Tag Archive for: respond

Hayward approves emergency proclamation to respond to ransomware attack


There was a special meeting to respond to a ransomware attack on the city of Hayward’s computers and networks. They say no personal data was compromised but online payments for services such as water and building permits are still unavailable. City manager says there is no disruption to emergency services. An expert shares insight into how attackers operate and why cities who’ve been hacked may learn from the experience..

Source…

13 Expert Tips To Defend Against And Respond To Ransomware Attacks


In February 2023, the city of Oakland was forced to take multiple systems offline for several days after being hit with a successful ransomware attack; the hackers also released the personal data of city employees online a few weeks later. While notable for its severity, the Oakland attack was not the first high-profile successful ransomware attack, and it almost certainly won’t be the last.

While it’s important for all organizations that deal in data to establish robust cyber defense postures, that’s not enough—many tech experts assert that most organizations will be successfully breached by hackers at some point, so it’s also essential to have an incident response plan ready. Below, 13 industry leaders from Forbes Technology Council share defensive practices and response protocols every public and private entity should have in place to be better prepared for ransomware attacks.

1. Invest In Multi-Location Backups And Data Protection

In 2023, infiltration is inevitable. Damage control falls into two main areas. First, ensure you can bring systems back up quickly. Have multi-location backups (both onsite and offsite), preferably using sharding. This allows a company to recover quickly from a ransomware attack without having to pay the ransom. Second, protect your data. Have an ongoing plan to protect unstructured data, as this is usually where all the damage occurs. – Jo Webber, AtlasJobs

2. Have A Disaster Recovery And Incident Response Plan In Place

Having a robust and regularly tested backup and disaster recovery and incident response plan in place is crucial for businesses and governmental organizations to be better prepared for ransomware attacks. In the event of an attack, having backups of critical data and systems can enable organizations to restore operations quickly and effectively, minimizing disruption and potential financial losses. – Jagadish Gokavarapu, Wissen Infotech


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


3. Develop A Comprehensive Software Patching Process

Ensuring all networked systems have all current software patches applied is an essential element for…

Source…

Ethical hackers urged to respond to Computer Misuse Act reform proposals


Ethical hackers, security researchers and consultants, and the community at large are being urged to step up and make their voices heard as the government explores a series of proposed changes to the Computer Misuse Act (CMA) of 1990.

The long-awaited consultation, which has been running since February, is seeking views on a number of legislative changes, including giving new powers to law enforcement agencies and closing existing loopholes that make it easier for malicious actors to get away with misusing purloined data.

However, when the consultation was launched, campaigners who want to see the law reformed to better protect cyber security professionals from prosecution under outdated sections of the 33-year-old CMA were left disappointed because rather than lay out concrete proposals for the community to consider, the government merely said more work was needed on this point.

Among other things, Westminster wants to consider questions such as how to safeguard the UK’s ability to act against cyber criminals if legal defences for hacking are implemented; how to ensure any defences do not provide cover for offensive actions; and what levels of training, standards and certifications need to be in place for security professionals.

Nevertheless, Casey Ellis, founder and CEO of crowdsourced security platform Bugcrowd, is calling on the community to have its say on the basis that interested parties need to contribute to ensure the government is as well-informed as possible.

“It’s still important that as many as possible individuals and organisations have their say on this,” he said. “The UK needs a revised act that not only better defines the difference between the activities of malicious attackers who have no intent to obey the law in the first place, and those who hack in good faith, discovering and disclosing vulnerabilities so they can be addressed before they are exploited.

Bugcrowd, which is contributing to the consultation through the Cybersecurity Policy Working Group (CPWG) and the Hacker Policy Coalition, said that the most significant way in which community members could help would be to comment on the potential of a statutory legal defence for hacking if…

Source…

CFOs learn how to respond and lead during a cyberattack


CFOs work through a cyberattack simulation

Imagine this situation: your CEO just resigned and as CFO, you’re the acting chief. After returning to the office from an exhausting overseas trip, your CIO informs you that malware was deployed within your customer databases.

That’s worrisome enough, but the next morning your CIO delivers this bombshell: Hackers are demanding $4.5 million in ransomware or all that sensitive customer data winds up on the dark web.

And you have just 72 hours to figure out what to do.

Finance executives experienced this exact simulated ransomware attack at CNBC’s recent CFO Council Summit in Washington, D.C. They were joined by a half dozen of CNBC’s Technology Executive Council (TEC) members from leading cybersecurity companies to help guide them through the steps they and their hypothetical companies should take in responding to the attack.

The simulation was led by retired U.S. Army Colonel Sean Hannah of the Thayer Leadership, a leadership development organization located at West Point. CFOs from the Council were broken up into teams, each representing a fictitious company in a specific industry such as financial services, healthcare, energy, and pharma/biotech. The TEC members were brought in to play the role of CIO at each of these companies and to offer technical advice on what to do in the event of a ransomware attack.

The goal of the exercise was not to school CFOs in the technical intricacies of a breach, Hannah said at the beginning of the exercise, but rather to formulate a plan for how to manage, lead, and communicate during a crisis.

Hannah informed each table of participants that each minute of the exercise would represent about 41 minutes of “real” time, giving them about 1 hour and 45 minutes to figure out what they would do during a cyberattack.

As the scenario moved along, CFOs were given the next development or demand in the attack. Once they knew a ransomware demand was made, the most pressing question was whether they should pay the money. Many wondered if making the payment would put a bullseye on their back for future ransomware attacks. Others turned immediately to the participants playing company lawyers to determine how much cyber insurance they had on hand to pay the…

Source…