Ransomware

A press conference lasting less than 10 minutes was held Friday to address the April 16 cyber attack, but it remains unclear if any data was breached or when all city services will come back online.

The newly formed alliance will serve as a resource to help public safety organizations in the U.S. with sharing, learning about and reacting to cyber threat intelligence from a number of partner entities.

Ransomware continues to disrupt — and even paying up doesn’t spare victims from data loss. One report predicts turning the corner on ransomware soon, but other experts aren’t seeing strong evidence yet.

Far from being too small for notice, special districts can be tempting targets for cyber criminals and adversaries. Former CISA Director Chris Krebs explains risks and advice, and districts share their cyber concerns.

The Cybersecurity and Infrastructure Security Agency has designated 16 sectors — ranging from banks and financial institutions to hospitals and election systems — as critical. But not all sectors have the same defense capabilities.

Staff at Bernalillo County’s accounts payable department became the dupes in a fraudulent “confidence trick” in late 2019 by paying out $447,372 to what they thought was an approved county vendor.

Federal lawmakers are asking how to better help the critical infrastructure sector defend against cyber threats. The answer may involve tailored, actionable intelligence and minimum cybersecurity requirements.

Experts say schools are unlikely to be direct targets of Russia, but they could be caught up in broader attacks against the U.S. Many districts are upgrading firewalls, monitoring networks and testing backup procedures.

As tensions between the U.S. and Russia mount, Cyberspace Solarium Commission members and critical infrastructure owners discussed the work ahead to collaborate more effectively on cyber defense.

According to data from CyberSeek, there are about 600,000 unfilled cybersecurity positions throughout the United States. With cyber threats on the rise, the shortage could make it easier for hackers to thrive.

A ransomware group called Hive is claiming to have stolen private data for 850,000 members of Partnership HealthPlan of California, a nonprofit that manages health care for Medi-Cal patients in 14 counties.

Over 2,000 employees who work at the Cheyenne Regional Medical Center were either overpaid or underpaid thanks to a December ransomware attack that targeted payroll company Kronos.

Arizona CISO Tim Roemer and Virginia CISO Mike Watson discuss how zero trust can ease cybersecurity concerns over remote work and insider threats, and Watson highlights complicated privacy questions facing states.

Criminal hacking organizations such as Russia-based REvil often use phishing to lure unsuspecting employees into opening innocuous-looking emails containing malicious code that provides access to computer systems.

The online center will host educational resources for organizations to learn about the cybersecurity method and will offer a training for a professional credential in Zero Trust Knowledge.

The group, formally established via executive order, will continue its work with public- and private-sector entities to identify and respond to cybersecurity threats and strengthen the state's critical infrastructure.

Through a recently proposed bill, lawmakers are trying to create a cyber preparedness unit to strengthen the state’s cybersecurity posture. The unit would operate out of the Department of Emergency Management.

China state-backed APT41 hacked at least six states between May 2021 and February 2022. Several of the incidents occurred when hackers exploited flaws in Log4J and the USAHERDS system, reports cybersecurity firm Mandiant.