Classes were canceled after a it was discovered that its computer network had been hacked. The college is now back online after almost five days the officials at Clackamas College says that the investigation is ongoing, and they are not sure what the hackers have stolen. The IT team in tandem with law enforcement are continuing to investigate.
The United Kingdom’s National Cyber Security Centre (NCSC) warns that artificial intelligence (AI) tools will have an adverse near-term impact on cybersecurity, helping escalate the threat of ransomware.
Bucks County is investigating a cybersecurity incident affecting the computer-aided dispatch system
This past weekend Buck’s County experienced a cybersecurity incident that affected the county’s computer-aided dispatch (CAD) system since Sunday, shutting down some automated features associated with 911 calls. The state and federal agencies are working with the county to investigate, and the county IT is assessing the issue and working to restore service.
Bucks Co. Department of Emergency Communications says cybersecurity incident shut down dispatch system; 911 calls still received – 6abc Philadelphia
Bitdefender Labs, a smart home cybersecurity firm, recently discovered a significant vulnerability in the Bosch BCC100 thermostat. This issue could allow hackers to access and manipulate the thermostat’s settings or even install malicious software. This discovery underscores a broader concern. https://www.foxnews.com/tech/another-home-thermostat-found-vulnerable-to-attack
750 in the US and 3.5 million jobs globally are unfilled at the moment. The director of Fordham center for cybersecurity and one of the conference organizers says that hands-on experience is crucial in cybersecurity because simple missteps can lead to disastrous consequences. Students at the conference and school participate in cyber competitions that are tasked with stepping in the shoes of hackers to learn their methods from the inside out. The growing need for positions requiring cyber training and experience means there’s no shortage of options for students entering the market.
Topic : US, UK, Australia Sanction Russian Man Over Ransomware Attack on Healthcare Insurer
Australia has imposed sanctions on Alexander Ermakov, a Russian national, for his alleged involvement in the October 2022 Medibank cyberattack, during which personal information of almost 10 million Australians was compromised. The cybercriminals, associated with the REvil ransomware group, claimed to have stolen 200 GB of files from Medibank and posted sensitive medical details on the dark web after the company refused to pay a ransom. Ermakov’s sanctions mark the first use of Australia’s cyber sanction powers. The US and the UK also announced sanctions against Ermakov in solidarity with Australia, citing the similar threat he posed to their nations. Ermakov and the Medibank attack are linked to the REvil ransomware group, despite Russian authorities allegedly dismantling the group in January 2022. The incident underscores the persistence of cybercriminals and their ability to regroup or launch new operations even after law enforcement attempts to dismantle them.
Challenges and opportunities old and new will shape another year in the cybersecurity space and a few points to note here are below as security experts share their forecasts and how security leaders can prepare themselves for the upcoming year.
-Generative AI is going to fuel more sophisticated cyberattacks as well as more advanced defense and detection capabilities.
-Threat actors are taking advantage of complex supply chains and targeting third-party vendors to achieve their goals.
-As more embrace a cloud-first approach, threat actors are looking for ways to target hybrid and multi-cloud environments.
Governments are striking back against ransomware groups this week, including sanctions and sentencing a person to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against a Russian national believed to be responsible for the 2022 Medibank hack and a member of the REvil ransomware group, On Thursday, the US government sentenced another Russian national to five years four months in prison for the creation and distribution of the TrickBot malware and involvement in ransomware operations.
Bucks County emergency service providers have determined that a ransomware group calling themselves “Akira” were behind a cyber attack that froze and disabled emergency services systems last week. The attack, which targeted computer-assisted emergency response systems, locked first responders out of critical systems, a critical error that could cost lives. Without access to these systems, first responders are unable to provide essential services such as medical aid or response and may place people at risk from lack of service. Ransomware and other malicious groups like Akira are becoming more common unfortunately and organizations will require evolving and comprehensive security policies to adapt to these risks
NSA Admits Secretly Buying Your Internet Browsing Data without Warrants
The U.S. National Security Agency (NSA) has acknowledged purchasing internet browsing records from data brokers without a court order, as revealed by U.S. Senator Ron Wyden. Wyden criticized this practice, arguing that the government should not support an industry violating Americans’ privacy both unethically and unlawfully. The acquired metadata, detailing users’ browsing habits, poses a significant privacy risk, potentially revealing personal information based on visited websites. Wyden called for measures ensuring intelligence agencies only procure data obtained lawfully. In response, the NSA claimed to have compliance regimes in place, minimizing the collection of U.S. person information. This revelation echoes previous instances of intelligence agencies obtaining sensitive data from companies without requiring court orders, prompting concerns about privacy and the legal ambiguity surrounding such practices.
