Tag Archive for: falling

Prominent Sacramento law firm sues for $1 million after falling prey to ransomware attack

/in


A prominent Sacramento law firm that represents police officers and sheriff’s deputies in the capital region is suing a computer firm for more than $1 million alleging that, after hiring the company to provide cybersecurity, the law firm was hit with a ransomware attack.

The Mastagni Holstedt law firm filed the suit in Sacramento Superior Court this week against Lantech LLC, claiming that because of the cyberattack last year, Mastagni Holstedt was forced to pay a ransom to regain access to its data.

An office manager at Lantech who would not give her name Wednesday morning declined to comment when reached by phone, saying she knew nothing about the suit, which names Lantech, former Lantech owner Terry Berg and backup computer data storage company Acronis Inc.

Lantech did not respond to a subsequent email request for comment, and Acronis denied any responsibility for the cyberattack.

Law firm founder Davis Mastagni also did not respond to a request for comment.

The lawsuit alleges the attack came from a group known as “Black Basta,” a Russian-speaking group first detected in early 2022 that has been blamed for hundreds of ransomware attacks that have resulted in payments of more than $100 million by firms seeking to retrieve data.

“In its first two weeks alone, at least 20 victims were posted to its leak site, a Tor site known as Basta News,” according to a March 2023 “threat profile” by the U.S. Health and Human Services Department’s Office of Information Security. “It exclusively targets large organizations in the construction and manufacturing industries, but was also observed to target other critical infrastructure, including the health and public health sector.

“While primarily targeting organizations within the United States, its operators also expressed interest in attacking other English-speaking countries’ organizations in Australia, Canada, New Zealand, and the United Kingdom. Threat actors that used the ransomware have additionally impacted organizations based in the United States, Germany, Switzerland, Italy, France, and the Netherlands.”

The group has extorted at least $107 million in bitcoin from targets, according to a November report by Reuters news…

Source…

2 municipal water facilities report falling to hackers in separate breaches

/in


2 municipal water facilities report falling to hackers in separate breaches

Getty Images

In the stretch of a few days, two municipal water facilities that serve more than 2 million residents in parts of Pennsylvania and Texas have reported network security breaches that have hamstrung parts of their business or operational processes.

In response to one of the attacks, the Municipal Water Authority of Aliquippa in western Pennsylvania temporarily shut down a pump providing drinking water from the facility’s treatment plant to the townships of Raccoon and Potter, according to reporting by the Beaver Countian. A photo the Water Authority provided to news outlets showed the front panel of a programmable logic controller—a toaster-sized box often abbreviated as PLC that’s used to automate physical processes inside of industrial settings—that displayed an anti-Israeli message. The PLC bore the logo of the manufacturer Unitronics. A sign above it read “Primary PLC.”

WWS facilities in the crosshairs

The Cybersecurity and Infrastructure Security Administration on Tuesday published an advisory that warned of recent attacks compromising Unitronics PLCs used in Water and Wastewater Systems, which are often abbreviated as WWSes. Although the notice didn’t identify any facilities by name, the account of one hack was almost identical to the one that occurred inside the Aliquippa facility.

“Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a US water facility,” CISA officials wrote. “In response, the affected municipality’s water authority immediately took the system offline and switched to manual operations—there is no known risk to the municipality’s drinking water or water supply.”

Water Authority officials told reporters the hacked PLC regulates pressure to elevated regions and was housed in what’s known as a booster station that served Raccoon and Potter. As soon as the PLC was hacked, the booster station sent an alarm to operators who then took the system offline and took manual control. They said there was never a threat to the availability of water to the 6,615 customers the facility serves.

Source…

Avoid falling prey to employment scams – Rexburg Standard Journal

/in



Avoid falling prey to employment scams  Rexburg Standard Journal

Source…

FBI Gives Tips To Avoid Falling Victim To Ransomware

/in


The FBI warns Oklahoma organizations of ransomware attacks after a metro clinic fell victim to it this week.  

Officials said those attackers will target any organization when the opportunity comes.

“Many times, unfortunately a lot of companies, the first indication there’s an issue is when their system is encrypted and they no longer have access,” explained Supervisory Special Agent, Eric Littlepage.

To be targeted, to get hacked and have sensitive information held for ransom should be a concern for organizations of all sizes per the FBI.  

The Oklahoma City Indian Clinic is a recent victim of the cyber-crime, they were hacked earlier this month.  

The use of ransomware is an illegal activity that’s becoming more streamlined.

“Now we’ve seen a lot more where there’s a ransomware as a service, which is more like a business model,” explained Special Agent Littlepage.  

He continued, “Specific groups that are generating or creating the tools and the encryption methods and the vector of attack and they’re selling it to sub-contractors that are conducting the intrusion and then paying the overall ransom group a fee.” 

The OKC Clinic released this statement after they were hacked:

“Earlier this month, Oklahoma City Indian Clinic (OKCIC) discovered that certain systems were inaccessible and immediately deployed all available resources to investigate, including third-party forensic specialists. As part of our investigation, we discovered that the OKCIC was the victim of a cyber attack. While our investigation remains ongoing at this time, we currently do not have evidence of unauthorized access to patient information. OKCIC is taking the necessary and appropriate steps to address this incident and comply with applicable regulations, and will continue to do so as our investigation proceeds.”

The ransomware group claims to have 350 gigabytes of data with health records and financial documents.  

The attack also impacted some computer systems and the clinic’s auto-prescription refill system.  

The easiest way for hackers to get in is through unknowing employees.

“A huge weak link in any organization is really just phishing attempts,” explained Special Agent Littlepage.  

“Suspicious…

Source…