Posts

Valley News – Malware on employee’s company computer led to cyber attack on UVM Medical Center

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


One afternoon in late October, the information technology department at the University of Vermont Medical Center started receiving reports of glitching computer systems across its network.

Employees reported they were having trouble logging into business and clinical applications.

Some reported the systems weren’t working at all. Within a few hours, the IT department began to suspect the hospital was experiencing a cyberattack.

The possibility was very much on the IT team’s radar, as several other major hospital networks nationwide fell victim to cyberattacks earlier last fall.

Immediately, UVM Medical Center cut off all internet connections to the network to protect what data it could. Soon after, the department discovered a text file on a network computer, apparently left by the perpetrators of the attack.

“It basically said: ‘We encrypted your data; if you wanna get the key to un-encrypt it, contact us,’ ” explained Doug Gentile, senior VP of network information technology at the medical center. “There was no specific ransom note, no specific dollar amount or anything like that, it was just: ‘Here’s how you contact us.’ ”

The department immediately contacted the FBI and opted not to reach out to the attackers. “Even if you contact them, even if you pay them, you have no guarantee they’re gonna deliver anything,” Gentile said.

Over the ensuing weeks, UVM Medical Center worked closely with the FBI to investigate the source of the attack while the hospital operated without access to most of its data for several weeks.

“Of course we have standard procedures for if systems go down, but being down for two to three weeks is beyond what we ever expect. It was stressful for people,” Gentile said. The attack cost the hospital between $40 million and $50 million, mostly in lost revenue.

But it could have been worse.

“While it was a significant inconvenience and a big financial hit, the fact that no data was breached was huge,” Gentile said. When the cyberattack was discovered, hospital officials feared patient data could be stolen. Things like Social Security numbers, insurance information, and medical records were all on the line.

Often, in cases like…

Source…

Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter by clicking HERE.



a screen shot of a computer: Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance | Jen Easterly sworn in as director of DHS cyber agency


© istock
Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance | Jen Easterly sworn in as director of DHS cyber agency

Welcome and Happy Tuesday! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.

Loading...

Load Error

Websites used by the cyber criminal group known as REvil went dark Tuesday, just over a week after the group was linked by cybersecurity experts to the ransomware attack on software company Kaseya. While it is unknown why the websites went dark, President Biden last week urged Russian President Vladimir Putin to take further steps against hackers based in his country, and hinted to reporters that the U.S. had the option of disrupting the hackers’ servers.

Meanwhile on Capitol Hill, the House Appropriations Committee marked up the annual Department of Homeland Security appropriations bill, approving a proposal that included millions to pay for technologies that surveil immigrants.

SUSPICIOUS TIMING FOR A HOLIDAY: Websites on the dark web used by a criminal hacking group believed to be behind the recent massive ransomware attack on software company Kaseya went offline Tuesday.

The hacking group, REvil, is believed to be based in Russia, and has been linked by the FBI to the ransomware attack in May on JBS USA, the nation’s largest beef producer. The more recent attack on Kaseya impacted up to 1,500 companies, many of them small businesses.

According to The New York Times, the websites on the dark web used by REvil to negotiate payment with victims and lists of companies it had targeted went dark early on Tuesday morning.

John Hultquist, the vice president of Analysis at cybersecurity group FireEye’s Mandiant Threat Intelligence, confirmed the takedown, saying in a statement provided to The Hill Tuesday that “at the time of analysis…

Source…

John McAfee, the Silicon Valley Entrepreneur Who Died in a Spanish Jail

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


John McAfee

made a fortune estimated at more than $100 million from antivirus software for computers in the early 1990s and then pursued an increasingly bizarre life of adventure and run-ins with legal authorities in the U.S., Central America and Europe.

“My personality is such I can’t do something halfway,” he told The Wall Street Journal in 2007. At the time, the entrepreneur was 61 years old and was then focused on his hobby of flying small, open-cockpit planes around the desert. Mr. McAfee’s legend continued to spread through his promotion of yoga and cryptocurrencies with unfiltered and sometimes sexually explicit and profanity-laden speech on social media and in interviews. He died Wednesday in a Spanish jail cell; authorities said his death was likely a suicide.

On Friday his wife,

Janice McAfee,

told reporters in Spain that John planned to appeal an extradition order to the U.S. in connection with federal tax-evasion charges, the Associated Press reported, and he told her Wednesday that “‘I love you and I will call you in the evening.’”

John David McAfee was born in England on Sept. 18, 1945, according to public records. He is widely reported to have been raised in Salem, Va., by an American father and a British mother.

A 2013 profile of him in Wired said his father worked as a road surveyor and his mother as a bank teller. The article quoted Mr. McAfee as saying his father was a heavy drinker and beat him and his mother severely. The father shot himself when John McAfee was 15, according to the Wired article, which quoted the software company founder as saying about his father: “Every relationship I have, he’s by my side; every mistrust, he is the negotiator of that mistrust.”

He graduated from Roanoke College in 1967 with a degree in mathematics. Over the next two decades, he worked for a variety of companies including

Lockheed Corp.

doing work involving computers and software. As a sideline, he operated a business called American Institute for Safe Sex Practices, one of several ventures that sold…

Source…

Meat plant closures spreading after cyberattack on JBS – Silicon Valley

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


By Fabiana Batista, Michael Hirtzer and Elizabeth Elkin | Bloomberg

A cyberattack on JBS SA, the largest meat producer globally, has forced the shutdown of some of the world’s largest slaughterhouses, and there are signs that the closures are spreading.

JBS’s five biggest beef plants in the U.S. — which altogether handle 22,500 cattle a day — have halted processing following a weekend attack on the company’s computer networks, according to JBS posts on Facebook, labor unions and employees. Those outages alone have wiped out nearly a fifth of America’s production.

Slaughter operations across Australia were also down, according to a trade group. One of Canada’s largest beef plants was idled for a second day.

It’s unclear exactly how many plants have been affected by the attack globally as JBS has yet to release details that granular. The prospect of more extensive shutdowns around the world is already upending agricultural markets and raising concerns about food security as hackers increasingly target critical infrastructure. In the U.S., JBS accounts for about a quarter of all beef capacity and roughly a fifth of all pork capacity. Livestock futures slumped while pork prices rose.

The Brazilian meat giant shut its North American and Australian computer networks after an organized assault on Sunday on some of its servers, the company said by email. Without commenting on operations at its plants, JBS said the incident may delay certain transactions with customers and suppliers.

“Retailers and beef processors are coming from a long weekend and need to catch up with orders,” Steiner Consulting Group said in its Daily Livestock Report. “If they suddenly get a call saying that product may not deliver tomorrow or this week, it will create very significant challenges in keeping plants in operation and the retail case stocked up.”

JBS closed meat processing facilities in Utah, Texas, Wisconsin and Nebraska and canceled shifts at plants in Iowa and Colorado on Tuesday, according to union officials and employees. Union Facebook posts also said some kill and fabrication shifts in the U.S. have also been canceled. Pork and chicken facilities across the nation are also…

Source…