back

now browsing by tag

 
 

Employees for #city of #Atlanta allowed to #turn #computers back #on

Employees for the city of Atlanta who haven’t been allowed to turn on their computers after a major hack put the city at risk last week are now being allowed back online.

Atlanta Mayor Keisha Lance Bottoms says teams of city IT experts and outside companies are still trying to diagnose what happened during the cyberattack that has crippled the city’s computer systems and left business at a standstill.

The computers at City Hall were turned off for several days and experts believe the hackers gained access to computers systems through a remote portal.

The attack continues to cause all kinds of problems and is frustrating people who are trying to conduct business with the city. It’s a big pain for people like Eulises Wimberly, who needed to take care of business at municipal court.

“They didn’t tell me anything. They just gave me this piece of paper here to reschedule my appointment again. I feel kind of bad because I had pay $30 for someone to bring me from Lawrenceville over here,” said Wimberly.

Wimberly isn’t the only one running into problems. Lauren Downer and her husband just bought a house and had to do everything the old fashioned way.

“My husband and I closed on our house Friday,” says Downer. “We had no water, the web site was down all weekend so we had no choice but to come in and ask to get our service turned on.”

Downer was able to physically fill out the paperwork needed for new service but it would’ve been much easier had the city website been operable.

City officials, including Mayor Keisha Lance Bottoms insist that critical systems that the police and fire departments use have not been affected so far but many other services are not available.

The mayor likened the cyber crisis to the water infrastructure crisis under Mayor Shirley Franklin’s administration, saying the digital infrastructure needs the same kind of emergency upgrade. The city’s computers have been idle except for those that can run off of hotspots and bluetooth. Everything else is pen and paper.

In addition to the FBI and Georgia Tech, the city has enlisted the help of an Atlanta-based computer company. They’re still trying to determine how the hacker got in. Even if they paid the ransom, they don’t know where the attack started. And that could mean attacks could happen over and over again.

Also, the mayor says there’s no evidence that anyone’s personal information has been compromised.

advertisement:

The post Employees for #city of #Atlanta allowed to #turn #computers back #on appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hacking #back is a #terrible #idea, but #companies are #still #keen to try it

Source: National Cyber Security – Produced By Gregory Evans

Tired of being attacked by cyber criminals, some organisations are keen to take the fight back to the hackers. But the risks of ‘hacking back’ are likely to be much greater than any potential gains.

Hacking back against an assailant — perhaps tracking down the systems they are using and either deleting the information they stole or disabling the computers — is currently illegal. But a new survey from Fidelis Cybersecurity has discovered that companies think they have the capability to respond more aggressively to hacking attacks, should they so wish.

Over half of respondents said that companies should be able to hack back, and that their organisation had the technical ability to identify an intruder, infiltrate their systems and destroy any data that had been stolen after a cyber attack.

And over half of executives said that, if it were legal, they would rather hack back to get the decryption keys after a ransomware attack than pay the criminals to regain access to their data.

Despite believing they could take the fight back to the hackers, in reality most businesses don’t have those skills, said Andrew Bushby, UK director at Fidelis Cybersecurity. Top concerns about such a strategy include issues around attribution — identifying the actual perpetrator — and the risk of collateral damage, according to the survey.

Indeed, if companies were financially liable for any damage caused to innocent computers as part of hacking back, 63 percent of execs said their company would be less likely to attempt it, although a gung-ho 15 percent said they would still give it a go.

This is not an entirely academic discussion: in the US, the Active Cyber Defense Certainty Act — currently in draft — would make it legal for hacking victims to return cyber-fire.

The draft law argues that “as a result of the unique nature of cybercrime, it is very difficult for law enforcement to respond to and prosecute cybercrime in a timely manner, leading to the existing low level of deterrence and a rapidly growing threat.”

Under the proposed law, it would be legal for a defender — the victim of persistent unauthorized intrusions — to use “active cyber defense measures” to access the systems of the attacker to gather information for law enforcement, or to “disrupt continued unauthorized activity against the defender’s own network”.

But companies hacking back would not be allowed to “intentionally” destroy information that does not belong to them or “recklessly” cause physical injury or financial loss, or create a threat to the public health or safety. Companies hacking back could not go near government systems either, and would have to notify the FBI before they did anything.

