Daily Archives: December 1, 2019

#school | #ransomware | Cyber security expert breaks down ransomware attacks

Source: National Cyber Security – Produced By Gregory Evans

MONROE, La. (KNOE) – Gov. John Bel Edwards declared a state of emergency following a cyber-attack on Nov. 18.

An apparent “ransomware” virus infected 1,500 of the state’s 30,000 computers last week.
Source: (MGN)

An apparent “ransomware” virus infected 1,500 of the state’s 30,000 computers.

This was the second state of emergency following a cyber-attack on multi-parish school systems back in July.

KNOE sat down with Ieshea Jones, the Founder/CEO of Direnzic Technology and Consulting, LLC who said that these types of attacks have become more common and can happen anywhere.

“We’ve had several cities and or states that have been affected we’re talking port authorities that have been hacked,” Jones said.

The system is infiltrated and information is held hostage until a ransom is paid in a ransomware attack. In this case, the virus put a special passcode on state data. Jones said the breach can happen for a variety of reasons.

“Usually it’s either activated by someone, activated an email or clicked on something that maybe they should not have and it deployed something on to your system,” Jones said.

The computers were disconnected from the servers in an attempt to prevent any further infection. Afterwards, a state of emergency was declared to further investigate the attack, which, is an all hands on deck effort.

“How did it transpire and how do we get everybody back online as quickly as possible while we’re trying to mitigate the issue at hand,” Jones said.

Cyber-attacks can affect daily operations forcing businesses and organizations to close until the issue is resolved.

“As we saw with the Department of Motor Vehicles they could not print out driver’s licenses, you couldn’t get deeds, things like that,” Jones said.

According to Jones, in some cases after a cyber-attack, a digital forensics team can be used to find the “culprit,” do ransom negotiations and offer the next steps for legal actions.

Source link

The post #school | #ransomware | Cyber security expert breaks down ransomware attacks appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#city | #ransomware | Second Major Ransomware Attack in Louisiana Causes Significant Problems » The Merkle Hash

Source: National Cyber Security – Produced By Gregory Evans

A good ransomware attack can cause significant problems. The city of Louisiana knows that all too well, as its problems have only just begun.

The initial Ryuk ransomware attack against the Louisiana infrastructure dates back to November 18.

Louisiana is a Ransomware Target

Nearly two weeks after being hit, very little progress has been made.

Although some services are accessible once again, the vast majority of them are still offline.

The targeted ransomware attack has proven to be quite a handful, and one that is very difficult to get rid of.

Some crucial agencies still affected include the OMV, the state’s Department of Health, and the Department of Public Safety.

Restoring services is hampered by the ransomware, as there are plenty of files missing and the overall backup management has been far from excellent. 

The culprits also took a deliberate approach by sending Ryuk to multiple agencies in the region in one campaign. 

While “only” 500 servers and 1,500 computers are affected, the recovery process has been slow going.

Recovering the lost data will be virtually impossible, and combined with older backups, can create a very big administrative problem. 

It is also not the first time the Louisiana region has to deal with a cyber incident this year.

In fact, it is the second wave of Ryuk ransomware making the rounds.

The first incident took place in July and even resulted in the Governor declaring a state of emergency. 

It remains to be seen if that scenario will come into play once again. 

Image(s): Shutterstock.com

Source link

The post #city | #ransomware | Second Major Ransomware Attack in Louisiana Causes Significant Problems » The Merkle Hash appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#cybersecurity | #hackerspace | On-Demand LDAP Server – Security Boulevard

Source: National Cyber Security – Produced By Gregory Evans

By Ryan Squires Posted December 1, 2019

Setting up LDAP servers is a time-consuming process. There are many aspects of your infrastructure to integrate it with, including systems, applications, and in some cases even networking gear. Of course, making sure your LDAP server is highly available and secure represents another aspect of ongoing LDAP server management. With all that in mind, did you know that there’s such a thing as on-demand LDAP servers that are ready when you are?

Brief History of LDAP

LDAP, which stands for Lightweight Directory Access Protocol, was designed as an alternative to the X.500 Directory Access Protocol (DAP) by our friend and advisor Tim Howes and his colleagues at the University of Michigan. This was a necessary development because many of the machines in use at the time were not powerful enough to run the X.500 protocol. Even though LDAP was introduced in 1993, it remains a foundational piece of IT infrastructure the world over. That’s why organizations are still standing up LDAP servers today or looking for on-demand LDAP servers to fulfill their authentication needs. But LDAP servers also perform an additional role. 

Note: If you’d like to hear from one of the creators of LDAP, be sure to check out our interview with Tim Howes:  

LDAP Server Roles

LDAP servers maintain valuable roles as stores of user records. But more often, an LDAP server is used to authenticate users to resources like applications. This use case for LDAP is particularly pertinent for DevOps teams where users leverage technical applications from vendors such as Atlassian®. The most common LDAP implementation is OpenLDAP™, but there are also many different vendors for LDAP servers you can read about here. 

