N.J.

now browsing by tag

 
 

#deepweb | N.J. towns are easy targets for dark web hackers. They won’t always admit being scammed.

Source: National Cyber Security – Produced By Gregory Evans

The ransom demand was electronic.

In 2017, Newark’s computer system was hijacked by a group of hackers from halfway across the world, shutting down municipal services. Officials were given just seven days to come up with $30,000 in Bitcoin or they could kiss the city’s encrypted computer files goodbye.

They paid the ransom.

Cybercrime continues to explode nationwide, according to the Federal Bureau of Investigation’s most recent internet crime report. Last year, federal authorities received more than 350,000 complaints involving internet-based fraud, an increase of 16.7 percent over the previous year. Victim losses across the country in 2018 related to cybercrime totaled $2.71 billion.

In New Jersey, more than 8,400 victims across the state — including businesses, individuals, and government agencies — reported overall cybercrime losses last year of $79.7 million, making the state ninth in the nation for such high-tech theft, the FBI reported.

While much of that involved scams against individuals, businesses and Fortune 500 companies, the masters of the dark web have also been targeting your local tax collector’s office. Dozens of municipal government agencies in New Jersey have been victimized by hackers over the past two years, but have been reluctant to make those attacks public, officials say.

John Cohen, a senior expert on global threats for the Argonne National Laboratory and a professor at the Georgetown University Security Studies Program, said local governments remain easy targets for cyber criminals.

“Their systems remain vulnerable due insufficient security and local governments continue to pay the criminals,” Cohen said. “Until localities change their practices in the regard, they will continue to be targeted.”

In New Jersey, the state’s Office of Homeland Security and Preparedness said it has been tracking the threat of ransomware since 2015 and officials said municipal governments have long been in the mix.

“Many cyber-threat actors are just looking for low-risk targets and something they can monetize,” said Jared Maples, who heads the state agency. “The availability of hacking tools and the increasing number of unsecured internet-connected devices reduces the need for extensive technical skills to carry out successful cyberattacks.”

Officials at the Municipal Excess Liability Joint Insurance Fund, which helps insure public entities across the state, said they have seen a 540% increase in cyber attacks on local government agencies since 2013. About 80 events have been reported over that time, but officials with the fund said they were aware of 50 others that were never formally reported.

“Nobody wants to acknowledge they’ve been victimized,” said Marc Pfeiffer, assistant director of the Bloustein Local Government Research Center at Rutgers University, of the radio silence. Nobody is going to call a press conference to announce someone made off with taxpayer funds, he said.

Maples, meanwhile, believes that what is happening is only going to get worse.

“Cyberspace is a complex, diverse, and fluid security environment with real, persistent, and evolving threats,” he said. “The impacts of cyberattacks will increase as we enter into an era of autonomous systems, artificial intelligence, smart cities, hyper-connectivity, and the convergence of cyber-physical systems and devices.”

MORPHING SCHEMES

While many of the high profile cybercrime cases that have come to light in recent years have involved ransomware, where malicious software delivered by a link that should never have been clicked is used to corrupt and encrypt computer files, that is only one of many weapons commonly employed. According to the FBI, the attack tactic most gaining favor these days is known as Business Email Compromise, or BEC, which targets those who use wire transfers.

The BEC scam works by compromising the email of corporate executives — and sometimes of municipal officials involved in finance — and seeks to redirect wire transfers meant for suppliers or financial institutions to fraudulent accounts both here and abroad.

Earlier this year, Lawrence Espaillat, 41, of Clifton pleaded guilty in connection with a BEC scheme to steal more than $1 million from corporate victims and individuals. Authorities said Espaillat and others incorporated sham businesses and created email addresses, which mimicked but differed slightly from legitimate email addresses of supervisory employees at various companies. Emails from those sham accounts were then used to send what appeared to be requests for payment of legitimate invoices or debts owed by the victims.

Last year in New Jersey, according to state municipal finance officials, at least one unnamed municipality was sent wiring instructions by such a compromised email to change its bond anticipation note payments from what appeared to be one reputable banking institution to another. They sent $40,000 to the other account, which was fraudulent.

