Baltimore County Public Schools shut down Monday and Tuesday following a ransomware attack that paralyzed the school system’s network last week right before Thanksgiving. According to the Baltimore Sun, officials described the event as a “catastrophic attack on our technology system.” The ransomware attack is reported to have hit the entire Baltimore County Public Schools’ … Continue Reading
We spend a lot of time reporting on ransomware because we are seeing more incidents than ever before, and our readers comment that keeping them up to date on ransomware tactics is helpful. The ransomware gangs, strains and vectors are constantly changing, so it is very challenging for companies to keep up with their latest … Continue Reading
Campari, the Italian drinks company, recently announced that it was hit with a cyber attack that encrypted its data and potentially exfiltrated some data. According to Campari, “We are still investigating the attack and…determining to what extent there has been any loss of confidentiality. At this stage, we cannot completely exclude that some personal and … Continue Reading
According to Cybersecurity Ventures, cybercrime is the fastest growing crime in the U.S., with damages expected to reach $6 trillion globally by 2021. Therefore, it is axiomatic that C-Suites continue to address the risk associated with cybercrime and how cybercrime will affect the business. Ransomware continues to be one of the biggest risks to company … Continue Reading
The misinformation on social media about the election results (and other topics) is rampant. Social media companies like Twitter and Facebook are struggling with the balance between the First Amendment right to free speech and false information or exaggerated reports on their platforms and are hiding or flagging those they deem to be false or … Continue Reading
The GEO Group, Inc. (GEO), a publicly held company located in Boca Raton Florida, announced on November 3, 2020, that it is beginning to notify individuals following a ransomware attack that “impacted a limited amount of personally identifiable information and protected health information for some inmates and residents contained on certain servers for a small … Continue Reading
Criminals are apparently not taking any time off during this pandemic, and in fact by all accounts have increased their attacks, particularly targeting entities whose attention is diverted to dealing with the fallout of the Covid-19 crisis. In particular, educational institutions across the country have faced a recent onslaught of ransomware attacks, often crippling an … Continue Reading
On October 27, 2020, the FBI and the Department of Homeland Security (DHS) warned the health care industry about “an imminent cybercrime threat to U.S. hospitals and healthcare providers.” According to the warning, which was shared during a conference call, the government has received “credible information of an increased and imminent cybercrime threat to U.S. … Continue Reading
Hall County, Georgia reported on October 7, 2020, that it was the victim of a ransomware attack that disrupted some of its systems, including email and telephone services in public buildings and the sheriff’s offices. Last week, the county indicated that in addition to telephone and email services, the ransomware attack also affected the county’s … Continue Reading
It has been widely reported that hackers are taking advantage of the pandemic to perpetrate scams and frauds. We have seen attacks against workers of companies through phishing emails that include an attachment or link offering information or access to specialized treatment for COVID-19 to lure people to click on them. Once they click on … Continue Reading
Health care entities continue to face a barrage of attacks from cyber criminals, and it is widely reported that the health care industry is getting hit more frequently than any other industry. Ransomware is the name of the game for these attackers in all industries, including health care. Unfortunately, what is being touted as one … Continue Reading
On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory “to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities.” The advisory acknowledges that the incidents of ransomware attacks on U.S. companies have risen during the COVID-19 pandemic. Although the advisory does … Continue Reading
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put government data at risk. According to reports, Tyler may have been the victim of a ransomware attack that disrupted its … Continue Reading
In the wake of the increase in ransomware attacks, including data exfiltration prior to or during a ransomware attack, I think it is worth the time and resources to focus on data recovery and business continuity. I am finding that during and following a ransomware attack, victims do not have adequate actionable business continuity, disaster … Continue Reading
Cyber liability insurers are in a good position to provide insight into the types of cyber incidents that are hitting the industry. Coalition, a provider of cyber insurance globally, which “serves over 25,000 small and midsize organizations across every sector of the US and Canada,” issued its Cyber Claims Report this week about the claims … Continue Reading
Cyber-attackers know that city and town officials have been gearing up for the start of school and the potential for remote learning, in school or a hybrid model all summer. The daily monitoring of the coronavirus has kept officials alert and flexible as they focus on the start of school. Cyber-attackers also know that cities … Continue Reading
Adding insult to injury for cruise ship company Carnival Corporation (Carnival) following the hit from the pandemic to the travel industry as well as a class action lawsuit relating to the Diamond Princess’ fate during the pandemic, Carnival disclosed in its August 17, 2020 8-K filing that it recently experienced a ransomware attack. According to … Continue Reading
As a follow-up to last week’s post on the importance of due diligence regarding high-risk vendors’ security practices, Blackbaud, a global company providing financial and fundraising technology to not-for-profit entities, notified its customers late last week that it was the victim of a ransomware attack in mid-May. Blackbaud offers a number of products to its … Continue Reading
On July 10, 2020, the Securities and Exchange Commission, through its Office of Compliance Inspections and Examinations (OCIE), issued a warning to advisors and broker-dealers to “immediately” review their cybersecurity controls to prevent and respond to an increase in phishing campaigns and ransomware attacks. The Risk Alert advises that the OCIE has “observed an apparent … Continue Reading
It doesn’t matter in which state you are located, how many patients you treat, what kind of medicine you practice or how many employees you have, if you are a health care provider, you are being targeted and hackers are successful in victimizing you. That’s my take on the recent Becker’s Health IT article that … Continue Reading
The Office of Court Administration in Texas (OCA) confirmed late last week that it is the victim of a ransomware attack. The OCA stated that it would not pay the ransom. “OCA was able to catch the ransomware and limit its impact, and will not pay any ransom…Work continues to bring all judicial resources and … Continue Reading
There have been numerous examples of how hackers can get hold of sensitive and deeply personal information and use it against individuals to embarrass and extort them into sending money or compromising pictures to the hackers to prevent the information from being posted on the web. These examples include cyberbullying, online love scams, blackmail through … Continue Reading
In a growing trend, pharmaceutical company ExecuPharm became the victim of a ransomware attack on March 13, 2020, by the CLOP ransomware group, which exfiltrated its data and then posted it on the Internet. Apparently, ExecuPharm didn’t pay the ransom, and then paid the price anyway by having its data compromised and posted by the … Continue Reading
Some good news in the ransomware world, which is so rare these days. The Shade (Troldesh) ransomware group has retired and is shutting down. When do you ever hear that a ransomware group is shutting down? According to reports, Shade has publicly announced that it is retiring (apparently it has made enough money to do … Continue Reading
