Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyberalert. Show all posts
ransomware attacks
Cyber Attacks cyber threat Cyberalert CyberCrime Cyberhackers Cybersecurity Immigratino System ransomware attacks

Cybersecurity Nightmare Unfolds as Malawi's Immigration Systems Under Attack

 


There has been a recent cyberattack on Malawi, according to President Lazarus Chakwera, which has caused the government to stop issuing passports. However, some observers believe such an attack did not occur. Chakwera informed parliament on Wednesday that security measures were in place to identify and apprehend the attackers who compromised the country's security. 

It was his statement that the attackers were demanding millions in ransom, but the administration was unwilling to pay it. The hacker has been causing the Department of Immigration and Citizenship Services' passport printing system to malfunction over the past three weeks, according to him. In Malawi, there is a high demand for passports with many young people seeking to migrate to find employment. 

As a result of Mr Chakwera's request, the immigration department is expected to provide a temporary solution within three weeks of regaining control of the system to resume passport issuance. There would be an additional security safeguard developed as part of the long-term solution, he said. 

In his address on Wednesday, Chakwera said that he had given the immigration department a three-week deadline to provide a temporary solution to the passport printing issue and to resume printing of passports. He further said at the same event that he had reassured hackers that the Malawi government would not pay ransoms. As a result of the government's termination of the contract with Techno Brain, which had supplied Malawi’s passports since 2019, Malawi has experienced passport issues since 2021. 

As a result of the government's inability to find a replacement for the company in 2023, the company was re-engaged temporarily. Nevertheless, immigration officials often had to scale back production due to shortages of materials or unpaid bills, which resulted in them having to scale down production several times. In addition to being the executive director of the Center for Democracy and Economic Development Initiatives, Sylvester Namiwa is also a member of the organization that has threatened to hold protests within the coming days if it does not receive an immediate resolution. 

According to Chakwera, he has questioned the integrity of the claim that the system had been hacked by someone else. During a radio interview with a local radio station on Thursday, Malawi's Information Minister Moses Nkukuyu explained that the information Chakwera presented in parliament had been provided by immigration experts. VOA's calls and texts to Wellington Chiponde, a spokesperson for the immigration department, were not responded to.
Read more »
Ransomware
CISA Cyber Security Cyberalert Cyberattacks CyberCrime Ransomware

CISA's Proactive Measures averted Ransomware, Millions Preserved

 


The threat of ransomware attacks has increased in recent years, causing significant disruptions across a wide range of industries across the country, causing significant disruptions. Various industries have been affected by these attacks, with schools closing, hospitals diverting patients, and businesses going through operational changes. 

It has never been more pressing for a robust defence mechanism to be in place because mitigation and recovery costs have been astronomical. It is the mission of the Cybersecurity and Infrastructure Security Agency (CISA) to combat this menace in a concerted manner. 

As a result of its collaboration with various stakeholders, CISA is committed to reducing both ransomware attack frequencies and severity. As a part of this initiative, organizations are also launching several programs designed to help them swiftly address the vulnerabilities that are frequently exploited by ransomware attackers to avoid them being compromised. 

To further the anti-ransomware campaign, CISA has announced the Pre-Ransomware Notification Initiative as a significant step forward. It is part of the interagency Joint Ransomware Task Force's efforts to mitigate ransomware damage, which are already making significant headway in mitigating ransomware damage. Using tips from cybersecurity researchers, infrastructure providers, and threat intelligence firms, CISA's Joint Cyber Defense Collaborative notifies victims of early-stage ransomware activity to prevent victims from becoming victims being damaged. 

A major increase in notifications of potential pre-ransomware intrusions was carried out by the federal cyber authorities during the first quarter of 2023 across multiple critical infrastructure sectors across multiple different sectors. The notification activity continued to be substantially ramped up during the remainder of the year.  CISA does not stop at alerts when it comes to ransomware. 

In February, CISA assisted a Fortune 500 company that had been hit with a $60 million ransomware attack to establish a CISO position, as well as identify areas for improving its IT infrastructure and security controls. Additionally, the agency said it assisted a mass transit operator in preventing an attack of $350 million on critical infrastructure of the transit system. 

It was announced by CISA that its rundown of accomplishments in 2023 was quite impressive, including the fact that over 1,700 alerts were sent out for its ransomware vulnerability warning program and that nearly 7,000 organizations that are vital to global trade and commerce were scanned for vulnerabilities. This initiative has been a very successful one with the support of the Joint Cyber Defense Collaborative (JCDC), which has played a central role in ensuring the success of the project. 

Several cybersecurity researchers, infrastructure providers, and threat intelligence companies provide information to the JCDC on the earliest signs of ransomware activity that should be kept an eye on by the JCDC. A field representative will respond immediately to a tip and address the mitigation needs of the affected organization. 

The CISA global CERT partners will work closely with CISA to ensure timely notification is achieved when a case involves an international component. There have been over 60 entities in critical sectors such as energy, healthcare, water/wastewater, and education that have been notified by CISA of potential pre-ransomware intrusions that have been detected since the beginning of 2023. 

The majority of companies managed to identify and remediate these intrusions promptly, stopping further damage from occurring. As a result, the JCDC works closely with the affected entities when the encryption of data has already occurred, giving them insight into the new threat actors' tactics, procedures, and techniques (TTPs) and providing guidance on how to mitigate the vulnerability. 

Additionally, the development of advisories on ransomware actors and variants is also a contribution made to the broader cybersecurity community, providing better network defences on a wider scale by providing information on the actors and variants of the ransomware. To strengthen collective cyber defences, collaborative efforts and information sharing are essential. 

The CISA urges organizations to report any ransomware-related activities, as well as indicators of compromise and techniques for removing ransomware, to their federal law enforcement partner or CISA or their partner IT security company. It helps to immediately respond to an attack, and it also compliments the pool of intelligence available to prevent future attacks from occurring in the future.
Read more »
Subscribe to: Posts (Atom)