now browsing by tag


#computersecurity | #comptia | Ageing devices biggest threat to cybersecurity as work from home becomes norm – | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

The IT companies are contemplating over extending this arrangement even after COVID-19 infections reduce. But, most companies agree to cybersecurity threat being a sword hanging over their heads

Rukmini Rao        Last Updated: June 10, 2020  | 18:54 IST


  • In 2019, network infra assets of 47.9% businesses aged or turned obsolete
  • Ageing and obsolete devices in technology sector at 59.6%
  • Redirection of spend towards cloud services is resulting in decreased investment

Various sectors across the globe are slowing and in a staggered fashion opening up after nearly five months of lockdown, perhaps with the only exception of information technology sector, which adapted to a different working model to tide over the crisis. The IT companies are contemplating over extending this arrangement even after COVID-19 infections reduce. But, most companies agree to cybersecurity threat being a sword hanging over their heads. However, a recent report by NTT Ltd shows the root cause of cybersecurity threat having substantially increased is perhaps the obsolete or ageing devices.

“The assets of 47.9 per cent  organisations were ageing or turning obsolete as a weighted average, representing a significant surge from 2017, when this figure was just 13.1 per cent. Both connectivity and security are being compromised by enterprises leaving obsolete devices on the network,” the report  said. While the industry average in the use of obsolete and ageing devices is 47.9 per cent, public sector leads the way with 61.7 per cent, and surprisingly close second is the technology sector with 59.6 per cent of devices either ageing or turning obsolete. On an average, an obsolete device has twice as many vulnerabilities per device (42.2 per cent) compared to ageing (26.8 per cent) and current devices (19.4 per cent). Interestingly, the report says that around 2015-16,  businesses started investing and deploying new technology and spending on new devices peaked in 2017 when there were 86.9 per cent of organisations with current (latest) devices. Even as adoption of new wireless infrastructure is on the rise, with an average increase of over 13 per cent year-on-year, ageing and obsolete devices create security vulnerabilities and put businesses at risk of cyber attacks with people logging in from co-working spaces and remote work locations.

One of the biggest reasons behind the lower investment in  on-premises infrastructure, according to report, is the growth in cloud spend outpacing that in overall IT spend. This is what is leading to lower investments. Cloud adoption and spend were predicted to grow at a faster rate and in the region of 21-25 per cent CAGR until 2023. “The increase in on-premises, ageing and obsolete devices is partially due to a redirection of spend towards Software-as-a-Service (SaaS) and other cloud services, which results in a decrease in investment in on-premises infrastructure. However, we anticipate that there will be a significant increase in people working from home, even after pandemic reduction measures are lifted,” the report said.

Also Read: Coronavirus treatment cost: Tamil Nadu hospitals can’t charge above Rs 15,000 a day

Also Read: Vizag gas leak: Andhra govt forms committee to probe incident; seeks report by June 22

Source link


Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

Posted in Computer Security, Hacking, Network Security, News Wire

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #computersecurity | #comptia | Ageing devices biggest threat to cybersecurity as work from home becomes norm – | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Councils’ parking app hit by ransomware attack

Source: National Cyber Security – Produced By Gregory Evans

Five days into an outage, the maker of PayMyPark – a parking payment app used by Wellington, Hutt, Tauranga, Christchurch, Dunedin and other city councils – has admitted it was the victim of a ransomware attack.

• Toll admits some customers still suffering delays on day 18 of ransomware attack
• Air NZ service provider Travelex held to ransom by hackers demanding $8.5m

“We responded to this incident as soon as we were notified and commissioned a
thorough investigation which is being undertaken by the PwC Cyber Response Team,” Arthur D Riley Ltd (ADR) said in a statement.

In follow-up comments, a spokeswoman said no ransom was paid. She did not say how much was demanded to free its data.

Like Toll and Air NZ partner Travelex before it, ADR chose to grind it out and rebuild its systems over several days.

PayMyPark went off-line on Saturday, and users have since been demanding answers from councils, who before this afternoon have been able to offer little information.

“As a result of this ongoing investigation, we believe we have identified how this attack
occurred and have taken steps to get PayMyPark back online,” ADR said.

“We want to assure all our customers and users that we have not identified any breach
of private or personal information or data as a result of this ransomware attack.

“We can also confirm that PayMyPark does not hold any credit card or other personal
financial information.”

The company says its systems are now secure, and that its app will be back online as of 6am tomorrow.

ADR is also heavily involved in parking enforcement systems, and exports of data to collection agencies and courts. The spokeswoman said, “ADR took the parking enforcement systems down as a precaution, but no data or information has been compromised.”

Wellington City Council alerted users via Twitter on Saturday that there were “server problems”. There is still no estimated time for ADR to get the system back online.

A WCC spokesman told the Herald that council staff were meeting with ADR this afternoon. The council hoped to learn more at that meeting, however, it could offer no new information following the get-together.

Source / ADR website
Source / ADR website

Dunedin City Council has come the closest to providing an explanation, saying in response to a question on Facebook: “Someone attempted to breach our supplier’s website. Due to the security systems in place, no personal information or credit card details were accessed. Cyber security specialists were called in and as a security measure, the site and app were taken offline. They are working to get the site and app back online as a high priority.”

Many drivers were confused about whether they should pay for parking if they had money still in their PayMyPark account, but the system was still down.

Celeste Wansink asked Dunedin Council, “When I have money sitting in an account (PayMyPark) waiting to be used for parking, why should I pay at the meter?” (The council did not immediately reply).

Mike James vented: “Typical DCC [Dunedin City Council], no real back up plan.”

Wellington City Council said people could still pay at meters using cards or cash.

“In the unlikely event you get a ticket, you can appeal your ticket once the system is back online,” the council said on its Facebook page.

Robyn Gilchrist posted in response: “This has been playing up for days… In a cashless society you need a need a more reliable service.”

A number wondered why Wellington had dumped its previous app, Phone2Park, which was shuttered on January 7 this year.

The office of the Privacy Commissioner said it had not been notified about any data breach involving PayMyPark.

What to do if you’re hit by ransomware

New Zealand businesses or individuals hit by a cyber-attack are advised to contact Crown agency CERT (the Computer Emergency Response Team) as their first step.

CERT acts as a triage unit, pointing people to the right law enforcement agency or technical contacts.

CERT director Rob Pope and Police recommend not paying a ransom for data encrypted or stolen by hackers.

There is no guarantee it will be returned. And payment often means helping to fund organised crime groups that are also involved in areas like drugs and human trafficking.

Source link

The post #comptia | #ransomware | Councils’ parking app hit by ransomware attack appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | Ring’s leaked Video Doorbell 3 has a few small upgrades

Source: National Cyber Security – Produced By Gregory Evans

A sneak peek of the product page for the upcoming Ring Video Doorbell 3 shows some upgrades over the Video Doorbell 2. Dave Zatz at Zatz Not Funny discovered the product page (it’s since been removed, apparently), which included a “pre-roll” feature for the doorbell’s Plus model that captures four seconds of black-and-white video before a motion alert goes off.

The product page described it as a “first-to-market feature for battery-powered doorbells and unique exclusively to Ring,” although Zatz points out that other video doorbells have this so-called “foresight” feature, just not battery-powered models.

A screenshot of the Ring Video Doorbell 3 product page.
Zatz Not Funny via Ring

The basic design of the Video Doorbell 3 doesn’t appear much different from its predecessor, but Zatz reports the new model’s faceplate will be easier to remove; it will have a “near” motion sensor to reduce false motion alerts; and it will have 2.4GHz and 5GHz Wi-Fi (only 2.4GHz is available on the Video Doorbell 2).

