FLORENCE, Ala. (WAFF) - At least two cities in the Shoals have seen hackers target them this month.
* * *
Muscle Shoals' firewall stopped the hackers from getting away with any stolen information, but the city of Florence had to spend $300,000 to regain access to its systems.
"The problem is really cyber attacks are an asymmetrical threat. The defender has to get it right every single time. The attacker only has to get it right once," said University of North Alabama computer science professor, James Jerkins.
And here's another article:
Stopping Hackers in Their Tracks — FBI
“And no, I’m really NOT an extortionist, I would like to see how much you think it’s worth, and if it’s fair, we'll leave it at that,” Kight wrote, according to court documents.
But whether you call it extortion or not, stealing data and demanding money to have it returned is illegal.
“The data that he took is really valuable,” said Special Agent Tyson Fowler, who investigated this case out of the FBI’s Atlanta Field Office. “He threatened to release this data if they didn’t pay him the ransom.”
North Korea's state hackers caught engaging in BEC scams | ZDNet
Today's security threats have expanded in scope and seriousness. There can now be millions -- or even billions -- of dollars at risk when information security isn't handled properly.
* * *
But on the infected employee's computer, the hackers would continue to operate using their initial foothold and expand their access inside the hacked company's network.
ESET said that based on malware specific to "Operation In(ter)ception" they found, these attacks appear to have taken place between September and December 2019.
To evade detection, hackers are requiring targets to complete CAPTCHAs | Ars Technica
"CHIMBORAZO, the group behind Dudear campaigns that deploy the info-stealing Trojan GraceWire, evolved their methods once again in constant pursuit of detection evasion," Microsoft's Security Intelligence group wrote in a Tweet on Wednesday . "The group is now using websites with CAPTCHA to avoid automated analysis."
CHIMBORAZO, the group behind Dudear campaigns that deploy the info-stealing Trojan GraceWire, evolved their methods once again in constant pursuit of detection evasion. The group is now using websites with CAPTCHA to avoid automated analysis. pic.twitter.com/Kz3cdwYDd7
And here's another article:
Lion cyber attack hackers post evidence of company's confidential files
Hackers responsible for successive cyber attacks on Lion Australia, the beverage giant behind beer brands Little Creatures, XXXX, Tooheys and James Squire, are threatening to auction or publish confidential company data on the dark web unless they are paid a reported ransom of $1 million.
The briefing came as hackers, claiming responsibility for the attacks, have provided proof that they have stolen confidential copies of the company's and its clients' files.
Honda Hackers May Have Used Tools Favored by Countries - The New York Times
While Honda has declined to name the attackers or the tools they used, cybersecurity analysts said that the attack appears to have been carried out by software designed to attack the control systems for a wide variety of industrial facilities like factories and power plants. Such cyberweapons previously were only known to have been used by state agents.
In the hands of criminals, the tools could be used not just to steal data or disrupt business operations but to bring factories to a grinding halt or switch off power grids.
Hackers Trigger Far-Reaching Disruption by Targeting Low-Profile Firm - WSJ
Small and midsize companies are fighting a rising tide of cyberattacks largely out of public view, posing an underappreciated risk for the bigger companies and institutions that use their services.
Why pay attention to indictments of foreign hackers? -- FCW
The Department of Justice uses these to reveal how these groups operate, who they are and what sector or organizations they're targeting. Often they include highly personal details about the individuals involved, including photos, biographical information and place of employment for individual hackers.
Some detractors wonder if these indictments are just public relations campaigns, since those identified typically are outside the reach of U.S. and international law enforcement. Others have warned the efforts will lead to similar retaliation against U.S. cyber operatives.
No comments:
Post a Comment