Posts

Negotiations continue with ‘threat actor’ who hacked DMACC computer networks


Rob Denson

The president of Des Moines Area Community College says the institution’s insurance company continues to negotiate with hackers who shut down DMACC’s computer networks on June 2.

Rob Denson says it does not appear any accounts were compromised.

“Our insurance company is talking to the threat actor. We’re not a part of that discussion at this point,” Denson says. “They want to make sure they don’t tell us anything that we might share that could impact the status of any negotiations, but again we’ve not seen anything or been told of anything that’s of any real significance.”

Denson has confirmed it was a ransomware attack, but DMACC did not pay a ransom and has relied upon its insurer to handle the details.

“They brought in all kinds of attorneys, consultants that have worked with us and have been through many, many of these,” Denson said. “We had passwords and some emails that we believe were impacted. We’ve just reset all of those.”

Experts have gone through over 6000 DMACC computers, searching for malicious software, but Denson says none was found. Denson made his comments during taping of the “Iowa Press” program that airs this Friday night on Iowa PBS.

DMACC canceled online classes on June 3 and wound up closing the entire campus on June 4 due to the security breach. In-person classes resumed five days later, but online classes didn’t start back up until last week.

Source…

Hacking Danger: Peloton users warned of new security threat relating to bike’s touchscreen

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Peloton users are being warned of a new security threat relating to the touchscreen on their Bike+ that could potentially be controlled by hackers.

In a report released Wednesday, cybersecurity company McAfee discovered a vulnerability that allows hackers to access Peloton’s bike screen and potentially spy on riders using its microphone and camera. However, the threat most likely affects only the $2,495 bike used in public spaces, such as in hotels or gyms, because the hacker needs to physically access the screen using a USB drive containing a malicious code.

According to McAfee’s Advanced Threat Research team, a hacker can discreetly control the stationary bike’s screen remotely and interfere with its operating system. That means hackers could, for example, install apps that look like Netflix or Spotify and steal the users’ log-in information. Perhaps more alarmingly, the cybersecurity team was able spy on users via the camera and microphone, which is normally used for video chats with other users.

“As a result, an unsuspecting gym-goer taking the Peloton Bike+ for a spin could be in danger of having their personal data compromised and their workout unknowingly watched,” the report said. It also warned the hacker could configure this spyware at any point, including during the supply chain or delivery process, without the owner knowing.

Internet-connected devices, whether they are bikes, computers or even refrigerators, are all susceptible to hacks. Cyberattacks have increasingly caught the public’s attention, with high-profile companies including McDonald’s, Microsoft and Electronic Arts publicly revealing recent security breaches.

McAfee said it pored over Peloton’s software with a “critical eye” to find vulnerabilities and warn users. The two companies worked together to “responsibly develop and issue a patch.”

Peloton released a mandatory software update that fixes the issue to users earlier this month. The security risk doesn’t affect the lower-priced Peloton Bike because it uses a different type of touchscreen.

This is an important reminder for users of all connected devices to activate automatic software updates to keep them protected against the latest attacks, according to…

Source…

Can the ransomware threat be stopped? – Aljazeera.com

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.



Can the ransomware threat be stopped?  Aljazeera.com

Source…

Ransomware most insidious cyber threat facing UK

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


While cyber warfare, espionage and other malicious activity backed by foreign states are pressing concerns from the perspective of an international relations specialist or foreign policy wonk, the past year and a half has demonstrated how and why ransomware is the most dangerous and insidious cyber security threat facing the country, according to National Cyber Security Centre (NCSC) CEO Lindy Cameron.

“What I find most worrying isn’t the activity of state actors. Nor is it an improbable cyber armageddon. What I worry most about is the cumulative effect of a potential failure to manage cyber risk and the failure to take the threat of cyber criminality seriously,” Cameron told a virtual audience at the Royal United Services Institute (RUSI) think tank’s annual security lecture.

“For the vast majority of UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary threat is not state actors but cyber criminals, and in particular the threat of ransomware.”

Cameron said this had become more evident than ever before during the course of the pandemic, which had also served to demonstrate just how insidious ransomware actually is in terms of its impact not just on victims’ data, finances and reputation, but on operations that impact people’s lives.

“We have seen it affect the NHS with WannaCry, prevent students accessing classes in the last few weeks, and shut down local authorities at great cost to the public purse, meaning the public cannot access services, pay their bills or, in some cases, even buy a house,” she said.

In her speech, Cameron covered a good deal of ground with which the cyber community will be familiar, discussing trends such as the evolution of double extortion attacks and affiliate or ransomware-as-a-service (RaaS) “business models”, and as the increasing ‘professionalisation’ of ransomware operators, some of whom now conduct ransom negotiations with the air of a legitimate IT technical support desks.

Cameron urged business leaders to take the issue more seriously. “Some of the most powerful testimonies I’ve heard since starting this…

Source…