The draft US law also notes that “computer defenders should also exercise extreme caution to avoid violating the law of any other nation where an attacker’s computer may reside.”

Recipe for disaster
It’s frustrating that cyber criminals can operate with apparent impunity. But even with the caveats in the law it’s hard to see that allowing victims to try to hack back would be anything other than a disaster.

Hackers don’t launch attacks from their own systems; they find some unsecured servers and use them as a staging post. They might route their campaign through dozens of different systems across the world before finally arriving at the network they really want to attack.

Following hackers back through that labyrinth can take days or weeks, and often the trail goes cold. Hacking back could also ruin the digital forensics needed by law enforcement agencies to actually catch the criminals involved.

It’s easy to come up with scenarios where hacking back goes badly wrong. What if a company chasing hackers comes across the stolen secrets of one its main competitors, for example? What if hackers use the systems of a hospital (or a power station) as a staging post for their attacks, and pursuers accidentally damage or destroy medical records (or safety systems)? What if the hackers turn out to be backed by a nation-state: could hacking cause an international incident or instigate a cyberwar skirmish?

Improving IT security should be the priority: many cyber attacks only succeed because companies have failed to patch known vulnerabilities in their systems, or have failed to adopt basics like two-factor authentication. More money to investigate cyber crime would help too. But giving victims the ability to hack back is only likely to exacerbate the situation.

The post Hacking #back is a #terrible #idea, but #companies are #still #keen to try it appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

How To Look #Back To The #Future Of #Cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

How To Look #Back To The #Future Of #Cybersecurity

As if to cap off an already eventful National Cybersecurity Awareness Month—and perhaps proving that there is no honor among thieves—a hacker breached a forum for hackers last week, and is ransoming fellow cyber-attackers’ user data for $50,000. And there certainly seems to be plenty of occasions to increase our awareness of cybersecurity issues.

About 1.9 billion data records got exposed in the 918 data breaches that occurred in the first half of 2017—up 164 percent from the last half of 2016—according to a digital security firm’s study. The U.S. Department of Homeland Security issued a warning last week about the Bad Rabbit ransomware, which is disrupting government, hospital and other systems internationally. And cybersecurity researchers confirmed last week that an enormous botnet has already infected more than one million organizations—and is on the verge of unleashing “the next cyber-hurricane.”

It’s crucial that we learn from these attacks. And—just as some are using high-tech for cyberattacks—others are using blockchain, artificial intelligence and other cutting-edge technology to improve cybersecurity.

Blockchain, AI, and IoT to the rescue

With so many cyberattacks targeting centralized services, blockchain’s decentralized technology offers cyber-defenses from many types of attacks, according to PC Magazine last week. Among the benefits are blockchain’s transparency and distributed nature, which eliminate the single failure points that many hackers prey upon. But …

“The best defense [organizations] have is the same thing that makes them such an appealing target for hackers: a mountain of data,” PC Magazine stated in a different story last week. “By using machine learning algorithms and other artificial intelligence techniques to identify data patterns, vulnerable user behaviors and predictive security trends, companies are mining and analyzing the wealth of data at their disposal to hopefully stop the next breach from happening.”

However, networks and Internet of Things sensors will still require cybersecurity technology, VentureBeat stated this month. Unsecured devices can be terrible liabilities, so organizations should earnestly evaluate the opportunities and vulnerabilities offered by AI and IoT—and ensure that all users are well trained.

Build a tech-savvy phalanx

Technical savvy helps employees across the organization better understand their work environment and, as a result, operate more securely, according to SmartBrief last week. This will only get more important, as data analytics is increasingly crucial to business success—and as workflow automation continues to get cheaper.

And making rules isn’t enough. For example, in healthcare, HIPAA regulations require that organizations train their workers to maintain patient privacy—and punish those who violate policies and procedures. But employee security awareness is the top healthcare data security concern for 80 percent of health IT executives, according to a 2017 healthcare security study.

“Build a culture of cybersecurity among your executive and physician leaders,” Theresa Meadows, CHCIO, Senior VP and CIO of Cook Children’s Health Care System, stated last month. “Educate them about the threats, myths and importance of good cyber hygiene … they can champion the cause among their peers and staff and get them to buy into safety processes.”

