FBI Security Alerts

Re: FBI Security Alerts

Dude, major cyber attacks are happening under the watch of Biden.




Now's not the time for you to be a Fan Boy. Tell the damn truth.

Re: FBI Security Alerts

Ransomware attacks around the world grow by 50%


Flashpoint assesses that at least some of the criminals behind DarkSide hail from another ransomware outfit called “REvil,” a.k.a. “Sodinokibi” (although Flashpoint rates this finding at only “moderate” confidence). REvil is widely considered to be the newer name for GandCrab, a ransomware-as-a-service offering that closed up shop in 2019 after bragging that it had extorted more than $2 billion.

Experts say ransomware attacks will continue to grow in sophistication, frequency and cost unless something is done to disrupt the ability of crooks to get paid for such crimes. According to a report late last year from Coveware, the average ransomware payment in the third quarter of 2020 was $233,817, up 31 percent from the second quarter of last year. Security firm Emsisoft found that almost 2,400 U.S.-based governments, healthcare facilities and schools were victims of ransomware in 2020.

Last month, a group of tech industry heavyweights lent their imprimatur to a task force that delivered an 81-page report to the Biden administration on ways to stymie the ransomware industry. Among many other recommendations, the report urged the White House to make finding, frustrating and apprehending ransomware crooks a priority within the U.S. intelligence community, and to designate the current scourge of digital extortion as a national security threat.

Re: FBI Security Alerts

The New York City subway authority was hacked in April, The New York Times reported on Wednesday, as cyberattacks have targeted America’s energy resources, meat supplies and more.

The attack was orchestrated by a hacking group that is believed to have ties to the Chinese government, according to the publication.

Hackers were unable to gain access to the system that controls the train cars, which could impact rider safety if breached.

But there was concern that the attack left behind a back door that would allow hackers to continue to infiltrate the Metropolitan Transit Authority’s (MTA) operational system, according to a document detailing the hack, which was obtained by The New York Times.

The hack has not been disclosed publicly but the MTA did report it to the proper law enforcement agencies.
A forensic analysis of the cyber attack showed no signs of a back door for hackers or that any customers’ personal information was stolen.

In a statement to The Independent, Rafail Portnoy, the MTA’s chief technology officer, confirmed the cyber attack and said the agency responded “quickly and aggressively” by bringing on Mandiant, a cyber security firm, to assist in the hack.

“Forensic audit found no evidence operational systems were impacted, no employee or customer information breached, no data loss and no changes to our vital systems,” Mr Portnoy said.

“Importantly, the MTA’s existing multi-layered security systems worked as designed, preventing spread of the attack and we continue to strengthen these comprehensive systems and remain vigilant as cyber attacks are a growing global threat,” he added.
Although there was no impact to customers or employees from the cyber attack, the MTA forced 3,700 users (employees and contractors) to change their passwords as a precautionary measure.

Critical infrastructure in the United States has been the target of several cybersecurity hacks in recent months.

In April, Colonial Pipelines, which owns one of the nation’s largest fuel pipelines, experienced a ransomware attack that crippled the company’s operational system for several days. The pipeline runs 5,500 miles between Texas and New Jersey, delivering more than 100 million gallons of fuel to states per day.

Officials were forced to shut down the pipeline for several days in order to restore the system, which caused panic buying among residents and increased gas prices. The company also paid more than $4m in ransom to hacking group DarkSide, a Russia-based criminal organisation.

JBS, the world’s largest meat processing company, experienced a cyber attack this past weekend from ransomware gang REvil, which is believed to operate in Russia, the Associated Press reported. This caused a shutdown, but officials said the “vast majority” of its meat processing plants on Wednesday.

REvil demanded a ransom from JBS, but it was not revealed how much the hackers asked for or if the company paid to restore its operational services.

Hackers in the MTA cyber attack did not request a ransom, according to The New York Times, but experts said they potentially still benefited financially depending on what was acquired during the hack.

Re: FBI Security Alerts

Let's see, ties to the Communist Chinese Government who Hunter Biden has ties to and through Hunter Biden the Communist Chinese Government has ties to Hunter's father, President Biden. No wonder all these cyber attacks started after President Biden took office, he is in a way directing them.

Re: FBI Security Alerts

When it comes to these cyber attacks, I get the impression that Biden is asleep at the wheel. He's letting Putin walk all over him. Where's the response, Joe? I knew all along that Joe was a pussy.

Re: FBI Security Alerts

Unless the feds are going to take over every corporate network, there's really not a lot they can do beyond setting up a means of reporting, triage, and recovery attempts. I would like to see some degree of punishment for blatantly poor practises, or even fines for paying ransom to recover data. The real issue with any kind of legislation is that it usually ends up being too generic to have any bite, or it becomes so restrictive as to lock processes into rapidly out of date methods.

A lot of these groups are in Russia, but tied to organised crime as opposed to the government. The Putin regime is willing to look the other way due to the fact that the attacks are focused on the West. A case in point: several security researchers have found code in multiple malware samples that prevent the code from executing if the primary language on the computer is Russian or other Cyrillic languages. It's similar to malware instances that won't run if the hardware identifier of the system is a virtual machine, as it may be an attempt by a security researcher to examine the malware.

