Ransomware

In a co-authored report about a 2021 ransomware attack, former administrators of Broward County Public Schools in Florida shared information with Safer School Solutions that they had withheld from the public.

A $100,000 emergency procurement package – containing two vendor agreements – was unanimously passed this week to mitigate a “network security incident” that affected 85 county computers.

Cyber insurance won’t ever be “cheap” again, says Cysurance’s Kirsten Bay. But insurance firms might make it more attainable with ways to monitor clients for good cyber behavior and adjust limits accordingly.

NIST’s National Cybersecurity Center of Excellence has released the first of several preliminary drafts outlining ways that organizations can implement zero-trust architectures.

Everyone from the press office to city treasurer has a role to play in cyber incident response, and getting elected officials engaged early is essential, say Coalition of City CISOs co-chairs.

Former CISA director Chris Krebs has joined data security firm Rubrik, where he’ll help the firm better understand unmet cybersecurity needs across different sectors. The company homes in on data resiliency and recovery.

North Dakota and Indiana passed laws last year requiring local governments to report cyber incidents to the state. The states say this helps them direct cybersecurity resources to localities in need and better understand the threats.

In an interview with the Pittsburgh Post-Gazette, a lead analyst from the accounting and business advisory firm Schneider Downs discusses cyber attack vulnerabilities and what colleges can do to mitigate them.

State and local governments are often seen as easy targets for hackers. To avoid devastating ransomware attacks that have plagued cities worldwide, a first key step is to limit privileged access to systems.

County spokesman Nathan Rudy said the county ‘experienced a ransomware breach’ this morning and as part of the county’s response, officials temporarily shuttered the county email system. An investigation is underway.

Cybersecurity guidance needs to be designed so small organizations can easily identify next steps to take, and awareness campaigns should put practices into language layfolk can understand, experts say.

Chicago Public Schools say a ransomware attack on tech vendor Battelle for Kids in December compromised the data of 56,000 staff and half a million students, including names, dates of birth, grade level and student ID.

Organizations — federal and otherwise — that have certain VMware products connected to the Internet should act as if they’ve been compromised, the Cybersecurity and Infrastructure Security Agency said in a May 18 alert.

Lincoln College in Illinois announced they were closing their doors as a result of COVID-19 and cyber attack disruptions. Who’s next?

As insurance costs and requirements rise, some municipalities are looking to self-insurance and service providers’ cyber incident warranties to help in cases of ransomware and other incidents.

In early May 2021, the world was shocked into attention by a ransomware attack that brought down gas lines. What have we learned — or not — one year later?

Log4Shell, Microsoft Exchange and several patchable flaws top the list of 2021’s most commonly exploited vulnerabilities. The lesson may be a well-worn one: patch systems promptly or work with partners that can.

States still don’t know how much cyber crime actually occurs or how residents are trying to protect themselves. A research team in Virginia is hoping to fill in the knowledge gap with a newly launched study.