It’s not clear when the Video Doorbell 3 will be available, and Zatz notes the product page didn’t mention support for Ring’s Sidewalk networking standard or Apple HomeKit support (that’s not to say they won’t be included, just that neither was mentioned).

Zatz calls the Ring Video Doorbell 3 a “decent, minor upgrade from Ring 2, with a clever upsell for those seeking a bit more security,” adding they’re likely to be priced between $199 and $229.

Amazon-owned Ring has come under fire for privacy and security concerns in recent months. In January, the company added a new privacy dashboard for its app, to allow users to manage their connected devices better, including control over whether local police departments can request video footage from an owner’s Ring camera.

Source link

The post #comptia | Ring’s leaked Video Doorbell 3 has a few small upgrades appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | Twitter now bans dehumanizing remarks based on age, disability, and disease

Source: National Cyber Security – Produced By Gregory Evans

Twitter has updated its hate speech policies to cover tweets that make dehumanizing remarks, which are remarks that treat “others as less than human,” on the basis of age, disability, or disease. The changes follow updates to the company’s polices made last July that said Twitter would remove tweets that dehumanize religious groups.

Prior to that, Twitter issued a broad ban in 2018 on dehumanizing speech to compliment its existing hate speech policies that cover protected classes like race and gender. It has since been updating these dehumanization policies to take into account specific cases its original ruleset failed to address, based on user feedback.

Now, Twitter says tweets like the ones in the image below will be removed when they are reported:

Image: Twitter

The company says reported tweets in violation of these new polices but posted before today will be removed but won’t result in account suspensions.

Twitter first rolled out policies banning dehumanizing speech in September 2018. At the time, Twitter asked for feedback and later said it received more than 8,000 responses across more than 30 countries in just two weeks time. Much of the feedback centered around the policies being too broad. So Twitter has begun calling out specific types of speech against specific groups as against its rules, starting with religion and now age, disability, and disease.

In a tweet, the company indicates that more groups will eventually be protected by this policy:

Twitter also does not allow misgendering or naming transgender people by the name they used before they transitioned, also called “deadnaming,” a policy put in place in late 2018. The company said in October 2019 that its automated moderation tools now flag and remove more than half of all abusive tweets before users report them.

Source link

The post #comptia | Twitter now bans dehumanizing remarks based on age, disability, and disease appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Galt Targeted By Ransomware – CBS Sacramento

Source: National Cyber Security – Produced By Gregory Evans

Wine Prices DroppingThe price of wine is expected to drop to its lowest levels in five years thanks, in part, to a surplus of California grapes.

Cab Driver Saves Elderly Woman From Being Scammed Out Of $25K In RosevilleA cab driver in Roseville knew something sounded fishy when his elderly passenger said she needed a ride to the bank to withdraw $25,000.

Active Threat TrainingFairfield police will soon be conducting training for an active threat event at the Solano town center during the next few weeks.

Evacuees To LandOnce the plane arrives at Travis AFB, the base says that Americans on the flight are going to be quarantined for 14 days.

CBS13 PM News Update – 2/16/20Here are the latest headlines from around the region.

Evening Forecast – 2/16/20Here’s your extended 7-day forecast!

NorCal Safeway Workers Threaten Strike Over Wages And HoursApproximately 14,000 union workers at Safeway stores in Northern California are threatening to go on strike.

4 Arrests, 60 Citations, 6 Cars Towed At Stockton SideshowFour people were arrested, 60 citations were issued and six vehicles towed at a sideshow in Stockton on Saturday night, police said.

Suspected DUI Driver Arrested Following Fatal Collision In ModestoA man suspected of driving under the influence of drugs is behind bars after hitting and killing a pedestrian in Modesto on Saturday night, authorities said.

Suspected DUI Driver Arrested After Head-On Crash Leaves 6 With Major Injuries In North HighlandsSix minors are in the hospital with major injuries following a head-on crash with a suspected DUI driver in North Highlands on Saturday evening, authorities said.

New Wave Of Evacuees Arriving At Travis AFBThe United States chartered plane carrying Americans who were quarantined on a cruise ship in Japan is on its way to California and is expected to arrive at Travis Air Force Base close to 11 p.m. on Sunday night, officials said.

Student Data BreachSchool officials in Lodi are investigating after student data was breached at two different schools.

Suspected DUI Driver Arrested After Head-On Crash Leaves 6 With Major Injuries In North HighlandsSix people, including five minors, are in the hospital with major injuries following a head-on crash with a suspected DUI driver in North Highlands on Saturday evening, authorities said.

Man Arrested, 440 Pounds Of Marijuana Seized At Illegal Grow In Calaveras CountyOne man was arrested and 440 pounds of pot were seized at an illegal marijuana grow in Calaveras County on Thursday, authorities said.

Roseville Coach Accused Of Having Long-Term Sexual Relationship With MinorRoseville police arrested a 38-year-old sports coach Thursday who is being accused of engaging in a long-term sexual relationship with a minor on a team he coached.

Homicide Investigation Underway After Man Found, Pronounced Dead In Modesto RoadwayA man was pronounced dead after detectives located him down in the roadway in Modesto on Friday night, authorities said.

Pilot Lands Plane Safely At SMF After Losing Power MidairA plane landed safely at Sacramento International Airport after losing power on Saturday.

Evening AppCastAfter a nice Saturday we’ll see temps cool on Sunday with more cloud cover.

CBS13 PM News Updates – 2/15/20Here are the latest headlines from around the region.

Evening Forecast – 2/15/20Here is your extended 7-day forecast!

Dry Winter May Mean No Super Blooms This SpringCalifornia’s ongoing dry winter could mean no wildflower super blooms for the springtime.

Suspected Killer Behind BarsMichael Green, the new suspect in the 1985 El Dorado Hills murder case Ricky Davis was just exonerated from, has been moved from the Placer County Jail to the El Dorado County Jail.

Coach Arrested In RosevilleRoseville police arrested a 38-year-old sports coach Thursday who is being accused of engaging in a long-term sexual relationship with a minor on a team he coached.

Police Put Brakes On SideshowsA pair of missions against sideshows in Stockton resulted in dozens of cars being towed in just one night, police say.

Source link

The post #comptia | #ransomware | Galt Targeted By Ransomware – CBS Sacramento appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | Deals on the 16-inch MacBook Pro, truly wireless earphones, and PS4 Pro

Source: National Cyber Security – Produced By Gregory Evans

Most of the deals that we publish at The Verge come and go before the weekend arrives. That’s just the way it works sometimes. However, some deals are still happening and they’re just as good as they were earlier this week.

Apple’s 16-inch MacBook Pro it introduced in late 2019 (shown above) is up to $200 off at Best Buy. The most affordable build costs $2,249 (usually $2,399), and it has a six-core Intel Core i7 CPU, 16GB of RAM, AMD’s Radeon Pro 5300M graphics chip, and a 512GB SSD.

You’ll get $200 off Apple’s more powerful configuration. It has an eight-core Intel Core i9 CPU, 16GB of RAM, AMD’s Radeon Pro 5500M graphics, and a 1TB SSD. Usually $2,799, you can get it right now for $2,599. To get this discount, you’ll need to be a My Best Buy member, and signing up is free and only requires an e-mail address.

Photo by Chris Welch / The Verge

Amazon’s capable, truly wireless earphones that have Bose’s noise isolation tech built in are $40 off. They’ll cost you $90, which is a great price if you’re deciding between this and the many more expensive options out there from Apple, Sony, and others.

Photo by Chris Welch / The Verge

Alternatively, Wellbots is offering a big limited-time discount on Anker’s Soundcore Liberty 2 Pro that have a few features up on Amazon’s model listed above. They, too, have above-average sound quality and a comfy fit. But if you want them to come in a case that supports USB-C charging and wireless charging, these Anker truly wireless earphones have you covered. Normally $150, you can get them for $110 with the offer code VERGEMUSIC.

It’s no secret that Sony plans to release the PlayStation 5 later this year. But if you haven’t yet played through all of the exclusive games for the PlayStation 4 like God of War (and in 4K, no less), Woot is offering a good deal on the PS4 Pro console. Usually $399, it’s $299 for a limited time.

Source link

The post #comptia | Deals on the 16-inch MacBook Pro, truly wireless earphones, and PS4 Pro appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | With cybercriminals on the attack, states help cities punch back

Source: National Cyber Security – Produced By Gregory Evans

When the computers of the city of Lodi, Calif., got hit by a ransomware attack last April, the strike disabled phone lines, forced police officers to write reports by hand and prevented workers from sending out utility bills.

City officials refused to pay the ransom of 75 bitcoins — about $400,000 — and instead turned to their cyber insurance company, which sent in a legal team and security experts to investigate and help return the system to normal.

“It took a lot of our energy and ended up consuming a great deal of time,” recalled City Manager Steve Schwabauer. “We ultimately filed a claim of about $250,000, and it’s not fully closed yet.”

State legislators later gave Lodi, a city of about 67,000, a half-million-dollar grant to upgrade cybersecurity.

As cybercriminals increase their attacks against local governments — hundreds of municipalities and county agencies were hit in the last two years — some states are helping cities and counties better protect themselves. States have offered election cybersecurity, responses to ransomware attacks that take computer systems hostage, training and other programs, according to a recent report by the National Governors Assn. and the National Assn. of State Chief Information Officers.

“It’s the right thing to do,” said Meredith Ward, the latter group’s policy and research director. “Cybersecurity is a team sport. States and local government and the private sector all have a role to play.”
But while 65% of states report that they provide some cybersecurity services to local governments, the scope varies widely. And other states aren’t doing anything to help, saying they don’t have jurisdiction over local governments or they lack money to spare.

“It’s very hard for most local governments,” said Alan Shark, executive director of the Public Technology Institute, a Washington, D.C.-based nonprofit that provides training and other support to local government information technology executives. “They lack the resources to adequately protect themselves. Yesterday’s fixes don’t work today. The cybercriminals are encouraged.”

But Shark said more states are starting to assist local governments in restoring their systems.

The states committed to collaboration are on the right track, the report by the governors’ and IT chiefs’ groups found.

Among them:

  • Illinois created a program that helps local election officials improve their cybersecurity readiness and conduct risk assessments. It hired IT specialists to help local election offices beef up their security.
  • Iowa is using a federal grant to offer counties cybersecurity vulnerability scanning and to pay for hardware and anti-malware tools. It also is piloting cyber projects with schools, cities and hospitals.
  • North Carolina developed a partnership with the state’s National Guard and emergency management division to help local governments, school systems and community colleges recover data compromised during a cyberattack and provide training to help prevent future incidents.
  • Pennsylvania partnered with the county commissioners’ statewide association to provide security awareness training and phishing exercises for all 150,000 county and state employees and contractors. Phishing victims unwittingly click on emailed links designed to get personal information, such as passwords.

“It’s about working outside your comfort zone and forging relationships,” said Erik Avakian, Pennsylvania’s chief information security officer. “We think this is really the path forward for all states. It’s something they should be looking at.”
Cybersecurity remains a serious issue for state governments, as sophisticated hackers and cybercriminals are constantly scanning computer networks looking for vulnerabilities. Those networks contain information such as Social Security numbers, birth certificates, bank account details and credit card numbers of millions of individuals and businesses.

But it’s especially hard for local governments. Just last month, for example, a small school district near Austin, Texas, with 9,600 students, disclosed that it had lost $2 million in a phishing email scam.

Local governments saw a spike in cyberattacks in 2019, and experts say it doesn’t look like they’re going to abate any time soon.

In the last 24 months, at least 370 cyber incidents affecting local governments and public safety agencies were publicly reported in 47 states, according to Aubrey Larson, a marketing manager at SecuLore Solutions, a Maryland-based cybersecurity company. That’s a 150% hike over the previous two-year period, she said.

In fact, the majority of publicized ransomware attacks in the United States last year targeted local governments, according to the report by the governors’ and state IT officers’ associations.

Ransomware hijacks government computer systems and holds them hostage until their victims pay a ransom or restore the system on their own.

In October, the FBI issued a public service announcement, saying state and local governments “have been particularly visible targets for ransomware attacks.” Those attacks can be devastating.

Democratic New Orleans Mayor LaToya Cantrell declared a state of emergency in December after a ransomware attack hobbled the city. Officials had to shut down more than 4,000 computers and close municipal courthouses. The attack has cost the city at least $7 million.

Nearly two dozen Texas cities were targeted in a ransomware attack in August that led Republican Gov. Greg Abbott to order a “Level 2 Escalated Response,” which is just one level below the emergency management division’s highest alert. The state led the response and helped the cities restore their systems.

And Baltimore was hit by a ransomware attack in May that crippled thousands of computers and left workers unable to access online accounts and payment systems for weeks. City officials transferred $6 million from a parks and recreation fund to pay for cyber protections. In total, restorations and repairs cost $18 million.

Preventing and responding to attacks can be complicated when efforts involve jurisdictions that generally operate independently of one another.

“Some cyber incidents are truly becoming emergencies. [State and local IT officials] shouldn’t be exchanging business cards at that point,” said Maggie Brunner, cybersecurity program director for the national governors’ group. “They should be doing it ahead of time. We’d love to see state CIOs know every single local IT director.”

In Pennsylvania, IT security chief Avakian said his agency held quarterly meetings with county IT officials to build relationships and find out about their cybersecurity needs. “The fact that we’ve cracked this nut across jurisdictional boundaries is significant,” Avakian said.

Because of the collaboration, he said, the state was able to buy licenses for the phishing training exercise in bulk. The larger number of users lowered the cost per unit and saved the state and its 67 counties a considerable amount of money. He wouldn’t say how much.

“Now that we’ve done this, more people want to come onboard — school districts, cities,” Avakian said. “It’s kind of taken off.”

Michael Sage, chief information officer for the County Commissioners Assn. of Pennsylvania, called the cyber training and relationship the counties have developed with the commonwealth “a fantastic effort.”

“It has bolstered awareness and helped the counties understand where the threats are coming from, so they can stay vigilant,” Sage said. “The more we can collaborate and share, the better off we’re going to be.”

Bergal writes for stateline.org

Source link

The post #comptia | #ransomware | With cybercriminals on the attack, states help cities punch back appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | How to cancel Fitbit Coach or Fitbit Premium

Source: National Cyber Security – Produced By Gregory Evans Fitbit Coach and Fitbit Premium are the company’s fitness subscription memberships that offer guided health programs from the app / wearable device. Fitbit first came out with its Fitbit Coach program for guided exercises such as HIIT training or body weight workouts, then followed up with […] View full post on AmIHackerProof.com

Prepare for Cisco, CompTIA, and More IT Certifications with this Bundle

Source: National Cyber Security – Produced By Gregory Evans

cybersecurity certification

Exams are pretty important in professional IT. You can have all the practical knowledge in the world, but technical recruiters want to see certificates.

If you want to improve your resume, the Complete 2020 IT Certification Exam Prep Mega Bundle will help you ace nine of the most important exams. You can pick up the training now for only $39 via THN Deals.

Over the next few years, the areas of greatest demand in IT will be networking, cloud computing, and cybersecurity. This bundle covers all three topics, with over 100 hours of training.

The courses on cloud computing focus on AWS and Microsoft Azure, which are the two biggest platforms right now. You get full prep for four Azure exams and one AWS exam.

The bundle also helps you pass three Cisco CCNA exams. If you plan to work with networks at any time, these certifications will serve you well.

The final course works towards CompTIA Security+, which covers all the fundamentals of cybersecurity. Many companies now expect IT professionals to have this certification to prove they are security-conscious.
Each course comes with lifetime access, so you can study at your own pace.

Normally priced at $1,800, the training is now only $39 with the bundle.

The Original Source Of This Story: Source link

The post Prepare for Cisco, CompTIA, and More IT Certifications with this Bundle appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Baton Rouge college’s computer system attacked | State Politics

Source: National Cyber Security – Produced By Gregory Evans

With a week to go before final exams, ITI Technical College, a private Baton Rouge vocational college, is going back to paper, at least partially until its computer system is fully restored after being the latest Louisiana institution victimized by ransomware.

ITI Vice President Mark Worthy said Tuesday the college’s computer personnel were working to get all the servers in the system back up and are making progress. But in the meantime, since many on staff began before automation, they’re starting to go through the documents that backup the databases to ensure that grades are recorded and financial aid gets to the right people.

“Full functionality? Not sure when because of the complexity,” Worthy said. Some of the critical systems are coming back online. Classes for the 605 students are continuing. Communications, however, have been crippled, so administrators are visiting classrooms to convey information.

What’s taking time is that the technicians are reconnecting each server for computers used by students and administrators on the six-acre campus only after checking to ensure the code is clean.

Monday’s ransomware attack, which crippled about 10% of the state’s computer network servers just hours after votes were tallied in statewide …

Technicians traced the ransomware attack back to the Czech Republic. The attackers replicated an employee’s contact list and sent out emails to faculty and staff that looked like the real thing. The messages asked the reader to click on an expected report, which one of the employees did on Monday, Jan. 27. In the dark hours of the following Wednesday morning, the school’s IT administrator was checking the network, as she usually does, and found suspicious activity. She disconnected all the servers from the internet, then started looking for the impacted systems, Worthy said.

But the ransomware was able to encrypt some of the databases and keep the school from accessing their files. Eventually, the techs found a message to contact the attackers for instructions on how and how much to pay to regain access to the databases. “We won’t pay and we won’t contact these criminals,” he said.

Initially, Worthy offered to hire specialists to work on the problem. But his IT staff argued that they would be more familiar with the architecture of the system. Besides, the school teaches information technology and has faculty and staff able to handle the problem.

Unlike, the City of New Orleans or state government, both of which were hit by ransomware attackers, ITI is a privately owned college. State government’s teams and experts are not available to the school.

Gov. John Bel Edwards is expected to discuss cybersecurity Wednesday in a speech before the Louisiana Municipal Association, whose members include several localities hit with crippling cyber-attacks.

“We’re running this rodeo on our own,” Worthy said. “Fortunately, we teach IT, so we have a lot of really, really sharp people already on staff.”

Worthy said ITI would be contacting police and the FBI after the system is back up and the incriminating evidence is collected.

Similar ransomware attacks have previously crippled Louisiana state agencies, city governments, and school systems.

When the first signs of a massive cyberattack became apparent in the Tangipahoa Parish School System’s computers, administrators thought it wa…

Two days before commencement ceremonies, Baton Rouge Community College leaders learned that its computers were cyberattacked by ransomware.

In November roughly 1,500 of the state’s 30,000 computers were infected by cyber attackers. The hackers blocked access to the state’s data until a ransom was paid. The state refused to pay but had to shut down systems that disrupted state services, such as slowing delivery of food stamps, as well as closing the Office of Motor Vehicles for several weeks.

In December, the City of New Orleans shut down its computer systems while technicians cleaned the ransomware out of code and reloaded the information onto city computers.

State officials plan to re-open eight of its main Office of Motor Vehicles locations Monday, a week after a cyberattack crippled Louisiana sta…

Source link

The post #comptia | #ransomware | Baton Rouge college’s computer system attacked | State Politics appeared first on National Cyber Security.

View full post on National Cyber Security