These types of attacks are relatively cheap and have been going on for years. There's certainly more coverage of them now, but sloppy security has been an issue in tech for years. Even worse, it's not often the fault of IT but rather Finance or management which fails to invest in either enough staff or up to date software/hardware.

Outside of a targeted nation state attack, like Stuxnet, most of these attacks could be prevented by:

Strong passwords
Limiting exposure to the public internet by critical systems
Not using administrator accounts for regular tasks
Not using end of life operating systems or software
Keeping all operating systems and software patched to the current levels
Network segmentation
Not clicking on unsolicited links in emails or websites
Have current and tested offline backups of critical systems and applications
Maintain an inventory of all systems and user accounts as well as their purpose
Document and have a plan for disaster recovery

All of this is easy to do, but in the corporate world it becomes a question of scale: you need the staff to ensure that hundreds to thousands and systems spread over multiple locations and/or time zones are kept up to date and properly managed.

I've been fortunate enough in dealing with small business for the most part that if disaster does strike it's easy enough to start over from backups. The one instance with a larger business, I was able to get a professional security firm involved for a full incident response.


Sent from my BlackBerry using Tapatalk

Re: FBI Security Alerts

Personally I think cyber-terrorists should be tortured to death, but I really don't trust the media either. Funny how all of the attacks on the US are published isn't it?
I don't think the US is innocent either on US led attacks on other countries. Perhaps the US should fund cyber attacks(criminals) on Russia's meat industry or energy systems, then maybe Russia would try to control their own cyber criminals.

I forget which movie it was years ago that said dominating the world all comes down to ones and zeros. (I think it was a James Bond flick). They were absolutely correct. BTW the book 1984 propheties are becoming more and more true. I really believe the world is ruled by 12 people who's names we will never know.

Don't crucify me. Just my $02

Re: FBI Security Alerts

... "Security firm Emsisoft found that almost 2,400 U.S.-based governments, healthcare facilities and schools were victims of ransomware in 2020"

... 200 month or 6.7 attacks per day on public services in the USA that were reported. Certainly, many more attacks on private corporations were not reported.

Re: FBI Security Alerts

Anybody find it strange that the industries the radical left wants "abolished"/"banned"/ "removed from existence" are the industries being hit hardest by these ransomware attacks??
Not only that, but those industries also fared worse than most during the pandemic due to certain restrictions/ mandates/ lockdowns that were imposed.
Something seems really fishy with all of this.

Re: FBI Security Alerts


Agreed. It's all a plot by someone.

Re: FBI Security Alerts

Let's leave the politics and conspiracy theories in the Water Cooler area.

Sent from my BlackBerry using Tapatalk

Re: FBI Security Alerts

Was the JBS cyberattack a dry run? Is JBS cyberattack a dry run? | Fox Business

Re: FBI Security Alerts

I think even before the Colonial deal there was cyber attacks on Sony years ago.

Sent from my SM-G960U using Tapatalk

Re: FBI Security Alerts

The rumor mill has it that one of the last two biggy attacks was caused by an employee bringing in a raspberry pi and hooking it into the network (I'm cool, look at my pi type of thing)

The hackers were able to use this idiots toy as a screen door to get their malware on the network. Like I said the rumor mill has it said.


Comptia Security+ states again and again, the most insecure thing on networks are the employees. Workers complain about facebook, personal emails, and general internet access being taken away, but it needs to be done.

I've been in plenty of "national" businesses where the local IT guru is clueless. Often they let me do whatever it takes to get people printing and scanning and emailing without any regard to security. I have been in president's offices where the printer has a public ip because the president wants to be able to print to it from anywhere in the world. Then there is the IOT devices out there that control everything from turning on coffee pots to flushing toilets. I think only in America we need to turn on a coffee maker from work so we have coffee when we get home after work. Lazy people in the US, that's the link into our infrastructure that the hackers will use. US doesn't want good, US doesn't want cheap, what they want is good and cheap. They want stuff from China and who really knows what is in the microchips. They want the IOT to do everything for them so they have bragging rights and don't have to stop eating bon-bons in their lazy-boys.

I love my google pod, but I am scared silly of it being a stepping stone into my home network at some point, same with my netflix, and smart tv.

Re: FBI Security Alerts

Back in 2000, I had installed a Lanier Digital Dictation System at the new Heart Hospital. On Saturday May 6, 2000 I got an early morning call to go there and help their IT person by installing an emergency update to the NT servers. The day before the ILOVEYOU worm had hit the internet. The hospital's IT had original scheduled to update all their computers starting Monday the 8th assuming their firewall had them protected. Early Saturday morning a doctor connected his laptop to the network and took down not only the hospital he was at but all 6 hospital across the country in the group. In a matter of seconds every computer that was turned on was infected. Luckily the dictation system was unaffected as it had no direct connection to the network but their corporate wanted everything updated immediately.