Sean Lyngaas – Page 46 – WindowsTechs.com

Why the Norsk Hydro attack is a ‘blueprint’ for disruptive hacking operations

Posted on March 16, 2020 by Sean Lyngaas

It’s been a year since malicious code tore through the computer network of Norwegian aluminum giant Norsk Hydro, forcing the company to shift some of its operations to manual mode and inflicting tens of millions of dollars in damage. The ransomware attack brought a global manufacturing powerhouse to its knees, and with it more questions than answers about the hackers’ motivation. Attackers targeted a company with good security practices, yet used code that would have made it difficult to collect their extortion fee. Norsk Hydro never paid, a spokesman said. Now, an investigation published Monday argues that the LockerGoga ransomware variant was designed to disrupt rather than to extort — to lock up the enterprise and throw away the key. Regardless of who was behind the Norsk Hydro attack, it provides a “worryingly effective blueprint” for state-backed hackers to hide behind malware associated with criminals to achieve their goals, says […]

The post Why the Norsk Hydro attack is a ‘blueprint’ for disruptive hacking operations appeared first on CyberScoop.

Continue reading Why the Norsk Hydro attack is a ‘blueprint’ for disruptive hacking operations→

Hackers had access to European electricity organization’s email server for weeks: report

Posted on March 13, 2020 by Sean Lyngaas

When the organization that oversees Europe’s electricity market announced on Monday that hackers had infiltrated its IT network, it didn’t provide many details. The European Network of Transmission System Operators for Electricity (ENTSO-E) said a data breach had been confined to its office network, and that no critical power systems were affected. It didn’t mention how or why the intrusion began. But a public analysis of a cybersecurity incident, which multiple people familiar with the matter said matches the details of the ENTSO-E breach, indicates that the attackers were communicating with the victim organization’s email server for more than a month. There was repeated, high-volume communication between the server and the hackers’ malware, according to the analysis, which was published in January by threat intelligence firm Recorded Future. The report did not name ENTSO-E as the victim, but a source close to senior cybersecurity officials at multiple European electric utilities said the two incidents […]

The post Hackers had access to European electricity organization’s email server for weeks: report appeared first on CyberScoop.

Continue reading Hackers had access to European electricity organization’s email server for weeks: report→

Czech Republic’s second-biggest hospital is hit by cyberattack

Posted on March 13, 2020 by Sean Lyngaas

A large Czech Republic hospital responsible for running tests for the novel coronavirus said Friday that a cyberattack had hit its computer systems. It was not immediately clear how, if at all, the hack would affect University Hospital Brno’s ability to test for the COVID-19 virus, but it was nevertheless a reminder of how cyberattacks have the potential to exacerbate the global health crisis. “Basic operation has been preserved, some computer systems are limited,” the hospital, based in the Czech Republic’s second largest city, Brno, tweeted. Some scheduled operations would have to be postponed, the hospital’s director said. A hospital spokesperson could not be reached for further comment. Details about the nature and source of the attack were not available. The Czech national cybersecurity agency and Czech police were on the scene helping the hospital respond. The hospital — the Czech Republic’s second-largest — is managed by the country’s health ministry, according to its website. […]

The post Czech Republic’s second-biggest hospital is hit by cyberattack appeared first on CyberScoop.

Continue reading Czech Republic’s second-biggest hospital is hit by cyberattack→

Election commission hires cybersecurity expert to help states with 2020 infrastructure

Posted on March 12, 2020 by Sean Lyngaas

The federal agency that oversees funding for states to secure their election equipment is hiring a cybersecurity expert versed in voting technology as it prepares for the 2020 election. Joshua Franklin will start in the coming weeks in a top cybersecurity position at the Election Assistance Commission, according to multiple people familiar with the matter. It is an effort by the EAC, a tiny agency with a big responsibility, to bolster the cybersecurity expertise it has on staff. Franklin, who spent six years as an engineer at the National Institute of Standards and Technology, is expected to protect EAC networks from hacking threats and support the commission’s cybersecurity work with state and local election officials. Franklin has been working as an election security advocate for years, drawing attention to the issue at hacking conferences. In 2018, Franklin presented research at DEF CON comparing the vulnerabilities in the websites of House and Senate candidates for the […]

The post Election commission hires cybersecurity expert to help states with 2020 infrastructure appeared first on CyberScoop.

Continue reading Election commission hires cybersecurity expert to help states with 2020 infrastructure→

Russian intelligence-backed hackers go after Armenian government websites with new code

Posted on March 12, 2020 by Sean Lyngaas

Computer code used by hackers tied to Russia’s FSB intelligence agency has haunted governments around the world for years. The hackers’ tools have been associated with a damaging breach of U.S. military networks in the mid-to-late 1990s, and used in a cunning hijacking of Iranian infrastructure more than two decades later. Now, malware analysts have surfaced a new piece of code that they say the Russian hacking group, dubbed Turla, is using to spy on government websites in the Eurasian country of Armenia. The Turla operatives set up malicious web infrastructure known as a “watering hole” in an apparent attempt to surveil Armenian government officials last year. “It is likely that the Turla operators already know who they want to target and may even know the ranges of IP addresses they generally use” before carrying out an operation, said Matthieu Faou, malware researcher at ESET, the antivirus firm that discovered the campaign. ESET knows of […]

The post Russian intelligence-backed hackers go after Armenian government websites with new code appeared first on CyberScoop.

