Tag: state | Page 3

Planes dropping out of the sky. Your mobile rendered useless, just like your car. As a Netflix film portrays a nightmare that security experts insist is a very real prospect… How will YOU survive on the day an enemy state switches off the internet?

January 6, 2024/in Internet Security

An oil tanker ploughs into a tourist beach. Planes fall from the sky. Driverless cars run amok. The internet fails and the mobile network dies. Feral instincts take over as people fight for food, water and medicine amid the ruins of civilisation.

That is the nightmare vision depicted in Leave The World Behind, Netflix‘s recent hit film starring Julia Roberts and Ethan Hawke as a couple battling societal breakdown when the technology that underpins civilisation collapses.

It’s fictional, but it touches on deep-seated, real-life fears.

The film is produced by Michelle and Barack Obama‘s company, Higher Ground. The ex-president was closely involved in shaping the plot, which dramatises many of the cyber-security issues on which he was briefed during his eight years in the White House.

For our 21st-century lives are almost entirely dependent on complex technologies that many do not understand — and that can so easily be exploited by our enemies.

Maintaining a car, for example, was previously a job for any competent motorist and their local mechanic. Now our vehicles are computers on wheels, their inner workings a mystery.

A scene from Leave The World Behind. The film is produced by Michelle and Barack Obama’s company, Higher Ground

A nightmare vision of the future is depicted in Leave The World Behind, Netflix’s recent hit film starring Julia Roberts and Ethan Hawke as a couple battling societal breakdown when the technology that underpins civilisation collapses

We used to navigate with paper maps and landmarks. But with his car’s satnav out of action, Ethan Hawke’s character Clay Sandford is unable even to find his way to the nearby town.

Our telephone system used to run on sturdy copper wires, with handsets you could fix with a screwdriver. Now it is a branch of cyberspace.

So, too, is finance. Remember when a credit card’s embossed number left an imprint on a paper slip? Not any more. Our payment system depends wholly on electronic encryption.

What use is cash in the modern world? In the film, with the internet gone, it becomes a prized asset.

If the technologies we rely on break down, many of us will be as helpless as Hawke’s Clay Sandford. ‘I am a useless man,’…

Source…

USB worm unleashed by Russian state hackers spreads worldwide

November 22, 2023/in Computer Security

A group of Russian-state hackers known for almost exclusively targeting Ukranian entities has branched out in recent months either accidentally or purposely by allowing USB-based espionage malware to infect a variety of organizations in other countries.

The group—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security Service of Ukraine. Most Kremlin-backed groups take pains to fly under the radar; Gamaredon doesn’t care to. Its espionage-motivated campaigns targeting large numbers of Ukrainian organizations are easy to detect and tie back to the Russian government. The campaigns typically revolve around malware that aims to obtain as much information from targets as possible.

One of those tools is a computer worm designed to spread from computer to computer through USB drives. Tracked by researchers from Check Point Research as LitterDrifter, the malware is written in the Visual Basic Scripting language. LitterDrifter serves two purposes: to promiscuously spread from USB drive to USB drive and to permanently infect the devices that connect to such drives with malware that permanently communicates with Gamaredon-operated command and control servers.

“Gamaredon continues to focus on [a] wide variety [of] Ukrainian targets, but due to the nature of the USB worm, we see indications of possible infection in various countries like USA, Vietnam, Chile, Poland and Germany,” Check Point researchers reported recently. “In addition, we’ve observed evidence of infections in Hong Kong. All this might indicate that much like other USB worms, LitterDrifter [has] spread beyond its intended targets.”

Enlarge / Virus Total Submissions of LitterDrifter

Check Point Research

The image above, tracking submissions of LitterDrifter to the Alphabet-owned VirusTotal service, indicates that the Gamaredon malware may be…

Source…

North Tonawanda School District tightens computer system security after state audit

November 18, 2023/in Computer Security

The North Tonawanda City School District has tightened protection of its computer network following an audit of its security procedures, according to a report from the State Comptroller’s Office.

“Most of the issues that were identified during the audit were addressed immediately,” School Superintendent Gregory J. Woytila wrote in response to technology audit for time between July 1, 2022, and April 12, 2023. “These enhancements will be part of the corrective action plan drafted in response to the findings.”

Auditors discovered 246 unnecessary user accounts that were subsequently disabled. Fifty-five of them were non-student accounts assigned to previous district employees, contractors and interns. One of them had been assigned to a substitute teacher who left in 2019.

The audit also found 29 unnecessary shared user accounts which were disabled and learned that no one kept track of the accounts or had a policy to disable them. Auditors said they were told that no policy had been developed because the district had not experienced a data leak or cyberattack in more than 20 years.

The audit additionally advised the district to develop an IT contingency plan so that employees could communicate and continue doing their jobs in case of a disruption.

Source…

Nearly all people in US state of Maine affected by Moveit hack

November 13, 2023/in Internet Security

A statement issued by the government of Maine in the US notified 1.3m residents that their personal data may have been stolen in a cyberattack in May.

Nearly the entire population of the US state of Maine has fallen victim to the latest Moveit hack after the personal information of 1.3m was stolen by criminals.

First reported in June, the global Moveit breach, in which hackers exploit a zero-day vulnerability in the file transfer software, has affected companies and government agencies on both sides of the Atlantic, including banks, universities, insurance and healthcare providers.

One of the first incidents announced affected 45,000 students in the New York City Department of Education system. The agency revealed that students’ personal information, such as social security numbers and birth dates, was stolen.

In July, the hack hit closer to home, after Dublin Airport became the latest victim of the cyberattack. Pay and benefits information of some Dublin Airport employees was compromised in a third-party cyberattack affecting Aon, airport management company DAA confirmed to SiliconRepublic.com at the time.

Microsoft attributed the hack exploiting the Moveit zero-day vulnerability to Lace Tempest, a reportedly Russian-speaking cybercrime group known for similar ransomware operations and running the Clop extortion site, which was also responsible for the GoAnywhere MFT attack in March.

Now, 1.3m residents of Maine in north-eastern US have been notified by the state government that they have been impacted by a cyberattack after a “software vulnerability” was exploited by a group of hackers who accessed and downloaded files belonging to agencies in the state.

A statement issued by the government read that the incident happened between 28 and 29 May 2023.

“The state of Maine has determined that this incident has impacted approximately 1.3m individuals, with the type of data affected differing from person to person,” it read.

“The state encourages individuals to reach out to its dedicated call centre to verify if they were affected and, if so, to identify what specific data of theirs was involved.”

Types of data stolen as part of…

Source…

Tag Archive for: state