Week 29 Cyberattack Digest 2019 – Onondaga County library, National Cyber Security Centre, Labour Shadow Cabinet and others
If you are in search for some hot cyber security news, our week 29 cyber attack digest will provide you with an overview on the latest events of the sphere.
Onondaga County library faces Ryuk ransomware
by syracure.com – 16 July 2019
Last week, the Onondaga County library computer system was affected by the same ransomware as the Syracuse school district. The county has not received a ransom demand, officials said today and FBI agents are working with county library officials and private contractors to investigate the case. The city school district, which was attacked first, has received a demand for ransom, a knowledgeable source says. Virginia Biesiada, a library trustee, said that school district officials have declined to confirm or deny that. The city school district, which was attacked first, has received a demand for ransom, but school district officials have declined to give any comments on that. The library system’s computer network went offline on July 12 due to the Ryuk ransomware, the same malware that affected the school district system three days before.
Henry County shuts down its systems for reasons of safety
by WSB-TV – 17 July 2019
Henry County shut down all its systems last Wednesday due to a possible cyber attack that might have taken place earlier. The officials revealed that the Henry County Tech Services Department detected something suspicious at 3 a.m. and decided to shut down the system for reasons of safety. A sign outside the administration building let customers know that services were not available on Wednesday. This was done in order to protect confidential information, like court records, police records and property tax records.”We have a cyber incident and we’re not really sure at this point what that is,” commented Melissa Robinson, spokesperson for Henry County. “You never want to have anything happen to your systems because we have a database with emails. There’s court records, there’s police records, there’s property tax records…”
National Cyber Security Centre stopped 140,000 phishing attacks
by BBC – 16 July 2019
According to an annual report by GCHQ’s National Cyber Security Centre, an attempt to perform a fraud attack on thousands of people was prevented last year. Malefactors were using a fake email from a UK airport in order to trick victims. The scammers used a bogus gov.uk address, however the messages were prevented from reaching the targeted users. Generally, NCSC claimed that it had stopped 140,000 phishing attacks, including the attempted online theft of bank details and other critical data by impersonating a trustworthy person or organisation. The agency also mentioned that over 190,000 fraudulent sites had been taken down with 64% of illegal sites being taken offline within 24 hours of their discovery; 99.3% of the websites eventually had gone dark. This is the second progress report by NCSC published for its Active Cyber Defence programme. NCSC focuses on taking down malware and phishing sites by finding out who hosts the websites involved and then telling them that their clients are performing illegal actions.
NHS computers face risks running on Windows XP
by Healthcare IT News – 17 July 2019
UK’s Labour Shadow Cabinet Office Minister Jo Platt told the government about the possible dangers of the 2,300 NHS computers that still run on Windows XP. In fact, the numbers of these computers currently amount to just 0.16% of the NHS IT estate and these decreased from 4.7% in 2017. Still, Platt claims the situation reflects the lack of resources invested into updating cyber security systems by the government. A 2017 report by the National Audit Office associated the use of Windows XP with the increased cyber weakness. Indeed, Microsoft halted support of the system in 2014. Among the consequences of the cyber attacks there are such ones as doctors not being able to view patients’ test results or scans, hackers having access to personal information or even tampering with medical records. Platt stressed that “the government is seriously lacking the leadership, strategy and co-ordination we need across the public sector to keep us and our data safe and secure. How many more warnings will it take before they listen and take action?” Lord Darzi, co-director of IGHI, said “We are in the midst of a technological revolution that is transforming the way we deliver and receive care. But as we become increasingly reliant on technology in healthcare, we must address the emerging challenges that arise in parallel.”