Windows TCO Leftovers

posted by Roy Schestowitz on May 11, 2024

• Cyble Inc ☛ British Columbia Cyberattack: State Actor Made 3 Attempts To Breach Govt Networks

  Premier David Eby first announced that multiple cybersecurity incidents were observed on government networks on Wednesday, adding that the Canadian Centre for Cyber Security (CCCS) and other agencies were involved in the investigation.

  Salter in her Friday technical briefing refrained from confirming if the hack was related to last month’s security breach of Microsoft’s systems, which was attributed to Russian state-backed hackers and resulted in the disclosure of email correspondence between U.S. government agencies.

• Security Week ☛ 500,000 Impacted by Ohio Lottery Ransomware Attack

  The incident came to light in late December 2023, after the Ohio Lottery announced shutting down some systems in an effort to contain the breach.

  At around the same time, a seemingly new ransomware group named DragonForce took credit for the attack.

• Scoop News Group ☛ Major health care system hobbled by ‘cyber incident’ 

  Major impacts to medical services have been reported in multiple states, including Kansas, Florida and Michigan, including some patients being diverted to other hospitals and lack of access to digital records.

  “We have to write everything on paper,” one physician in Michigan told the Detroit Free Press. “It’s like the 1980s or 1990s.”

• Gannett ☛ Ascension hospitals hit by cyberattack; investigating data breach

  A nurse told the Free Press on Wednesday evening that Ascension hospitals were still accepting patients by ambulance who were medically unstable and in need of lifesaving treatment. But those who were more stable and could be taken to other nearby hospitals for care were diverted because of the computer network outage.

• Gannett ☛ Cyberattack forces Ascension to divert ambulances, postpone procedures

  Employees noticed the computer network problems about 7 a.m. Wednesday, said three workers who spoke on the condition of anonymity out of fear of job repercussions.

  "There was a security concern, so they shut down the system," one physician told the Free Press at the time. "It's affecting everything."

• Ascension ☛ Cybersecurity Event Update

  We have engaged Mandiant, a third party expert, to assist in the investigation and remediation process, and we have notified the appropriate authorities. Together, we are working to fully investigate what information, if any, may have been affected by the situation. Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines.

• Cyble Inc ☛ Multiple Cybersecurity Incidents Rock British Columbia Govt

  British Columbians are rightly concerned about their sensitive information, questioning whether it has been compromised by a foreign, state-sponsored cyberattack. So, I ask the premier today: Will he reveal who was responsible for this attack?” Stone demanded.

  Stone pointed out the timing of Eby’s Wednesday statement, suggesting it was issued discreetly “while everyone was preoccupied with last night’s Canucks game.”

• Bridge Michigan ☛ Cyberattack forces Ascension hospitals in Michigan to reroute patients

  The Ascension breach is the latest from a “constant threat and attack” by cyberattackers, said one cybersecurity expert that works with Michigan hospitals.

• The Record ☛ UK hit by more ransomware and cyberattacks last year than ever before

  According to a recent update of the Information Commissioner’s Office (ICO) security incident trends data, 2023 set yet another record year for data breaches caused by cyber incidents, and for ransomware attacks in particular, which have increased year-on-year since records began in 2019.

  It follows Recorded Future News previously revealing that within just the first six months of 2023, organizations operating critical IT infrastructure services in Britain had reported more incidents to government authorities in which cyberattacks had significantly disrupted their operations than in any year previously.

• Cyble Inc ☛ Medusa Ransomware Gang Claims Chemring Group Data Breach

  The group set the negotiation deadline as May 16, 2024, providing the victim about 9 days to surrender to demands while also presenting additional options such as prolonging negotiation period, removing or downloading the data allegedly stolen during the attack at varying prices.

• Euractive ☛ European Parliament’s recruitment application compromised in data breach – Euractiv

  The email is in accordance with Regulation 2018/1725’s Article 34, which is about “Notification of a personal data breach to the European Data Protection Supervisor.”

  Regulation 2018/1725 concerns data protection within the EU institutions, bodies, offices, and agencies and the processing of personal data by these entities, ensuring compliance with data protection principles and safeguarding individuals’ rights to privacy within the EU institutions.

• EuroNews ☛ European Parliament election prep unearthed data breach

  The compromised application which has now been taken offline is called 'PEOPLE', and collated sensitive information related to around 8,000 candidates for temporary positions (including parliamentary assistants and contractual agents) and provided them with details about the recruitment process. "All active or past users potentially affected by the data breach were duly notified," according to the press officer. Notifications were also sent to the European Data Protection Supervisor (EDPS) and authorities in Luxembourg, where PEOPLE is headquartered.

  The Parliament assured Euronews that its infrastructure was not compromised. However, the extent and the origin of the breach remain unknown, raising concerns that it might have been the result of a foreign cyberattack.

• Michigan News ☛ Cyberattack has Michigan hospitals pausing elective procedures, diverting emergency care

  As of Friday morning, May 10, the health system reported being unable to access electronic health records and various systems to order tests, procedures, and medications.

• The Register UK ☛ US healthcare org Ascension is battling a 'cyber' incident

  The source claimed all virtual desktop infrastructure (VDI) and virtual private network (VPN) connections are down across the US and that the "disruption to clinical operations" mentioned in Ascension's statement has left at least some partners resorting to pen and paper operations.

  Some computers used by Ascension staff are also displaying ransomware messages, we're told.

• Security Week ☛ LockBit Takes Credit for City of Wichita Ransomware Attack

  The city disclosed the incident on May 6, one day after the intrusion was discovered. Wichita said the hackers had deployed file-encrypting malware on some of its systems.

  The incident appears to have impacted water utility, municipal court, cultural, and public transportation payments. The city also announced that public Wi-Fi was not working at the airport, and arrival and departure screens stopped working due to the hack. It’s unclear when these systems would become operational again.