RSS Recap January 2023 Volume 2
Time for Volume 2. I’ve been doing some reading, and figured I’d share what I’ve found interesting in a quick recap. This is a continuation of the RSS Archives series.
Kansas State University Hit By Cyberattack
Source: The Cyber Express
Kansas State University (K-State) has been affcted by a cyberattack, leading to disruptions in several essential network systems including VPN, K-State Today emails, and video services on Canvas and Mediasite. The university’s IT team detected the attack promptly, which led to the immediate isolation of affected areas and the takedown of certain systems. In addition to these measures, select shared drives, printers, and university listservs have been taken offline as a precaution.
The university says they’ve engaged third-party IT forensic experts to assist in the ongoing investigation. While some services like KSU Wireless remain offline, users are encouraged to use alternative connections like KSU Guest. The K-State Today emails have resumed in a temporary format, with a distinct header image and a selection of articles different from the regular version. This temporary measure will continue until full functionality is restored. The university leadership is organizing meetings with departmental contacts to assess the impact on business processes and ensure continuity.
The incident at Kansas State University follows a series of recent attacks targeting educational institutions including UCLA, Stanford University, Manchester University, De Montfort School, Cincinnati State, and the Los Angeles Unified School District to name a few. Ongoing updates on the situation will be provided on the university’s official site.
Kansas Court System Looking for $2.6M After Cyberattack
Source: Insurance Journal
The Kansas court system is in need of at least $2.6 million in additional funding to recover from a cyberattack that occurred last October.
This attack disrupted the electronic filing of documents and blocked online access to records for several weeks. The state’s top judicial official, Supreme Court Chief Justice Marla Luckert, communicated this need in a written statement to the Kansas House and Senate Judiciary committees. The required funds would cover the costs of restoring multiple computer systems, paying vendors, enhancing cybersecurity measures, and hiring three additional cybersecurity officials.
Furthermore, the total cost may increase as it does not include potential recovery costs, notification expenses for compromised personal information, and potential services like credit monitoring for victims. The ransomware group responsible for this attack, stole data and threatened to release it if their demands were not met. No ransom was paid, and the forensic investigation is ongoing.
Three English Councils at the Same Time
Source: The Record, TechCrunch
Three councils in the United Kingdom (Canterbury City Council, Dover District Council, and Thanet District Council) were each targeted at the same time by cyberattacks, leading to the shutdown of various public-facing systems. This incident has affected online services for potentially hundreds of thousands of residents in these areas. In response to the attack, the councils are investigating and have engaged with the U.K.’s National Cyber Security Center (NCSC) to understand the full impact of the incident.
The nature of the cybersecurity issue remains undisclosed. However, it has resulted in parts of the councils’ websites becoming non-functional, preventing residents from accessing most online services, including applications, reports, payments, and planning applications. Canterbury City Council, in particular, took the step to isolate all its systems as a precautionary measure. Initial investigations suggest that no customer data has been accessed.
The disruption is believed to be linked to an outage impacting EK Services (EKS), an organization set up by the three councils in 2011 to outsource IT and human resources services. This includes call center operations, benefits, and debt recovery services. Since 2018, Civica, an outsourcing giant, has been providing services to EKS as part of a seven-year deal aimed at cost reduction across the councils. Civica has stated that the incident was not caused by any of their systems and expressed willingness to support the affected customers.
Flagstar Bank Says MOVEit Breach Impacted Additional 25k
Michigan-based Flagstar Bank recently updated its report on the MOVEit Transfer data breach, revealing that an additional 25,000 individuals were affected, significantly expanding the scope of the incident to nearly 900,000 people.
The breach, which originated withe Clop ransomware MOVEit extortion attacks, is just one of thousands related to the MOVEit attacks, which have impacted millions of people globally.
HealthEC LLC Data Breach Impacts Millions
Source: HealthEC LLC Notice
HealthEC LLC, a healthcare technology firm, reported a data breach impacting about 4.5 million patients. The breach occurred between July 14 and 23, 2023, with unauthorized access to various data types including personal and medical information. The investigation, completed by October 24, 2023, revealed compromised data from several clients, including Corewell Health and the State of Tennessee – Division of TennCare.
HealthEC responded by securing their network, reviewing affected files, and coordinating with federal law enforcement. They recommend vigilance against identity theft and fraud, advising individuals to monitor their accounts and credit reports.
Budget Cuts Impacting Mental Health
Source: Help Net Security
A report by Integrity360 highlights the mental health impacts on IT decision-makers due to budget cuts in the security industry.
The study reveals that 60% of IT professionals have experienced negative mental health effects, with 55% noting reduced access to mental health resources in their organizations. Key stressors include protecting sensitive data, managing risk and compliance, and dealing with ransomware and cloud security challenges.
Despite some organizations supporting mental health, 75% of professionals desire more investment in this area. The report underscores the critical need for better mental health support in the demanding and high-stakes field of cybersecurity.
1,800 Banking Apps Targeted by 29 Malware Families
Source: Help Net Security
Zimperium’s research reveals a substantial increase in mobile banking threats, with 29 malware families targeting 1,800 banking apps across 61 countries. These trojans, including Hook, Godfather, and Teabot, now also target cryptocurrency, social media, and messaging apps, evolving beyond traditional banking apps.
The U.S. banking institutions are the most targeted, followed by the UK and Italy. New malware capabilities include Automated Transfer System (ATS), Telephone-based Attack Delivery (TOAD), and Screen Sharing.