fbpx

Cyber ​​vulnerabilities crush security experts



Understanding the ongoing cyberattacks and the bad guys responsible is challenging for professionals in both government and business.

This FBI told victims that it may not be able to respond to them due to the growing pool of potential victims following vulnerabilities in the widely used Apache Log4j software.

This FBI On Wednesday, people who think they may be the victims of hackers using the Log4j issue, FBI and the Cybersecurity and Infrastructure Security Agency has no time to respond.

“Because of the potential scale of this event, FBI and CISA may not be able to respond to each victim individually, but all the information we receive will be useful in countering this threat.” FBI said in a statement. “As always, we stand ready to help affected organizations.”

Log4j chaos is a top priority for the government due to the long list of potential victims and strong competitors taking advantage of the hack for future attacks. Sectors such as electric power, water, food, transportation and manufacturing are vulnerable, according to cybersecurity firm Dragos.

CISA Director Jen Easterly told CNBC on Thursday that the federal government did not know the source of the vulnerability, but urged “everyone” to assume they were exposed until they find out otherwise.

Private cybersecurity firms say they have observed hackers exploiting the vulnerability, backed by hostile countries such as China and Iran. Others said they saw North Korea and Turkey joining.

Cybersecurity firm Mandiant, which is among the watchdogs of Iranian and Chinese hackers, said it expects more countries to join the frock soon if they haven’t joined yet.

Cyber ​​breaches jeopardized paychecks ahead of the gift-giving holiday season, wreaked havoc at a school amid exams, and hit government agencies. The frequency and extent of such attacks could get worse.

The White House said on Thursday that companies must reset their passwords, fix vulnerabilities in their networks, and have enough information technology workers to deal with hackers “waiting” for the right moment to attack.

Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technology, and John C. Inglis, National Director of Cyberspace, sent a memo urging business leaders to take action now.

“Unfortunately, malicious cyber actors don’t take vacations, and they can ruin ours if we’re not prepared and protected,” said Ms Neuberger and Mr Inglis. “We’ve historically seen breaches on national holidays because criminals know that security operations centers are often understaffed, delaying the discovery of intrusions.”

As the federal government tries to take over Log4j, cyberattackers are disrupting operations in hospitals, government offices, transportation agencies, and schools across the country.

According to The Journal Times in Racine, a ransomware attack that hit human resources software Kronos Private Cloud disrupted the way Ascension All Saints Hospital in Racine, Wisconsin, paid its employees.

The cyberattack also crashed the New York City Metropolitan Transit Authority’s timekeeping system on Monday, according to the New York Post. The Washington Post reported that the same cyberattack also disrupted the government of Prince George’s County in Maryland.

A spokesperson for UKG, which operates Kronos Private Cloud, did not answer whether the cyberattack was caused by a Log4j vulnerability. The spokesperson said in an email that the company notified authorities and was working with cybersecurity experts.

“It may take up to several weeks to fully restore system availability,” UKG said on its website on Thursday afternoon.

A ransomware attack shut down websites for Virginia legislatures this week, and Mandiant said it was dealing with the state surrounding the issue.

George Washington University has had multiple cybersecurity issues last week involving its law school and the university’s online time reporting system. The dean of the law school said in a video message Monday that the MyLaw platform had been compromised, causing stress for students taking the exam.

A separate incident may have compromised students’ names, campus IDs, and school email addresses, according to the school’s student newspaper, The GW Hatchet.

Despite the chaos this month, cybersecurity experts aren’t sure the number of cyberattacks has changed. But some cybersecurity experts have noticed changes in criminal attackers and their behavior.

Emsisoft threat analyst Brett Callow said he has observed the shift from noisy ransomware operations to silent operations by attackers seeking to avoid law enforcement attention.

Cybercrime intelligence firm Intel 471 said on Thursday that lesser-known variants of ransomware have replaced lesser-known attacks that gained attention in the first half of the year as they targeted critical American infrastructure.

This FBI He told the Washington Times in June that he was investigating “about a hundred different variants” of the ransomware responsible for dozens to hundreds of attacks. The number soared from a handful of variants a year or two ago.

If early indications are correct, the number of ransomware variants wreaking havoc is about to increase.

• Tom Howell Jr. contributed to this report.





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

(0)