URL: https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html
This article talks about the future of cybersecurity. One key point being mentioned is anxiety. Specifically in regards to AI. While some companies are positively utilizing AI, 71% of polled people express concern over AI. A big contributor to the anxiety is employees concerned about being able to prepare for an AI driven cyber attack. A figure brought up is cyber attacks have increased 75% within the last 5 years, and AI can be used to assist in these attacks in the future. Given this is the case, the end of the article says how there needs to be investment in the human side of cybersecurity, and companies must implement a stronger security culture that focuses on the best possible practices.
https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html
A China-based group called Mustang Panda is suspected of targeting Myanmar’s ministry of defence and foreign affairs in campaigns using backdoors and remote access trojans these last few months. According to findings the group has been active since at least 2012 and uses tactics such as using legitimate software to sideload malicious DLLs. Recent attacks have been deploying backdoors capable of harvesting sensitive information. The attacks involve phishing emails, booby-trapped ZIPs and the use of known backdoors like PUBLOAD. The operations align with the interests of the Chinese government, particularly regarding concerns about trade routes and security around the Myanmar-China border. These attacks are cause for concern at the rising tensions in the area.
Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives
https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html
Brazilian law enforcement recently arrested several Brazilian operators involved with Grandoreiro malware. Grandoreiro is a Latin American bank trojan that targets countries such as Spain, Argentina, and Mexico. The trojan can steal data through keyloggers and screenshots, bank login credentials, display fake pop-ups, and block victims’ screens.
Erskine Payton
In the News Article- Week 1
MIS 5214
Temple University
https://www.kptv.com/2024/01/22/clackamas-community-college-cancels-classes-after-cybersecurity-breach/
Classes were canceled after a it was discovered that its computer network had been hacked. The college is now back online after almost five days the officials at Clackamas College says that the investigation is ongoing, and they are not sure what the hackers have stolen. The IT team in tandem with law enforcement are continuing to investigate.
The United Kingdom’s National Cyber Security Centre (NCSC) warns that artificial intelligence (AI) tools will have an adverse near-term impact on cybersecurity, helping escalate the threat of ransomware.
The agency says cybercriminals already use AI for various purposes, and the phenomenon is expected to worsen over the next two years, helping increase the volume and severity of cyberattacks.
https://www.bleepingcomputer.com/news/security/uk-says-ai-will-empower-ransomware-over-the-next-two-years/
Bucks County is investigating a cybersecurity incident affecting the computer-aided dispatch system
This past weekend Buck’s County experienced a cybersecurity incident that affected the county’s computer-aided dispatch (CAD) system since Sunday, shutting down some automated features associated with 911 calls. The state and federal agencies are working with the county to investigate, and the county IT is assessing the issue and working to restore service.
Bucks Co. Department of Emergency Communications says cybersecurity incident shut down dispatch system; 911 calls still received – 6abc Philadelphia
Bitdefender Labs, a smart home cybersecurity firm, recently discovered a significant vulnerability in the Bosch BCC100 thermostat. This issue could allow hackers to access and manipulate the thermostat’s settings or even install malicious software. This discovery underscores a broader concern.
https://www.foxnews.com/tech/another-home-thermostat-found-vulnerable-to-attack
https://news.fordham.edu/university-news/cybersecurity-jobs-remain-unfilled-as-need-for-talent-grows/
750 in the US and 3.5 million jobs globally are unfilled at the moment. The director of Fordham center for cybersecurity and one of the conference organizers says that hands-on experience is crucial in cybersecurity because simple missteps can lead to disastrous consequences. Students at the conference and school participate in cyber competitions that are tasked with stepping in the shoes of hackers to learn their methods from the inside out. The growing need for positions requiring cyber training and experience means there’s no shortage of options for students entering the market.
Topic : US, UK, Australia Sanction Russian Man Over Ransomware Attack on Healthcare Insurer
Australia has imposed sanctions on Alexander Ermakov, a Russian national, for his alleged involvement in the October 2022 Medibank cyberattack, during which personal information of almost 10 million Australians was compromised. The cybercriminals, associated with the REvil ransomware group, claimed to have stolen 200 GB of files from Medibank and posted sensitive medical details on the dark web after the company refused to pay a ransom. Ermakov’s sanctions mark the first use of Australia’s cyber sanction powers. The US and the UK also announced sanctions against Ermakov in solidarity with Australia, citing the similar threat he posed to their nations. Ermakov and the Medibank attack are linked to the REvil ransomware group, despite Russian authorities allegedly dismantling the group in January 2022. The incident underscores the persistence of cybercriminals and their ability to regroup or launch new operations even after law enforcement attempts to dismantle them.
