Tag Archive for: shutdown

After computer shutdown, a Maryland county buys cyber protection. Is that enough?

/in


A holiday cyber attack threw one Western Maryland county for a loop, altering some police operations, slowing down the office of the state’s attorney, and preventing online payments. Other jurisdictions in the state could learn lessons from the holiday hack of Washington County.

“You don’t want to be in a situation where you don’t know what you’re going to do if an incident happens,” said Markus Rauschecker, cybersecurity program director at the University of Maryland’s Center for Health and Homeland Security, an academic nonprofit consulting firm that advises local governments dealing with cyber incidents.

Rauschecker, also a member of the Maryland Cybersecurity Council, a group led by the state’s Attorney General and established by law to improve cybersecurity in Maryland, said each jurisdiction should have a plan, which “outlines the exact roles and responsibilities that every entity has with respect to cyber incident response.”

Months after the Thanksgiving Day incident, Washington County officials have tried to move forward, with the commissioners purchasing a pricey cyber protection system earlier this year, but the question remains: Is the county better prepared today than it was then?

Washington County Board of Commissioners President John Barr did not consent to questions during a break in the July 11 county commissioners meeting. Questions were referred to the county’s public relations department, which responded by email to several questions, including one asking what the county is doing going forward to protect citizens’ information.

“Information privacy and security are among the County’s highest priorities,” said Danielle Weaver, a county spokeswoman, in an email. “We have strict security measures in place to protect information in our care.

“Upon discovery (of) this incident, we quickly took steps to investigate and respond, including reviewing and enhancing our existing policies and procedures to reduce the likelihood of a similar future event,” Weaver said. “Washington County continues to review and enhance our cybersecurity posture by implementing additional safeguards.”

Those safeguards were not indicated in the email response…

Source…

NJ hospital CentraState diverting patients after cyberattack, IT shutdown

/in


Cyber insurance
A screen image of the ransom by the LockBit ransomware group. (Image provided by Recorded Future)

CentraState Medical Center in New Jersey, Hospital for Sick Children (SickKids), and Queen Elizabeth Hospital (QEH) in Barbados are facing continued disruptions due to cybersecurity incidents in the last few weeks.

The ongoing outages confirm earlier warnings from American Hospital Association’s National Advisor for Cybersecurity and Risk John Riggi for the healthcare sector to remain vigilant as threat actors would remain highly active during the holiday season.

As seen with the latest Emsisoft ransomware data, ransomware attacks against the healthcare sector have remained constant in recent years. In 2022, 25 providers and their 290 hospitals were impacted by these attacks — the most notable of which was the CommonSpirit Health incident launched in the fall.

While two of the latest incidents are impacting global providers, the disruptions and the successful processes should serve as lessons for the U.S. sector and the need to prioritize patient safety when building incident response processes.

CentraState Medical Center reports care diversion processes

With a Dec. 30 post on its website, CentraState is the most recent provider to fall victim to an apparent cyberattack. Officials say the hospital is facing “some technical problems related to an IT security issue” and are operating under care diversion processes, sending incoming patients to area hospitals in response to the network outages. 

The hospital is operating under electronic health record downtime procedures with paper processes, which has enabled the hospital to continue logging patient care through available records on site. Officials assert that patient care has not been adversely affected.

CentraState CEO and President Tom Scott explained to local media that the systems began showing signs of disruption during the morning shift change and the hospital isolated the affected systems in response, while shutting down the network to prevent proliferation.

Local EMS providers were also notified of the need to divert patients away from CentraState for an unspecified period of time, as it’s unclear just how long the outages…

Source…

Amid tight security, internet shutdown, lakhs reach exam centres in West Bengal to appear for TET after 5 years

/in


Amid tight security, around 7 lakh aspirants are rushing to examination centres in West Bengal to appear for the Teacher Eligibility Test (TET) on Sunday after a gap of five years.

Internet will be shut down in six districts before the examination starts at 12 noon. “In the districts of Uttar Dinajpur, Malda, Murshidabad, Purba Medinipur, Paschim Medinipur and Dakshin Dinajpur, any data-related message shall not be transmitted in the larger public interest. This order shall come into force with effect from 11.30 am on December 11 to 2.30 pm,” read an order issued by the state government.

The TET examination is conducted for the recruitment of assistant teachers in government-aided/ government-sponsored/junior basic primary schools for classes 1 to 5. A total of 6,90,931 candidates will appear for the TET examination which will be held at 1,453 centres this year from 12 pm to 2.30 pm. The West Bengal Board of Primary Education (WBBPE) has made biometric testing of TET candidates mandatory, besides installing CCTV cameras at all examination centres. Metal detectors have also been provided for frisking candidates. The board has also sent guidelines to all district magistrates and the Kolkata police commissioner.

The metro rail and state transport department has announced additional services so that candidates face no issues in reaching their examination centres. The Metro has been crowded since morning unlike usual Sundays. The metro rail is running 138 trains (69 UP and 69 DN) — additional eight (4 UP and 4 DN) train services — for TET candidates on the North-South Corridor (Blue Line). Metro services are available at an interval of seven minutes before the start of the examination, instead of the normal 15-minute interval on Sundays, while in the afternoon, trains will run at 10-minute intervals.

Many candidates reached their examination centre much before the stipulated time. The gates were opened at 9.30 am. “I have been preparing for it for a long time, so I’m not nervous. However, I prefer not to be late so I reached here at around 9 am,” said Prapti Sen, a candidate waiting outside City College.

According to the instructions issued by the board, no candidate…

Source…

Tulsa computer system hacks stopped by security shutdown

/in


TULSA, Okla. (AP) — Most residents of Tulsa are being prevented from paying their water bills after the city shut down its computer network as a security measure following an attempted ransomware attack, a city official said Friday.

The attempted breach was stopped before any personal data was accessed, city spokesman Carson Colvin said. Tulsa detected malware in its network May 6 and immediately started shutting it down to prevent hackers from accessing anything sensitive.

“It didn’t get far enough into the system to get personal data,” Colvin said.

The primary effect of the shutdown — which could last from several more days to about a month — is payment for city water services, either online or in person, because the city cannot process credit or debit cards with computers inoperable.

Residents will have five days after online payments are again possible to pay their bills without penalty, Colvin said.


The city said Thursday that police and fire responses continue, but issues such as uploading police body cameras are slowed because of the computer shutdown.

Mayor G.T. Bynum on Thursday said the hackers told the city to pay a ransom or else it would publicize that it had broken into the network, but Bynum said Tulsa didn’t pay and instead announced the breach on its own.

Bynum said the hackers’ identity is known, but he did not reveal who they are.

Federal investigators are assisting the city, Bynum said.

Tulsa is the 33rd local government in the U.S. to be hit with a ransomware attack this year, according to a tally kept by ransomware expert Brett Callow, a threat analyst at the security firm Emsisoft.

Earlier this month a ransomware attack by a criminal gang that calls itself DarkSide forced the shutdown of a vital U.S. pipeline that led to gas shortages. Georgia-based Colonial Pipeline announced last week it had begun the process of restarting the pipeline’s normal operations, delivering fuel to states from Texas to New Jersey.

Source…