In August 2018, the FBI said received a complaint filed on behalf of another New Jersey town that fell victim of another BEC scam, transferring more than $1 million into the fraudulent account. Michael Doyle, an FBI supervisory special agent in New Jersey, would not identify the town, but said the money was recovered through a “financial fraud kill chain” that moves to quickly freeze funds and recall a wire transfer if they are alerted without delay.

Noting the explosion in BEC complaints nationally, Doyle said the nature of cybercrime is changing. More than $1.2 billion in losses were attributed last year to just on compromised business email scams.

“It dwarfs everything else,” the FBI agent said — far more than the $362 million lost to victims in confidence or romance fraud.

Yet while ransomware complaints do not top the list of cybercrime complaints, Doyle suspects what happened in Newark may be happening more than is being reported to authorities. How the money is taken has also morphed, he added, with the use of “money mules” in the United States who act — sometimes unwittingly — as a go-between, so that suspicions are not raised by having money directly wired overseas.

“It used to be jumping out of the country immediately,” Doyle said. Now, potential victims might think it suspicious to be told to send money to an account in Hong Kong. These days, money may be wired through a series of destination points before in lands in somebody’s pocket.

Last November, two Iranian men were indicted in connection with an international wave of ransomware attacks that shut down Newark’s computer systems, and led to the city’s payment of $30,000 to regain control of the city’s electronic files. Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri where charged with running what officials called “an extreme form of 21st century digital blackmail.”

Both men remain at large.

Doyle said cybercrime is still far more likely to target big companies than town hall. Usually municipalities don’t have that kind of money. There’s no revenue stream.

Still, the problem for local government is growing, officials here say.

David N. Grubb, executive director of the Municipal Excess Liability Joint Insurance Fund in Parsippany, said the impact is not insignificant.

“When a municipality gets hit by one of these things, can’t quantify the disruption that occurs. There are things that can’t happen when you are trying to get the system up and running. There is a reputational cost,” he said. It can get residents quite upset.“

A spokeswoman for Newark said the city has made numerous changes and improvements to defend against similar attacks, including improvements to infrastructure, training as well as following professional recommendations that identified security gaps.

“While no amount of preparation protects any organization 100%, the city is in a much better position to thwart similar events,” said the spokeswoman, Crystal Rosa.

At the same time, she said the city is constantly being being targeted.

“Measures put in place, actions following the prior ransomware event, have identified attempts and been successful to date from any in-depth intrusion,” she said.

With three dozen or more New Jersey municipalities the victims of successful hacker attacks in just the last two years, Pfeiffer said local officials are paying more attention, and like Newark, said that the electronic systems of every municipality in the state are under attack daily. Most municipalities now have cyber insurance, he added.

But technology requires management, and that requires time and money.

“There are two things you cannot be without in managing technology,” he said. “You have to have somebody you trust advising you on technology. And you have to have a sound backup plan.”

Ted Sherman may be reached at tsherman@njadvancemedia.com. Follow him on Twitter @TedShermanSL. Facebook: @TedSherman.reporter. Find NJ.com on Facebook.

Have a tip? Tell us. nj.com/tips

Get the latest updates right in your inbox. Subscribe to NJ.com’s newsletters.

Source link
——————————————————————————————————

The post #deepweb | <p> N.J. towns are easy targets for dark web hackers. They won’t always admit being scammed. <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Christie just signed executive order to beef up N.J. cybersecurity. Here’s what it does.

Source: National Cyber Security – Produced By Gregory Evans

Christie just signed executive order to beef up N.J. cybersecurity. Here’s what it does.

