Category Archives: Colonial Pipeline

Wind turbine giant Vestas says data was compromised in security incident

Posted on by

One of the world’s largest wind turbine manufacturers, Vestas Wind Systems, says its contending with a cyberattack that forced the firm shut down some of its IT systems. The Danish company said Monday that its investigating the security incident, discovered Nov. 19, and mitigating the impact. Vestas has “together with external partners worked around the clock to contain the situation and re-establish the integrity of its IT systems,” it said in a statement. “The company’s preliminary findings indicate that the incident has impacted parts of Vestas’ internal IT infrastructure and that data has been compromised.” Vestas, long considered an industry leader with a reported $34 billion in market value, watched a dip in stock value as word of the apparent breach spread. “There is no indication that the incident has impacted third party operations, including customer and supply chain operations,” the company’s Monday update states. “Vestas’ manufacturing, construction and service […]

The post Wind turbine giant Vestas says data was compromised in security incident appeared first on CyberScoop.

Continue reading Wind turbine giant Vestas says data was compromised in security incident

State Department offers $10 million reward for help identifying DarkSide ringleaders

Posted on by

The State Department on Thursday announced a $10 million bounty for information on the location of leaders of the DarkSide ransomware gang, and $5 million for information that leads to the arrest or conviction of any affiliates of the group. DarkSide in May hacked fuel provider Colonial Pipeline, forcing the company to shut down its operations, resulting in panic-buying at gas stations in some areas of the U.S. ahead of Memorial Day weekend. The Justice Department retrieved $2.3 million of the nearly $5 million ransom payment Colonial Pipeline made to the Russian-speaking hackers. “In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” State Department spokesperson Ned Price said in a statement. “The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.” Only the […]

The post State Department offers $10 million reward for help identifying DarkSide ringleaders appeared first on CyberScoop.

Continue reading State Department offers $10 million reward for help identifying DarkSide ringleaders

Breach notification window, accountability are focus of coming fight on cyber legislation in Congress

Posted on by

Battle lines are drawn in Congress over legislation that would require companies to report some cyber incidents to the federal government, with industry groups lining up to support a House of Representatives bill poised to create fewer challenges for business leaders than a similar proposal in the Senate. The debate involves questions about how quickly companies would have to report attacks, what kinds of specific intrusions would trigger notification and whether failure to comply with the rules would lead to financial penalties. The idea of breach notification legislation gained momentum following last year’s discovery of the SolarWinds hack that compromised nine federal agencies and some 100 companies, as well as the Colonial Pipeline ransomware attack in May. At issue are such questions as whether companies have 24 or 72 hours to report an incident, along with who would be on the hook outside of critical infrastructure owners and operators, if […]

The post Breach notification window, accountability are focus of coming fight on cyber legislation in Congress appeared first on CyberScoop.

Continue reading Breach notification window, accountability are focus of coming fight on cyber legislation in Congress

US makes progress on improving cyber but key issues remain, congressional committee finds

Posted on by

A congressional commission dedicated to shoring up America’s cyber defenses has made significant progress in the wake of multiple recent cybersecurity crises, according to a new report. Nearly 75% of the 82 recommendations made in the Cyberspace Solarium Commission’s March 2020 report, which set out to assess ways the U.S. can improve its digital resilience, have been implemented or are on track to be implemented, according to an evaluation released Thursday by the Commission. The report notes that some of this movement has been spurred by a wave of high profile cybersecurity incidents within the past year, starting with the revelation in December 2020 that Russian hackers had infiltated at least nine federal agencies using network management software SolarWinds. In March, apparent Chinese hackers exploited a vulnerability in Microsoft’s Exchange Server technology, affecting thousands of users. Multiple ransomware attacks have followed, including one against fuel provider Colonial Pipeline that forced […]

The post US makes progress on improving cyber but key issues remain, congressional committee finds appeared first on CyberScoop.

Continue reading US makes progress on improving cyber but key issues remain, congressional committee finds

Hackers are using CAPTCHA techniques to scam email users

Posted on by

More email users fell for scams using CAPTCHA technology in 2020, a new report from security firm Proofpoint shows. The technique, which uses a visual puzzle to help authenticate human behavior, received 50 times as many clicks in 2020 compared to 2019. That’s still only a 5% overall response rate, researchers note. Comparatively, one in five users clicked attachment-based emails with malware disguised as Microsoft PowerPoints or Excel spreadsheets. Campaigns using attachments to hide malware made up one in four of the attacks researchers at Proofpoint monitored. “Attackers don’t hack in, they log in, and people continue to be the most critical factor in today’s cyber attacks,” Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint said in a statement. Researchers found that quantity continues to beat quality in email attacks. Proofpoint found that the highest number of clicks came from a threat actor linked to the Emotet botnet. […]

The post Hackers are using CAPTCHA techniques to scam email users appeared first on CyberScoop.