Of course, cybersecurity cultures don’t sprout up overnight.

Learning our lessons

Chief information security officers face the increasingly difficult job of convincing their c-suites that cybersecurity expenditures are worth the big bucks, according to Government Computer News this month. CISOs can use their organizations wealth of data to frame cybersecurity in terms that managers and executives can understand, such as managing risk, business continuity and regulatory compliance.

In short, it’s about taking a step back and learning lessons from the big picture.

“We are so overwhelmed with present security concerns that we don’t have the ability to look into the future — or we hesitate to second guess what cybercriminals might end up doing,” IT Business Edge stated last week. “It’s up to us to recognize what we’ve seen in the past in order to rethink our security solutions of the future.”

And last week’s hacking of the hackers’ forum—as well as other events from this year’s National Cybersecurity Awareness Month—have given us plenty of source material to learn from.

The post How To Look #Back To The #Future Of #Cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Back in high school, I went on dates, but…..

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Back in high school, I went on dates, but I was too focused on my career. My parents were like, ‘It’s nice to have a boyfriend, but it’s even nicer to own your house when you’re…

The post Back in high school, I went on dates, but….. appeared first on Become007.com.

View full post on Become007.com

Hackers Target Your Mobile Bank App; You Can Fight Back

Hackers Target Your Mobile Bank App; You Can Fight BackSource: National Cyber Security – Produced By Gregory Evans BRAVE NEW BANK This NerdWallet series delves into what’s new in retail banking and what’s in it for you. We explore some of the surprising things in store for products, tech and security and look at how they’ll affect consumers. By 2021, millions more of us […] View full post on AmIHackerProof.com | Can You Be Hacked?

BUGS IN POPULAR HACKER TOOLS OPEN THE DOOR TO STRIKING BACK

Source: National Cyber Security – Produced By Gregory Evans

THE CONCEPT OF “hacking back” has drawn attention—and generated controversy—lately as geopolitics focuses increasingly on the threat of cyberwar. The idea that cyberattack victims should be legally allowed to hack their alleged assailants has even motivated a bill, the Active Cyber Defense Certainty Act, that representative Tom Graves of Georgia…

The post BUGS IN POPULAR HACKER TOOLS OPEN THE DOOR TO STRIKING BACK appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Israel security chief: Agency strikes back at online hackers

Source: National Cyber Security – Produced By Gregory Evans

Israel’s security chief said Tuesday that the Shin Bet has gone on the offensive against hackers trying to carry out cyberattacks against Israel on the internet. The remarks by Nadav Argaman are a rare admission of Israel’s use of offensive cyber capabilities. Argaman comments were made at a cyber defense…

The post Israel security chief: Agency strikes back at online hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hacked: How Business Is Fighting Back Against the Explosion in Cybercrime

Source: National Cyber Security – Produced By Gregory Evans

Business is under assault from cybercriminals like never before, and the cost to companies is exploding. Here’s what you need to know about safeguarding your digital assets. 1. Under attack In the summer of 2015, several of New York’s most prestigious and trusted corporate law firms, including Cravath Swaine &…

The post Hacked: How Business Is Fighting Back Against the Explosion in Cybercrime appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hack Back law would create cyber vigilantes

Source: National Cyber Security – Produced By Gregory Evans

Hack Back law would create cyber vigilantes

The Active Cyber Defense Certainty Act revision demonstrates what happens when you rely upon limited information and a cowboy mentality. Tom Graves (R-GA) released an update to the initial Active Cyber Defense Certainty Act (ACDC) that intends to exempt victims of cyber attacks from being prosecuted for attempting to hack…

The post Hack Back law would create cyber vigilantes appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Proposed ‘Hack Back’ Bill Would Help Companies Hunt Down Hackers

Source: National Cyber Security – Produced By Gregory Evans

Proposed ‘Hack Back’ Bill Would Help Companies Hunt Down Hackers

Today’s topics include a Georgia congressman looking to breathe new life into a controversial proposed hack back bill; Google adding new anti-phishing features to Gmail; IBM and Cisco joining forces to integrate threat intelligence to improve cyber-security; and Microsoft partners readying Windows mixed reality headsets in time for the holidays….

The post Proposed ‘Hack Back’ Bill Would Help Companies Hunt Down Hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures