- Ireland: Health service IT systems forced to shut down after ‘fairly sophisticated’ cyber attack
May 14, 2021
Health service IT systems have been shutdown today following a cyber attack that the HSE believes was carried out by international criminals seeking to extort money .
The HSE said the main attack began at around 4.30am on Friday and that IT staff switched off systems as a “precaution” in order to protect data and give ...
- How UK National Health Service learned the lessons of WannaCry to protect hospitals from attack
May 13, 2021
Four years ago, the UK’s National Health Service suddenly found itself one of the most high-profile victims of a global cyberattack.
On 12 May 2017, WannaCry ransomware hit organisations around the world, but hospitals and GP surgeries throughout England and Scotland were particularly badly affected. A significant number of services were disrupted as malware encrypted computers ...
- Colonial Pipeline paid close to $5 million in ransomware blackmail payment
May 13, 2021
Colonial Pipeline reportedly paid the ransomware group responsible for a cyberattack last week close to $5 million to decrypt locked systems.
On Thursday, Bloomberg reported that two people close to the matter said a blackmail demand was agreed to within hours of the cyberattack that has impacted the fuel giant’s systems for close to a week.
- Incremental improvements are not enough as Biden signs order boosting US cyber posture
May 13, 2021
United States President Joe Biden signed an executive order on Wednesday to boost the cyber posture of the federal government.
The order points to recent incidents including the ransomware attack on Colonial Pipeline, Exchange vulnerabilities that led to the FBI removing web shells from US servers, and the SolarWinds attack.
The order said the federal government must ...
- New ransomware: CISA warns over FiveHands file-encrypting malware variant
May 12, 2021
The US Cybersecurity & Infrastructure Security Agency (CISA) has warned organizations to be cautious of a relatively new ransomware variant called FiveHands.
FiveHands ransomware has been around since January 2021, but CISA said it was “aware of a recent, successful cyberattack against an organization” using this strain of file-encrypting malware.
- DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
May 11, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of a ransomware attack affecting a critical infrastructure (CI) entity—a pipeline company—in the United States. Malicious cyber actors deployed DarkSide ransomware against the pipeline company’s information technology (IT) network. At this time, there is no indication that the entity’s ...
- Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure
May 11, 2021
Over the weekend, the Alpharetta, GA based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial ...
- US and Australia warn of escalating Avaddon ransomware attacks
May 10, 2021
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide.
The FBI said in a TLP:GREEN flash alert last week that Avaddon ransomware affiliates are trying to breach the networks of manufacturing, ...
- Colonial Pipeline cyberattack shuts down pipeline that supplies 45% of East Coast’s fuel
May 8, 2021
Colonial Pipeline, which accounts for 45% of the East Coast’s fuel, said it has shut down its operations due to a cyberattack.
The attack highlights how ransomware and other cyberattacks are increasingly a threat to real-world infrastructure. The company delivers refined petroleum products such as gasoline, diesel, jet fuel, home heating oil and fuel for the ...
- Biden Administration Drafting EO to Help U.S. Government Secure Digital Supply Chain
May 3, 2021
Biden Administration Drafting EO to Help U.S. Gov’t Secure Digital Supply Chain
The Biden administration said it’s drafting an executive order to help the United States government better defend itself against digital supply chain attacks.
A Step Up for Federal Procurement
According to NPR, the executive order that’s being drafted will include several initiatives designed to strengthen the ...
- San Diego: Scripps Health Cyberattack Causes Widespread Hospital Outages
May 3, 2021
Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune.
Scripps acknowledged the attack in a statement but didn’t specify whether it was a ransomware incident. It’s also unknown whether the adversaries compromised any patient records ...
- Ransomware Task Force: Ransomware is now a National Security risk
April 30, 2021
Ransomware is a growing international problem and it needs global cooperation in order to prevent attacks and take the fight to the cyber criminals behind the disruptive malware campaigns.
A paper by the Institute for Security and Technology’s (IST) Ransomware Task Force (RTF) – a coalition of cybersecurity companies, government agencies, law enforcement organisations, technology firms, ...
- Microsoft finds memory allocation holes in range of IoT and industrial technology
April 30, 2021
The security research group for Azure Defender for IoT, dubbed Section 52, has found a batch of bad memory allocation operations in code used in Internet of Things and operational technology (OT) such as industrial control systems that could lead to malicious code execution.
Given the trendy vulnerability name of BadAlloc, the vulnerabilities are related to ...
- DC Police confirms cyberattack after ransomware gang leaks data
April 26, 2021
The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data.
The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital.
In a statement to BleepingComputer, the DC Police stated that they are ...