-
-
Re: FBI Security Alerts
Toshiba Tec France Imaging System said on Friday that DarkSide, the hacking group blamed for crippling a major U.S. pipeline company, had targeted it in a ransomware attack during the night of May 4.
The unit of Japanese conglomerate Toshiba Corp said in a statement that only a minimal amount of work data was lost during the cyberattack and no leaks of data had been detected. It said it had put protective measures in place immediately after the attack.
Toshiba Tec France Imaging System also said its teams remained mobilised to deal with the situation.Comment
-
Re: FBI Security Alerts
'Significant' ransomware attack forces Ireland's health service to shut down IT systems
IT systems for Ireland's health service have been taken offline as a "precaution" and some outpatient appointments have been cancelled.
Ireland's health service has taken all of its IT systems offline as a precaution after what the organisation describes as a "significant" ransomware attack.
The Health Service Executive (HSE), which is responsible for healthcare and social services across all of Ireland, said it had shut down all IT systems as a "precaution" in order to protect the network from a ransomware attack.
"There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners," HSE said on Twitter.
"We apologise for inconvenience caused to patients and to the public and will give further information as it becomes available."
HSE said Ireland's COVID-19 vaccination programme is not affected by the ransomware incident and the National Ambulance Service is operating as normal.
According to The Irish Times
"There has been no ransom demand at this stage. The key thing is to contain the issue," he said.
The ransomware attack against HSE comes in the same week that a ransomware gang walked away with almost $5m in Bitcoin after a successful ransomware attack targeting Colonial Pipeline, one of the largest pipeline operators in the United States.Comment
-
Re: FBI Security Alerts
The timing of several months does line up with what I've seen from some of my federal customers. There's been a pretty big security audit going on across several branches that's been staged out for the last two to three years, with some of them going back even further. In the last month or so we've been getting action items from the audit's findings. I've been pretty lucky so far, but there have been some higher level changes that will make things tougher to support for some of my customers.
About two years back, I had a pile of paperwork to fill out on some of the operations for the very small subcontracts I support for an agency. The larger contractors had been doing more detailed versions of the same thing for at least a year or two before that. It was planned pretty far in advance from what I understand.Comment
-
Re: FBI Security Alerts
... Toshiba is being requested to swap out the Secure Encrypted Hard Drives that come standard in their copiers and replace them with more expensive FIPS drives that are DOD certified. FIPS = Federal Information Processing Standard.
The 140 series of Federal Information Processing Standards (FIPS) are U.S. government computer security standards that specify requirements for cryptography modules. There are currently 4 levels of FIPS certification, each more stringent and difficult to obtain. FIPS 140-2 Level 2 certification is a big step. Level 2 adds requirements for evidence showing the device has been tampered with.
FIPS is being talked about in security circles as the de-facto standard, as a feather in the cap of your security offering.Comment
-
Re: FBI Security Alerts
Windows 10 has a built-in ransomware block, you just need to enable it | PC GamerComment
-
Re: FBI Security Alerts
Report: Oldsmar water hack came after city computer visited compromised website
Report: Oldsmar water hack came after city computer visited compromised website
Investigation finds watering-hole attack discovered targeting water utilitiesComment
-
Re: FBI Security Alerts
Wanted: Millions of cybersecurity pros. Salary: Whatever you want
A series of major digital security breaches over the past year are serving as a wake-up call to Corporate America about the need to invest in cybersecurity.
Friday brought yet another reminder of the risk of cyberattacks, when Microsoft (MSFT) said the hackers behind the 2020 Solar Winds breach launched a new attack on more than 150 government agencies, think tanks and other organizations globally.
But perhaps the most striking recent example is the Colonial Pipeline ransomware attack, which forced the company to shut down the pipeline temporarily โ resulting in gas shortages and price spikes in multiple states over several days. The debacle cost Colonial at least $4.4 million, the amount its CEO admitted to paying the hackers.
In the weeks before the attack, the company had posted a job listing for a cybersecurity manager."As far as I know, this is the first cybersecurity incident that has led to a measurable economic impact on the American population," said Jonathan Reiber, senior director for cybersecurity and policy at AttackIQ and the chief strategy officer for cyber policy under the Obama administration's secretary of defense.
"It should be something that triggers people," he said.
The takeaway from such security breaches, according to experts, is that it's high time for companies to start investing in robust controls and, in particular, adding cybersecurity professionals to their teams.
The only hitch: There's a massive, longstanding labor shortage in the cybersecurity industry.
"It's a talent war," said Bryan Orme, principal at GuidePoint Security. "There's a shortage of supply and increased demand."
Experts have been tracking the cybersecurity labor shortage for at least a decade โ and now, a new surge in companies looking to hire following recent attacks could exacerbate the problem.
The stakes are only growing, as technology evolves and bad actors become more advanced.
In the United States, there are around 879,000 cybersecurity professionals in the workforce and an unfilled need for another 359,000 workers, according to a 2020 survey by (ISC)2, an international nonprofit that offers cybersecurity training and certification programs.
The US Bureau of Labor Statistics projects "information security analyst" will be the 10th fastest growing occupation over the next decade, with an employment growth rate of 31% compared to the 4% average growth rate for all occupations.
"Sadly, there's not a short-term solution," GuidePoint's Orme said. "I think we need to take a long-term view of it โ as a lot of our adversaries do โ to say, how can we systematically build the next generation and the generation after that and create a flywheel of qualified security talent that will be entering the workforce over the next 50 to 100 years?"
Comment
-
Re: FBI Security Alerts
The sad thing is that a lot of those security jobs will go unfilled because Human Resources and hiring managers have incredibly high expectations thanks to cut and paste job requirements. Even entry-level positions ask for multiple yof experience and incredibly expensive certs when really what most of these positions really need are people who can just work to plug existing holes while learning the overall network and the risk factors.
As an IT support provider, it can take a good two to three years in an environment just to get a clear lay of the land and to know where the hidden surprises turn out to be.
Sent from my BlackBerry using TapatalkComment
-
Re: FBI Security Alerts
June 2, 2021
FBI Statement on JBS Cyberattack
As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBIโs highest priorities.
We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.
We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable.
Our private sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries.
A cyberattack on one is an attack on us all.
We encourage any entity that is the victim of a cyberattack to immediately notify the FBI through one of our 56 field offices.
... REvil and Sodinokibi are criminal actors based in Russia and shielded by the Russian gov't.
Comment
-
Adversity temporarily visits a strong man but stays with the weak for a lifetime.Comment
-
Re: FBI Security Alerts
.. the increased tempo of Russian criminal attacks on key US infrastructure (which can only occur with the unspoken approval of the Kremlin) is widely seen as a test for President Biden before his visit with Vladimir Putin in two weeks.
The four most active and profitable cyber criminal gangs in the world are all located in Russia.
These cyber criminal gangs use some of their illegal gains to research and improve their cyber attack weapons.
... for many US citizens who have noticed rising gasoline and beef prices, they are the indirect victims of these cyber attacks.Comment
-
Re: FBI Security Alerts
... the 5th most profitable cyber criminal gang in the world known as the "Darkside" was located in Eastern Europe outside the protection of Russia. The "Darkside" was accused of attacking the Colonial Pipeline in the USA.
It was recently shut down and it's servers were electronically destroyed by an unknown actor plus all of it's bitcoin profits vanished.
Known principals and employees of Darkside are now on Interpol's "most wanted list" and face lengthy jail times.
Both the FBI and the USA's Cyber Command, under the direction of President Biden, has denied responsibility to avoid exposure of "ways and means".Last edited by SalesServiceGuy; 06-03-2021, 04:29 AM.Comment
Comment