Tag Archive for: Suffolk

Data breach reported by Suffolk County computer security vendor

/in


A computer security application that Suffolk County installed last year to protect its systems in the wake of a 2022 cyberattack has itself been the subject of a data breach, leading Suffolk this week to alert its computer administrators to potential new attacks.

In an email obtained by Newsday, Suffolk’s computer team notified administrators across its network that a breach last month of computer security company Okta could result in attempts by hackers to gain access to systems protected by the measures.

Okta makes a security product known as a multi-factor authentication which verifies the identity of users requiring a unique security code sent to a cellphone or email system outside the primary work address.

A copy of an email sent to IT administrators in Suffolk on Wednesday noted that Okta “just revealed” that a “threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users.”

WHAT TO KNOW

  • A computer security application that Suffolk County installed last year to protect its systems in the wake of the 2022 cyberattack has itself been the subject of a data breach
  • Suffolk has alerted its computer administrators that the breach of computer security company Okta could result in potential new attacks.
  • Okta makes a product known as a multi-factor authentication which verifies the identity of users requiring a unique security code sent to a cellphone or email system outside the primary work address.

It notes that every administrator that has “ever been created for our Okta tenant is present in this report.”

For Suffolk and other customers, the breach means there is a “possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks.” Such attacks lure computer users into exposing sign-in or password information by appearing to come from legitimate sources.

Suffolk alerted its administrators to “ensure that all” have multi-factor authentication enrolled and activated to “protect not only the customer support system, but also to secure access to their Okta admin console.”

“I just wanted to let you know so you can be vigilant…

Source…

The Long Island Press Amplifies a RevBits White Paper that Explores a Devastating 2022 Cyber Hack on the Computer Systems of Suffolk County New York

/in





Mineola, N.Y., United States:
 

RevBits, a cyber security solution company based on Long Island, New York, completed a review of the 2022 Suffolk County, New York, cyber hack that rendered government systems largely inoperable for months, affecting municipal work and citizen interaction with their county government. The RevBits white paper, Suffolk Hack Part of a Chinese Plot?, was recently profiled in a companion piece in the September edition of The Long Island Press.


 

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230919470113/en/


 

One year ago, on September 8, 2022, an anonymous email appeared on the Suffolk County government computer system announcing a devastating hack: unnamed thieves had sized four terabytes of data – some 300 million pages of detailed government information, including highly confidential personal information regarding 26,000 current and former employees as well as banking and personal information related to more than 400,000 people who have received traffic and parking tickets over the past years.


 

The hack brought government systems to a halt: crippling the billion-dollar real estate industry, sideswiping tens of millions of dollars in vital payments to mom-and-pop suppliers and disabled key functions of the county’s 911 emergency system.


 

The RevBits white paper reveals that top US law enforcement and intelligence officials are convinced the intrusion was executed by Chinese government hacking teams as part of Beijing’s drive toward global supremacy by 2049.


 

The white paper, initiated by RevBits CEO David Schiffer, who founded and headed Safe Banking Systems prior to running RevBits, is a veteran of the cyber-world, having intersected with many of the biggest computer cases of the past decades from Kremlin money laundering to security lapses at the FAA. “This hack hits close to home for us – we are a Long Island-based company, and I have been a Long Island resident nearly my whole life,” said Schiffer. “The scourge of state-sponsored hacking needs to be taken seriously by companies but, even…

Source…

Answers and accountability are needed in Suffolk cyber hack

/in


Imagine someone broke into your house, shut down your essential devices, tapped into all your personal records, and then held them hostage until you paid an exorbitant amount of money to stop this criminal act.

When done over the internet, it’s known as ransomware. And increasingly, American municipalities have fallen victim to this outrageous act of cybercrime, including Suffolk County’s official website and those of some Long Island school districts.

But in Suffolk, nine months after its computer systems were broken into, some vexing questions remain: How long will it take to get bottom-line answers to the root causes of this attack? And who is really to blame?

Certainly, there were plenty of warnings. In March 2022, the FBI alerted local governments like Suffolk that they were particularly vulnerable to cyberattacks which could cause huge disruptions to computer operations, endanger health and public safety, and cost millions to fix. Citing examples around the nation, the FBI recommended against paying ransom demands, and urged municipalities to follow several detailed steps to upgrade their software defenses to prevent future attacks. Because the public relies on open municipal websites for vital services, they are “attractive targets for cyber criminals,” said the agency.

DEVASTATING ATTACK

Nevertheless, Suffolk suffered a devastating cyberattack in September, with hackers demanding $2.5 million in ransom that the county refused to pay. The county’s main website and related services were shut down for nearly six months. Both the FBI and the Suffolk district attorney continue to investigate this attack by cyber thieves who are still unknown to the public.

In its wake, Suffolk County Executive Steve Bellone blamed the computer breach primarily on the county clerk’s IT director, Peter Schlussler, and put him on paid leave in December. At a cost of $6 million, Bellone hired experts for restoration and recovery of the county’s computer system. In the meantime, the county legislature tapped Richard Donaghue, a former top U.S. Justice Department official, to help conduct its own review of circumstances surrounding the attack.

Now Suffolk’s cyber saga takes a new…

Source…

Records show Suffolk IT employess knew of bitcoin mining before ransomware attack

/in



A Newsday investigation into the cyber hack that crippled Suffolk County uncovered records that show county IT employess knew of bitcoin mining but didn’t stop it. NewsdayTV’s Sandra Peddie reports.

Source…