Continue reading Russian intelligence-backed hackers go after Armenian government websites with new code→

Bogus HIV test results are the latest lures used by cybercrooks

Posted on March 10, 2020 by Sean Lyngaas

It’s open season for hackers who prey on public health fears to try to dupe people into installing malware. As phishing attempts related to the novel coronavirus surged in late January, another health-related scam was kicking off. Crooks were sending people fake HIV test results that were laced with malicious code. To make the ruse more believable, the emails purported to come from Vanderbilt University’s prestigious medical center. “The psychology behind that is: Whether or not you recently did an HIV test, it is very possible that you would still be interested to see HIV test results,” said Sherrod DeGrippo, who heads the threat research and detection team at Proofpoint, the cybersecurity company that discovered the phishing campaign. “And so it goes from a fear-based emotion to a secondary emotional reaction, which is curiosity,” DeGrippo told CyberScoop. Health-related phishing lures are nothing new, but DeGrippo says they appear to have […]

The post Bogus HIV test results are the latest lures used by cybercrooks appeared first on CyberScoop.

Continue reading Bogus HIV test results are the latest lures used by cybercrooks→

European power grid organization says its IT network was hacked

Posted on March 9, 2020 by Sean Lyngaas

The organization that ensures coordination of European electricity markets said Monday that its IT network had been compromised in a “cyber intrusion.” The European Network of Transmission System Operators for Electricity (ENTSO-E), whose members include large electric transmission operators across the continent, “recently found evidence of a successful cyber intrusion into its office network,” the organization said in a terse statement. The compromised office network is not connected to any operational electric transmission system, ENTSO-E said, meaning the attack was confined to IT systems and did not impact critical control systems. “A risk assessment has been performed and contingency plans are now in place to reduce the risk and impact of any further attacks,” the ENTSO-E said, adding that its members were apprised of the situation. CyberScoop sent ENTSO-E’s press office a list of questions including when the digital intrusion began and who might be responsible for the attack. “For obvious […]

The post European power grid organization says its IT network was hacked appeared first on CyberScoop.

Continue reading European power grid organization says its IT network was hacked→

Ex-DHS inspector general indicted for allegedly stealing government software

Posted on March 6, 2020 by Sean Lyngaas

Federal prosecutors on Friday announced charges against the former acting inspector general of the Department of Homeland Security for allegedly stealing proprietary software from the watchdog and trying to profit from it. Charles K. Edwards, who served as acting DHS inspector general from 2011 to 2013, and his former associate Murali Yamazula Venkata, are accused of aggravated identity theft, wire fraud, and conspiring to steal government property to defraud the United States. The alleged scheme took place from 2014 to 2017, after Edwards had already left DHS’s inspector general (IG) office. But the head-turning indictment accuses Edwards of coordinating with Venkata, who still worked at the IG’s office, to steal the IG’s software. Edwards and Venkata also allegedly took “sensitive government databases” containing the personal identifiably information of DHS and U.S. Postal Service employees. Edwards then allegedly used the stolen code to improve software made by his company, Delta Business Solutions, […]

The post Ex-DHS inspector general indicted for allegedly stealing government software appeared first on CyberScoop.

Continue reading Ex-DHS inspector general indicted for allegedly stealing government software→

FDA warns patients about Bluetooth flaws affecting pacemakers, glucose monitors

Posted on March 5, 2020 by Sean Lyngaas

Pacemakers and glucose-monitoring systems are among the critical medical equipment that could be affected by new security vulnerabilities in wireless technology, the Food and Drug Administration and Department of Homeland Security warned this week. The set of flaws in a popular wireless protocol known as Bluetooth Low Energy (BLE), which impact microchipped devices in a range of industries, could allow a hacker within radio range of a device to disrupt its communications, forcing it to restart. There have not been any reports of malicious exploitation or patient harm related to the vulnerabilities. The FDA advised medical device manufacturers to work with health care providers, patients, and facilities to figure out which devices are affected and “to ensure that risks are reduced to acceptable levels.” How many medical device manufacturers, which use the vulnerable microchips, are implicated remains to be seen. It is up to the manufacturers themselves to verify the extent to which they are affected. Erika Winkels, a spokesperson […]

The post FDA warns patients about Bluetooth flaws affecting pacemakers, glucose monitors appeared first on CyberScoop.

Continue reading FDA warns patients about Bluetooth flaws affecting pacemakers, glucose monitors→

Super Tuesday gives feds and states a test run for securing November vote

Posted on March 4, 2020 by Sean Lyngaas

Federal and state officials were up late Tuesday monitoring for threats from hackers and trolls to the biggest primary day of the 2020 election season. A watch floor at the Department of Homeland Security kept election administrators across the country plugged into threat data coming in from the intelligence community. While there were some notable technical glitches in the voting process, nothing malicious came to pass. Bleary-eyed officials can go back to work Wednesday with a sigh of relief but also some lessons learned on how to protect the November presidential vote, which U.S. officials have repeatedly warned will draw foreign interference attempts. “We had well over 100 state and local officials in the room with us exchanging information with us throughout the day,” a senior official at the Department of Homeland Security’s cybersecurity division said on a 9 p.m. Eastern call with reporters. “[There are] ways that we can improve […]

The post Super Tuesday gives feds and states a test run for securing November vote appeared first on CyberScoop.

Continue reading Super Tuesday gives feds and states a test run for securing November vote→