Tag Archive for: knock

Hackers Threaten to Release Police Records, Knock 911 Offline

/in


(TNS) — A cyber criminal gang that breached the Washington, D.C., Metropolitan Police Department’s computer network in a ransomware attack published detailed information last week about nearly two dozen officers, including Social Security numbers and psychological assessments.

The group, Babuk, already had posted on the dark web lengthy dossiers of several officers. It claimed it stole more than 250 gigabytes of data late last month and is threatening to release more information as well as share files containing the names of confidential informants with criminal gangs if officials don’t pay a ransom.

The most recently posted documents contain sensitive information about 22 officers, such as fingerprints, dates of birth, polygraph test results and residential, financial and marriage history, according to NBC News. The hackers claim that they demanded $4 million in ransom and the department countered with $100,000, which they deemed unacceptable.


“This was the most serious incident involving a police department that we’ve seen to date. It doesn’t get much worse,” said Brett Callow, a threat analyst for cybersecurity company Emsisoft. “The release of that information could put officers and civilians at risk.”

A separate ransomware attack forced the recent shutdown of the Colonial Pipeline, leading to panic buying and gas shortages on the East Coast. Cyber criminals also have launched ransomware attacks on school districts, health care systems, courts and local government offices.

But when the hackers have struck police departments, cybersecurity experts say, they pose a particularly serious threat to public safety.

Ransomware attacks have taken down 911 systems, prevented officers from checking suspects’ criminal histories during traffic stops and blocked access to investigative files or video, impeding investigations. In some cases, prosecutors have had to drop criminal cases.

“We equate it to kidnapping,” said Jonathan Thompson, executive director of the National Sheriffs’ Association. “In this case, the victim is the data, but most importantly, it’s the community. Law enforcement has to…

Source…

New attack reportedly lets 1 modest laptop knock big servers offline

/in

(credit: Bonnie Natko)

Researchers said they have discovered a simple way lone attackers with limited resources can knock large servers offline when they’re protected by certain firewalls made by Cisco Systems and other manufacturers.

The denial-of-service technique requires volumes of as little as 15 megabits, or about 40,000 packets per second, to sever the Internet connection of vulnerable servers. The requirements are in stark contrast to recent attacks targeting domain name service provider Dyn and earlier security site KrebsOnSecurity and French Web host OVH. Those assaults bombarded sites with volumes approaching or exceeding 1 terabit per second. Researchers from Denmark-based TDC Security Operations Center have dubbed the new attack technique BlackNurse.

In a blog post published Wednesday, the researchers wrote:

Read 5 remaining paragraphs | Comments

Technology Lab – Ars Technica

SYNful Knock router exploit isn’t going away soon

/in

The SYNful Knock compromise of routers can implant software that creates backdoors to let attackers return over and over, a sophisticated endeavor that demonstrates the ingenuity of its creators, according to a member of the team that discovered the attack in the wild.

The software has features that enable it to stay hidden within networks so it can be updated and new attack modules can be downloaded for long periods of time, according to FireEye researchers.

“The impressive portion of the attack is the implant and not the delivery,” says Tony Lee, technical director at FireEye. “This sort of implant would take significant skills to produce and go undetected for so long.”

To read this article in full or to leave a comment, please click here

Network World Tim Greene

Attackers knock PlayStation Network offline for hours

/in

Many gamers couldn’t access Sony’s PlayStation Network (PSN) for hours on Sunday evening after an apparent attack against the service. The PlayStation Store was also reportedly affected.

Sony Computer Entertainment America acknowledged the service disruption, saying via its official PlayStation account on Twitter that “we are aware of the issues some users are experiencing, and are working to address them.”

Several hours later the company posted a new message advising users who had difficulties signing in to try again, suggesting the service had been restored.

Some users also reported trouble accessing the PlayStation Store and receiving an error that read: “Page not found. It’s not you. It’s the internet’s fault.”

To read this article in full or to leave a comment, please click here

Network World Security