Link – https://www.securityweek.com/us-uk-australia-sanction-russian-man-over-ransomware-attack-on-healthcare-insurer/
7 Security Trends to Watch Heading into 2024 – https://www.informationweek.com/cyber-resilience/7-security-trends-to-watch-heading-into-2024#close-modal
Challenges and opportunities old and new will shape another year in the cybersecurity space and a few points to note here are below as security experts share their forecasts and how security leaders can prepare themselves for the upcoming year.
-Generative AI is going to fuel more sophisticated cyberattacks as well as more advanced defense and detection capabilities.
-Threat actors are taking advantage of complex supply chains and targeting third-party vendors to achieve their goals.
-As more embrace a cloud-first approach, threat actors are looking for ways to target hybrid and multi-cloud environments.
Governments are striking back against ransomware groups this week, including sanctions and sentencing a person to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against a Russian national believed to be responsible for the 2022 Medibank hack and a member of the REvil ransomware group, On Thursday, the US government sentenced another Russian national to five years four months in prison for the creation and distribution of the TrickBot malware and involvement in ransomware operations.
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2024-govts-strike-back/
Article: Officials: ‘Akira’ ransomware behind Bucks Co. emergency dispatch system cyberattack
Bucks County emergency service providers have determined that a ransomware group calling themselves “Akira” were behind a cyber attack that froze and disabled emergency services systems last week. The attack, which targeted computer-assisted emergency response systems, locked first responders out of critical systems, a critical error that could cost lives. Without access to these systems, first responders are unable to provide essential services such as medical aid or response and may place people at risk from lack of service. Ransomware and other malicious groups like Akira are becoming more common unfortunately and organizations will require evolving and comprehensive security policies to adapt to these risks
Article Link: https://www.nbcphiladelphia.com/news/local/akira-ransomware-behind-bucks-co-security-attack-that-crippled-emergency-dispatch-system-officials-say/3759350/
NSA Admits Secretly Buying Your Internet Browsing Data without Warrants
The U.S. National Security Agency (NSA) has acknowledged purchasing internet browsing records from data brokers without a court order, as revealed by U.S. Senator Ron Wyden. Wyden criticized this practice, arguing that the government should not support an industry violating Americans’ privacy both unethically and unlawfully. The acquired metadata, detailing users’ browsing habits, poses a significant privacy risk, potentially revealing personal information based on visited websites. Wyden called for measures ensuring intelligence agencies only procure data obtained lawfully. In response, the NSA claimed to have compliance regimes in place, minimizing the collection of U.S. person information. This revelation echoes previous instances of intelligence agencies obtaining sensitive data from companies without requiring court orders, prompting concerns about privacy and the legal ambiguity surrounding such practices.
URL: https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html
Kelly Conger
In the News Article- Week 3
MIS 5214
Temple University
https://threatpost.com/ransomware-attacks-are-on-the-rise/180481/
Just went you thought it was safe to start reading your email again.
https://www.forbes.com/sites/sap/2024/01/29/the-future-of-cybersecurity-is-more-human-than-you-think/?sh=21b8134b3cf9
This article talks about the future of cybersecurity. One key point being mentioned is anxiety. Specifically in regards to AI. While some companies are positively utilizing AI, 71% of polled people express concern over AI. A big contributor to the anxiety is employees concerned about being able to prepare for an AI driven cyber attack. A figure brought up is cyber attacks have increased 75% within the last 5 years, and AI can be used to assist in these attacks in the future. Given this is the case, the end of the article says how there needs to be investment in the human side of cybersecurity, and companies must implement a stronger security culture that focuses on the best possible practices.
https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html
A China-based group called Mustang Panda is suspected of targeting Myanmar’s ministry of defence and foreign affairs in campaigns using backdoors and remote access trojans these last few months. According to findings the group has been active since at least 2012 and uses tactics such as using legitimate software to sideload malicious DLLs. Recent attacks have been deploying backdoors capable of harvesting sensitive information. The attacks involve phishing emails, booby-trapped ZIPs and the use of known backdoors like PUBLOAD. The operations align with the interests of the Chinese government, particularly regarding concerns about trade routes and security around the Myanmar-China border. These attacks are cause for concern at the rising tensions in the area.
Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives
https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html
Brazilian law enforcement recently arrested several Brazilian operators involved with Grandoreiro malware. Grandoreiro is a Latin American bank trojan that targets countries such as Spain, Argentina, and Mexico. The trojan can steal data through keyloggers and screenshots, bank login credentials, display fake pop-ups, and block victims’ screens.