Continue reading Hackers are using CAPTCHA techniques to scam email users

Biden issues memo to push critical infrastructure cybersecurity upgrades

Posted on by

President Joe Biden on Wednesday signed a national security memorandum tasking a group of federal agencies to develop cybersecurity performance goals for critical infrastructure. The directive is the latest effort from the Biden administration to get critical industries on board with improving cybersecurity in areas that could impact national security and the economy. The executive memo follows a security directive handed down by the Transportation Security Administration last week requiring owners and operators of TSA-designated critical pipelines to implement mitigations to protect against ransomware and other threats. “Our current posture is woefully insufficient given the evolving threat we face today,” a senior administration official told reporters in a call on Tuesday. “We really kicked the can down the road for a long time. The administration is committed to leveraging every authority we have, though limited, and we’re also open to new approaches, both voluntary and mandatory.” The Department of Homeland […]

The post Biden issues memo to push critical infrastructure cybersecurity upgrades appeared first on CyberScoop.

Continue reading Biden issues memo to push critical infrastructure cybersecurity upgrades

Colonial Pipeline Hinted at Critical Infrastructure Threat

Posted on by

The long gas lines, panic buying and price spikes are fading into memory. But the ransomware attack in early May 2021 on the largest fuel pipeline in the U.S. must continue to drive urgent action by the industry and policymakers to protect the nation’… Continue reading Colonial Pipeline Hinted at Critical Infrastructure Threat

Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says

Posted on by

The tides may be starting to turn on the ransomware epidemic, new industry findings show. The average ransomware payment declined to $136,576 in the second quarter of 2021, according to numbers published Friday by ransomware response firm Coveware. The company did not share how many companies that data was based on. The 38% decrease is a dramatic drop from the average demand of $220,298 that the firm reported in April for the first quarter. That number was a 43% increase from the last quarter of 2020. The decline comes in the shadow of three major ransomware attacks hitting the U.S. supply chain. Since May, U.S. officials have faced three high-profile ransomware attacks against fuel provider Colonial Pipeline, meat supply company JBS, and most recently Florida IT company Kaseya. The latter two attacks have been attributed to REvil, a ransomware gang thought to be based in Russia. The resulting wake-up call in both […]

The post Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says appeared first on CyberScoop.

Continue reading Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says

New legislation would boost the FTC’s role in fighting ransomware

Posted on by

A new bill could direct the Federal Trade Commission’s international efforts towards taking on ransomware. Rep. Gus Bilirakis (R-Fla.), the top Republican on the House Energy and Commerce consumer protection subcommittee, filed legislation Tuesday that would require the agency to report the number of ransomware and cyberattack-related complaints it receives, and how it cooperated with international law enforcement to respond to those issues. The new text would update a 2006 law enabling the agency to work with foreign law enforcement agencies on consumer protection issues. Under the amended law, the FTC would also be charged with providing recommendations for legislation and best practices to mitigate and defend against ransomware. The FTC has always played a role in trying to mitigate data breaches and online fraud, including the enforcement of privacy policies and pursuing companies like Equifax for failing to take basic security precautions. It has in the past also offered […]

The post New legislation would boost the FTC’s role in fighting ransomware appeared first on CyberScoop.

Continue reading New legislation would boost the FTC’s role in fighting ransomware

Chinese government-backed hackers infiltrated US pipeline companies, FBI says

Posted on by

State-sponsored Chinese cybercriminals successfully hacked into the control systems of several U.S. oil and natural gas pipelines between December 2011 to 2013, a Wednesday alert from the Department of Homeland Security’s cyber outfit and the FBI reveals. The hackers stole information that would have allowed them to access control networks and provided them with “sufficient access to allow them to remotely perform unauthorized operations on the pipeline with physical consequences,” says the alert. The campaign compromised at least 13 companies. Of the 23 targets, eight had an unknown level of intrusions. The Cybersecurity Infrastructure and Security Agency and the FBI provided assistance to victims at the time. “CISA and the FBI assess that these actors were specifically targeting U.S. pipeline infrastructure for the purpose of holding U.S. pipeline infrastructure at risk,” the alert says. “Additionally, CISA and the FBI assess that this activity was ultimately intended to help China develop […]

The post Chinese government-backed hackers infiltrated US pipeline companies, FBI says appeared first on CyberScoop.

Continue reading Chinese government-backed hackers infiltrated US pipeline companies, FBI says