Because LDAP is a popular open-source solution, strong documentation and engaged online communities abound to help IT admins and DevOps engineers stand these servers up and utilize the protocol to its maximum potential. 

Trouble With On-Prem Servers

Despite the strong community and thorough documentation, setting up LDAP servers is still a lengthy process with many variables outside of designing, deploying, and (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> On-Demand LDAP Server – Security Boulevard <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#deepweb | In new world of data breaches and dark web deals, identity theft goes mainstream: JPSO | Crime/Police

Source: National Cyber Security – Produced By Gregory Evans

Identity theft used to be a more complicated, hands-on racket that included mail theft, dumpster diving, scam telephone calls and emailed offers.

But hackers, aided by improvements in computer technology and internet accessibility, have introduced an illicit efficiency to the crime, stealing the personal information of thousands of people with a few keystrokes in large-scale data breaches, according to the Jefferson Parish Sheriff’s Office.

The hackers then sell the information to eager criminals at low prices on the dark web, leaving victims befuddled as they wonder just where or how they may have left themselves exposed.

“You really can’t protect your information. All you can do is monitor it,” said Lt. Stanley Brown, commander of Sheriff’s Office Economic Crimes Unit.

It’s a scary new prospect for consumers: Your personal data is out there, and there’s not a lot you can do about it.

Earlier this month, Sheriff’s Office Detective Lexie Bradberry arrested Tyrone McPlatter, 31, of New Orleans, on a raft of bank fraud, computer fraud, identity theft and credit card fraud charge.

McPlatter was the main player in a group of scammers who created fraudulent accounts using “synthetic identifications,” identities created by combining stolen, personal data such as social security numbers with fake information, the Sheriff’s Office said.

Brown said the group was buying the stolen data on the dark web. Investigators describe the dark web as a sleazy alleyway that can’t be accessed through normal web browsers such as Safari or Chrome. Visitors conduct criminal activity there, including drug deals.

“It’s a digital back alley,” Brown said.

Social security numbers are sold for as little as $5 each, according to investigators. For $75, one can buy 25 credit card numbers, though there’s no guarantee that they’ll work. Depending on what a crook is willing to pay, there’s access to all sorts of information, including account logins and passwords, birth dates and the like.

Data thieves use skimmers to collect large amounts of credit card information, placing them on fuel pumps and ATMs or paying restaurant and store employees to swipe cards on handheld devices, Brown said.

But large-scale data breaches have become more of a concern. Hackers pull names, dates of birth, addresses, social security numbers, maiden names and other identifying information from companies. Hundreds of thousands of consumers’ data was compromised in recent years in cyber attacks of businesses including Yahoo, Equifax, Target, Capital One and Marriott.

The recent ransomware attack that crippled Louisiana computer systems didn’t compromise any personal information, state officials said, but shows that governments are also a target.

“It could be a person in Russia who’s doing the hack, who puts the information on the dark web,” Brown said. “Any person anywhere in the world who has access to the internet, with a little assistance, could get on the dark web and buy it.”

While it’s true that there’s little you can do to prevent your personal data from ending on the dark web or remove it, once it’s there you can limit the damage, investigators said.

Routinely check your bank and credit accounts for activity that appears fraudulent so that you can put a stop to it as soon as it occurs, Brown said. Also request a copy of your credit report every three months to check for any phony accounts opened in your name.

While improved technology has given cyber crooks a leg up, it’s also handed a few benefits to law enforcement agencies, investigators said. It’s now easier to track crimes and share information across jurisdictions.

That’s why it’s so important for identity theft victims to report the crime to law enforcement, Brown said.

“We look for patterns in the reports,” he said, explaining that a detective who notices several reports from one area may go out and check for skimmers or other ties. “We want the look for the common points about where you’ve used your cards and put those things together.”

Here’s what experts say to do if your information is stolen:

  • Contact the fraud department with the bank, business, or store and tell them that your information has been stolen. Ask them to close the fraudulent account and send you a letter confirming that the fraudulent account isn’t yours, you aren’t liable for it and it was removed from your credit report.
  • Change all logins and passwords  
  • Contact the three major credit bureaus and activate a free, one-year fraud alert. This makes it more difficult for anyone to open a new account in your name. The three bureaus are: Experian: Experian.com/help, 888-397-3742; TransUnion: TransUnion.com/credit-help, 888-909-8872; and Equifax: Equifax.com/personal/credit-report-services, 800-685-1111
  • Report the identity theft to the Federal Trade Commission (FTC), the government agency tasked with protecting consumers. You can make an online report at https://www.identitytheft.gov/Assistant#  or call 1-877-438-4338.
  • Report the theft to your local law enforcement agency.

The Jefferson Parish Sheriff’s Office invites the public to attend a seminar on avoiding financial scams that will be held at 7 p.m. on Dec. 17 at the JPSO Training Academy, 1801 West Bank Expressway, Harvey. Those interested should email Lt. Stanley Brown at [email protected]

Source link
——————————————————————————————————

The post #deepweb | <p> In new world of data breaches and dark web deals, identity theft goes mainstream: JPSO | Crime/Police <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof