Tag Archive for: Separate

Separate ransomware attacks reported by Illinois county, college

/in


Illinois’ Henry County and Monmouth College have confirmed being impacted by separate ransomware attacks during the past week, according to The Record, a news site by cybersecurity firm Recorded Future.

Several of Henry County’s systems were taken down following the discovery of a wide-reaching intrusion on March 18, which has prompted county officials to seek assistance from law enforcement and government cybersecurity agencies in investigating the incident amid ongoing efforts to restore affected systems.

Such an incident has already been claimed by the Medusa ransomware operation, which sought a $500,000 ransom that should be paid by Friday. Toyota Financial Services, Moneris, and Water For People were some of the ransomware gang’s most recent targets.

Meanwhile, Monmouth College disclosed in filings with the Maine and California Offices of the Attorneys General that its systems had been infiltrated in a December ransomware attack, which resulted in the compromise of data belonging to 44,737 individuals, including their ID cards and driver’s licenses.

Source…

2 municipal water facilities report falling to hackers in separate breaches

/in


2 municipal water facilities report falling to hackers in separate breaches

Getty Images

In the stretch of a few days, two municipal water facilities that serve more than 2 million residents in parts of Pennsylvania and Texas have reported network security breaches that have hamstrung parts of their business or operational processes.

In response to one of the attacks, the Municipal Water Authority of Aliquippa in western Pennsylvania temporarily shut down a pump providing drinking water from the facility’s treatment plant to the townships of Raccoon and Potter, according to reporting by the Beaver Countian. A photo the Water Authority provided to news outlets showed the front panel of a programmable logic controller—a toaster-sized box often abbreviated as PLC that’s used to automate physical processes inside of industrial settings—that displayed an anti-Israeli message. The PLC bore the logo of the manufacturer Unitronics. A sign above it read “Primary PLC.”

WWS facilities in the crosshairs

The Cybersecurity and Infrastructure Security Administration on Tuesday published an advisory that warned of recent attacks compromising Unitronics PLCs used in Water and Wastewater Systems, which are often abbreviated as WWSes. Although the notice didn’t identify any facilities by name, the account of one hack was almost identical to the one that occurred inside the Aliquippa facility.

“Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a US water facility,” CISA officials wrote. “In response, the affected municipality’s water authority immediately took the system offline and switched to manual operations—there is no known risk to the municipality’s drinking water or water supply.”

Water Authority officials told reporters the hacked PLC regulates pressure to elevated regions and was housed in what’s known as a booster station that served Raccoon and Potter. As soon as the PLC was hacked, the booster station sent an alarm to operators who then took the system offline and took manual control. They said there was never a threat to the availability of water to the 6,615 customers the facility serves.

Source…

‘Use separate credit card for online shopping, transactions’

/in


Yeo Siang Tiong

KUCHING: Aside from having a security solution that can catch your accidental slips, it is also essential to revisit the card that you are using for online shopping as it will shape the possible losses a malicious link can inflict on your wallet, Kaspersky advises.

According to Kaspersky’s Southeast Asia general manager Yeo Siang Tiong, a credit card is not necessarily more secured than a debit card but disputes are easier to settle if a malicious transaction involves your credit card.

“Banks have insurance schemes and grace periods which allow you to alert them should you monitor a suspicious transaction, so be sure to keep an eye on your card’s balance and recent transactions list and to turn on transaction notifications,” Yeo said.

“With debit, the money loss will be pulled directly from your account. Meaning, it is your own money you are losing.

“And getting it back usually takes longer as compared with credit card – which you just don’t need to pay until the bank’s investigation is done.”

In addition, Yeo revealed that he is a believer of the additional security layer provided by a separate card which is meant only for spending online.

“In case of it being compromised, you can easily cut the card without affecting your main bank accounts.

“Just be sure that if you see anything suspicious, contact your bank immediately and try to cancel the transaction – the faster you do it, the better.”

He said that the same principle applies to having a dedicated e-mail for your online spending needs which severely limit the amount of spam messages you receive and significantly reduce the risk of opening potentially malicious e-mails disguised as sales promotions.

“It is also best to use a credit card with low limit, or you may also set the limit lower according to your spending pattern.

“This is to ensure that cybercriminals, in case they get their hands on it, can only use a limited amount, in turn not inflicting huge monetary impact on you.”

Yeo noted that though it will be easier if your card details are saved across all e-commerce platforms you’re using, data breaches should be enough to warn us about keeping our financial data more…

Source…