One of New Jersey’s largest hospital systems said it was hit this month by a ransomware attack that disrupted care across its clinics and 17 hospitals.
Hackensack Meridian Health said Friday the attack began Dec. 2 and forced it to cancel some surgical and other procedures, though no patients were harmed and its emergency rooms kept seeing patients.
The Times
Maze Ransomware operators claim responsibility for another cyber attack, this time against leading wire and cable manufacturer Southwire Company, LLC (Southwire) from Carrollton, Georgia.
Southwire is one of North America’s leading wire and cable makers, “building wire and cable, utility products, metal-clad cable, portable and electronic cord products, OEM wire products and engineered products” per a press release published in January 2019.
Maze Ransomware, a variant of Chacha Ransomware, was discovered by Malwarebytes security researcher Jérôme Segura in May. The malware strain has become increasingly more active starting with May 2019.
A ransomware attack on IT service vendor Virtual Care Provider has disrupted care at about 110 nursing homes and acute care facilities, locking the providers out of their patient records.
The numbers are in, and Woodstock’s September cyber attack is set to cost the city more than $667,000, even though the city didn’t pay, and never reached out, to the hackers behind the ransomware.
It seems like a big number – roughly nine times what nearby Stratford paid as a ransom after a spring cyber attack – but experts say it’s a short-term hit for a long-term gain in cyber security.
While difficult to compare the Woodstock and Stratford attacks – no two cities conduct cyber security the same way – Woodstock’s costs are in line with what residents should expect, one cyber-sector expert said.
Leaving a vulnerable system unpatched can invite troubles for an organization. The issue can turn worse when the organization suffers a cyberattack that can result in, but not limited to, compromise of confidential data, DDoS attacks or stealing of customers’ details.
According to a report released by Recorded Future, it has been found that the same vulnerabilities kept showing up year-after-year. An interesting aspect of the report was that most of these vulnerabilities were found to be exploited via phishing attacks and exploit kits that specifically target flaws in Microsoft products.
Iranian hackers have again attacked strategic industrial targets in the region, with a new strain of malware designed to cause widespread chaos.
Energy is a critical resource that powers our homes and businesses, and also supports every facet of the U.S. economy and our nation’s security. As technology advances and we become more connected, the likelihood that there will be a successful cyber or physical attack on critical infrastructure increases.
This month we recognize National Critical Infrastructure Security and Resilience Month, which is a great time to reinforce that our nation’s electric companies are working across the industry and with our government partners to protect the energy grid and ensure that customers have access to the safe and reliable energy they need. We also are focusing on strategies to mitigate the potential impact of an attack and to accelerate recovery should an incident occur.
We know that cyberattacks constantly are evolving and increasing in sophistication. As the vice president for security and preparedness at the Edison Electric Institute (EEI), the association that represents all U.S. investor-owned electric companies, I have a deep appreciation for how any threat to the energy grid endangers our communities and the national and economic security of our country.
As the threat of cyber-attacks on critical infrastructure such as power grids ramps up, the Securing Energy Infrastructure Act (SEIA) is taking technology back to its retro roots. But is it a good idea?