TRENTON — Gov. Chris Christie appeared at the state’s information technology offices on Thursday to sign an executive order that takes authority over information technology away from bureaucrats and confers them on his handpicked tech guru. “I am tired of having each department have their own I.T. center,” said the…

The post Christie just signed executive order to beef up N.J. cybersecurity. Here’s what it does. appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

N.J. Program Fast-Tracks New Physics Teachers – Education Week

The effort by the New Jersey Center for Teaching and Learning, which taps teachers of other subjects, produces more physics teachers a year than any preservice program in the country.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post N.J. Program Fast-Tracks New Physics Teachers – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

N.J. special education teacher accused of child abuse

A special education teacher for the Elmwood Park public school district was charged Saturday with child abuse, Bergen County Prosecutor John L. Molinelli said.

An administrator at the Sixteenth Avenue Elementary School notified Elmwood Park Police that Ashley L. Frabizzio, 30, had been accused of child abuse.

Elmwood Park Police, the Bergen County Prosecutor’s Office Special Victims Unit and the New Jersey Division of Child Protection & Permanency began a joint investigation. Police arrested Frabizzio, a Butler resident, based on interviews and the investigation, Molinelli said.

Source: http://www.nj.com/bergen/index.ssf/2015/12/nj_special_education_teacher_accused_of_child_abus.html

Read More

The post N.J. special education teacher accused of child abuse appeared first on Parent Security Online.

View full post on Parent Security Online

Children Recovered In N.J. Sex-Trafficking Crackdown

The FBI has recovered children and busted at least two pimps in a statewide child-sex trafficking crackdown, according to authorities.

“Operation Cross Country,” a nationwide law enforcement action that took place last week and focused on underage victims of prostitution, has concluded with the recovery of 149 sexually exploited children and the arrests of more than 150 pimps and other individuals, according to the FBI.

FBI officials said in a release that agents in New Jersey recovered six underage victims of human trafficking and arrested two pimps in Newark, Atlantic City and elsewhere. Twenty-one adults allegedly participating in prostitution were arrested.

No specific information on the victims and suspects was provided.

Read More

The post Children Recovered In N.J. Sex-Trafficking Crackdown appeared first on Parent Security Online.

View full post on Parent Security Online

Accused British hacker caught, faces charges in N.J.

Source: National Cyber Security – Produced By Gregory Evans

An accused hacker was arrested in England Wednesday and is facing extradition to New Jersey where he’s facing charges of breaking into the computer systems of NASA and other federal agencies to steal reams of confidential data, federal prosecutors say. Lauri Love, 29, was arrested in Stradishall, England on an extradition warrant issued by federal prosecutors in the U.S., authorities say. Love was indicted in New Jersey in October 2013 on a charge of accessing the computer of a U.S. department or agency without authorization. New Jersey federal prosecutors say Love managed to infiltrate computer networks for the U.S. Army, the U.S. Missile Defense Agency, NASA and the Environmental Protection Agency, causing millions of dollars in losses. At the time of his arrest, New Jersey U.S. Attorney Paul Fishman said the computer breach included personal information belonging to U.S. servicemen and women as well as military data. “Such conduct endangers the security of our country and is an affront to those who serve,” Fishman said. Prosecutors say that once Love and others broke into the computer systems, they placed hidden “shells” or “back doors” in the systems, which enabled them to return at a later date so they could steal confidential […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Accused British hacker caught, faces charges in N.J. appeared first on National Cyber Security.

View full post on National Cyber Security

Bulgarian hacker on the run for 10 years will spend next 30 months in prison in N.J. cybercrime caseNational Cyber Security

nationalcybersecurity.com – After a decade on the run, a Bulgarian national tied to a worldwide cybercrime ring responsible for racking up millions in unauthorized bank charges was sentenced today to 30 months in prison. Alek…

View full post on Hi-Tech Crime Solutions Weekly

Bulgarian hacker on the run for 10 years will spend next 30 months in prison in N.J. cybercrime case

Bulgarian hacker on the run for 10 years will spend next 30 months in prison in N.J. cybercrime case

After a decade on the run, a Bulgarian national tied to a worldwide cybercrime ring responsible for racking up millions in unauthorized bank charges was sentenced today to 30 months in prison. Aleksi Kolarov, 32, who pleaded guilty to identify […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

View full post on National Cyber Security