application and network abnormalities with twenty-nine percent, and the least type was found to be account irregularities with just fourteen percent. Though small-scale platforms had the lowest attack rate, in comparison to attacks done in 2020, the numbers have now gone up by almost ten percent. Moreover, according to Orange Cyberdefense, the attack rate increases gradually with the level of business, but in the case of small platforms, they experience thirty-percent more cyber attacks as compared to middle-class businesses. One reason for the increase in attack frequency could be that these types of businesses usually do not invest much in anti-cyber attack software as compared to medium or large-scale businesses. This is why these platforms are more vulnerable to cyber hackers and, as a result, they experienced more attacks this year.

Mid-level businesses, on the other hand, accounted for nearly a third of all reported cyber crime cases. The major portion of these…

Source…

The Acronis cyberthreats report 2022 reveals ongoing malware pandemic – Middle East & Gulf News

/in


Acronis, a global leader in cyber protection, recently released its annual Acronis Cyberthreats Report, the 2022 version, providing an in-depth review of cybersecurity trends and threats worldwide.

The report warns that managed service providers (MSPs) are particularly at risk, with more of their own management tools, such as PSA or RMM, used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks.

Supply-chain attacks on MSPs are particularly devastating since attackers gain access to both their business and clients, as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021.

The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked, as opposed to 32% last year.

Key trends of 2021 and predictions for 2022

Beyond the growing efficiency of cybercriminals and the impact on MSPs and small businesses, the Acronis Cyberthreats Report 2022 shows:

  • Phishing remains the main attack vector. 94% of malware gets delivered by email, using social engineering techniques to trick users into opening malicious attachments or links. just this year, Acronis reported blocking 23% more phishing emails and 40% more malware emails in Q3, as compared with Q2 of the same year.
  • Phishing actors develop new tricks, move to messengers. Now targeting OAuth and multifactor authentication tools (MFA), these new tricks allow criminals to take over accounts. To bypass common anti-phishing tools, they will use text messages, Slack, Teams chats and other tools for attacks such as business email compromise (BEC).
  • Ransomware is still the #1 threat. High-value targets include the public sector, healthcare, manufacturing, and other critical organizations. Ransomware continues to be one of the most profitable cyber attacks these days. Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
  • Cryptocurrency among the attackers’ favorite playing cards. Info stealers and malware that swaps digital wallet addresses are the reality today. We can expect more such attacks waged directly against smart contracts in 2022. Attacks against Web 3.0 apps will also occur more…

Source…

12 digital gangs have targeted Egypt since beginning of pandemic: Kaspersky

/in


Kaspersky researchers monitored persistent threats (APT) in Egypt, and prepared 38 investigative reports related to 12 digital gangs targeting the country since the beginning of Coronavirus.

The reports included information on threats and investigations related to digital gangs targeting Egypt, which ranks third in the number of reports issued by all Middle Eastern countries, making it one of the most targeted countries in the region.

Kaspersky found that these gangs primarily target government institutions and diplomatic agencies as well as educational institutions and telecommunications companies in the country.

Other target audiences include financial institutions, IT companies, healthcare institutions, law firms, and military and defense agencies.

Some of the notorious digital gangs behind APTs investigated in Egypt included Lazarus, MuddyWater, Zeboracy, StrongPity, and SideCopy.

The research team found that exploitation of public applications, valid accounts, and phishing were the most common attack vectors targeting infrastructure in Egypt.

The Lazarus gang, for example, is notorious for conducting targeted phishing campaigns and “water hole” attacks that monitor highly frequented websites and inflate them with malware. The MuddyWater Middle Eastern espionage gang targeted government agencies, telecom companies and oil with the aim of extracting information using the hacked accounts to send phishing emails with attachments directed at specific targets. 

There is the Zeboracy Trojan, which is employed in digital espionage campaigns to collect raw data from compromised systems.

The StrongPity gang is responsible for spying campaigns that use “zero-day” attacks, social engineering tricks, and Trojan installers to deliver malware to their victims.

In turn, the SideCopy gang carries out malware attack campaigns targeting various entities for espionage purposes.

Abdelsabour Arous, a security researcher in Kaspersky’s Global Research and Analysis Team, emphasized that threats are becoming more and more complex every day, saying that investigating and reporting on the activity of these digital gangs…

Source…