Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cybercrime. Cybercriminal. Cyberthreats. Show all posts
trending news
cyber attack Cyber Attacks Cybercrime. Cybercriminal. Cyberthreats National emergency trending news

St. Paul Extends State of Emergency After Devastating Cyberattack


August 5, 2025 | St. Paul, Minnesota The City of St. Paul is in the midst of one of the most disruptive cyber incidents in its history, prompting officials to extend a local state of emergency by 90 days as authorities continue efforts to recover from the attack. The breach, which began on July 25, has crippled digital infrastructure across city departments and forced officials to take the unprecedented step of disconnecting all systems from the internet. Mayor Melvin Carter, who first declared the emergency last week, now has expanded authority to fast-track recovery contracts and coordinate response efforts without standard bureaucratic delays. 

The decision to prolong the emergency was backed unanimously by the City Council on Friday, citing the need for continued access to external cybersecurity support. 

“This attack is unlike anything we’ve dealt with before—targeted, deliberate, and highly complex,” Carter said. “Our priority is restoring essential services while ensuring the safety and integrity of our systems.” 

Cyber Forensics, Shutdowns, and Gradual Recovery 

As a defensive measure, the city effectively “unplugged” itself from the internet early last week, halting online water bill payments, internal email communications, and police database lookups. Even municipal phone lines, which rely on VoIP technology, went dark temporarily. 

City officials have been slowly bringing services back online only after thorough inspection and clearance from forensic investigators, who are working alongside national cybersecurity firms, the FBI, and the Minnesota National Guard. 

Cloud-based systems and customer service lines for departments such as Parks and Recreation and the Public Library have already been restored, but many internal digital operations remain offline. 

While 911 and other emergency services were not impacted, day-to-day governance has been significantly hindered. Staff across departments have reverted to manual processes, echoing the response seen earlier this year in Abilene, Texas, when a separate cyberattack led to a complete IT overhaul. 

No Ransom Demand Yet 

Unlike many recent municipal cyberattacks, St. Paul has not received a ransom demand, leaving questions about the motive and intent behind the intrusion. Mayor Carter noted that no evidence has yet surfaced indicating that sensitive data was accessed or exfiltrated, but investigations are still underway. 

The FBI and the Minnesota National Guard’s cybersecurity unit are leading the probe into the origins and scale of the breach. Meanwhile, the city’s own Office of Technology and Communications has acknowledged that the incident quickly overwhelmed its response capacity. 

“This was not something we could handle internally,” said a city spokesperson. “It required a level of expertise and scale we simply didn’t have in-house.” 

Ramsey County, which operates several shared services with St. Paul, is also preparing to vote on its own emergency declaration this week. 

While the county’s systems have not been compromised, officials believe the measure would help streamline future coordination and potentially open avenues for financial reimbursement from state and federal agencies. “This isn’t just about technology—it’s about ensuring continuity of essential services and protecting public trust,” said City Council President Rebecca Noecker. 

A Widening Threat Landscape 

St. Paul’s experience reflects a broader and increasingly urgent trend. According to cybersecurity analysts at Comparitech, U.S. public institutions have suffered over 500 ransomware attacks since 2018, costing more than $1 billion in downtime and recovery. The number of such attacks doubled in 2024 alone, with 88 recorded incidents—up from 41 in 2022. Cybersecurity experts warn that as municipalities continue to digitize operations, they are becoming prime targets for sophisticated cybercriminals, especially those seeking to exploit gaps in funding, training, and infrastructure. 

Looking Ahead 

City officials have urged residents to remain patient as systems are carefully restored over the coming weeks. A dedicated resource hub for updates and service availability has been made available on the city’s official website, stpaul.gov. “This is a marathon, not a sprint,” Mayor Carter said. “We’re working around the clock to restore our systems safely and build stronger defenses for the future.”
Read more »
Technology Updates
Accounts Cybercrime. Cybercriminal. Cyberthreats Cyberhackers Gmail Privacy Technology Updates

Gmail Under Attack: Secure a Backup Account

 


Having access to a Gmail account in the present world is rather dangerous because hackers create new ways of penetrating the account, even if it at times employs a 2FA security feature. While methods like passkey sign-ins and secure browsing have been adopted by Google, risks like session cookie theft remain a reality. Google Chrome users may encounter a pop-up alert stating, “Your password was exposed in a non-Google data breach” in their web browser. This alert notifies users of recent security breaches that may have compromised their account passwords. 

With 2.5 billion active users, Gmail is a prominent target for hackers aiming to compromise accounts and access sensitive information. Reports of sophisticated cyberattacks, including session cookie theft and two-factor authentication (2FA) bypassing, are rising. To safeguard email security, users are advised to consider proactive measures, such as setting up a secondary Gmail account, as waiting to act may increase vulnerability to 2FA-bypass attacks. For many, the risk of account compromise is a growing concern, as hackers employ session cookie-stealing tactics to bypass even the most robust 2FA protections. 

Cybercrime agencies strongly encourage enabling 2FA, yet cybercriminals continue to evolve methods for evading these safeguards. Google has made significant strides in enhancing security through features like secure pass-key sign-in across devices and safe browsing protections for Chrome users. The problem remains that attackers are now leveraging sophisticated tools to penetrate even Google's advanced encryption measures taken to prevent cookie theft, despite Google's efforts to protect its users. 

Even though a secondary Gmail account should not be used directly as a preventative measure against 2FA bypass attacks, it can still serve as a valuable backup in the event of a breach of users' primary Gmail accounts. There have been numerous discussions about this approach among users, such as those on the Gmail subreddit, where some users have shared their experiences of their accounts being compromised despite having 2FA enabled on their accounts. Creating a new Gmail account does not guarantee immunity from attacks, but it is one of the best ways to secure and protect any emails which are important and often irreplaceable. 

For this new account, it is suggested that users use different methods to ensure the maximum level of security. Set up 2FA, as an example, using a standalone authentication app instead of sending an SMS to the same phone number on which 2FA will be activated. As much as possible, link a user's new account to a different device or unique information if possible. Initially, users will have to set up a Gmail account that will allow them to forward their emails to this new account once they are all set up, but once this is done they will automatically receive a copy of their emails sent through their main Gmail account. 

Using this approach, they will be able to access their emails even if anything should happen to their primary email account. As an extra layer of security, consider signing up for Google's Advanced Protection Program to ensure that users' accounts are more secure, adding multiple security layers that make it more difficult for anyone to access the accounts without permission. In the case that a hacker does manage to gain access to a customer's primary Gmail account, having a backup account means that they will have to hack an account separately in case of a breach.

In the unlikely event that something untoward happens, it's a comforting safety net to fall back on. As there are no fees associated with setting up a second Google account, users could set up a second one using Gmail, a free web-based email account. For added security, users should take the following steps: first, sign out from any existing Google accounts, then go to the Google Account sign-in page and click on “Create Account” for added security.

To ensure maximum security, users should consider using a different device for the primary account, so that it will not be compromised if a single point of failure is found. Furthermore, it would be beneficial to choose a second-factor code generator rather than 2FA via SMS, such as an authentication app, which uses a unique code generator to generate users' second-factor code, thereby enhancing the security of their account. 

In conclusion, one of the best ways to further isolate a new account from potentially compromised accounts is to use varied personal information when establishing it. There is no dearth of web-based email platforms, but with Google's free web-based Gmail service, it is incredibly easy to set up separate accounts for each user. It is common for users to lose count of how many different apps they have on their phones, even though they only use two or three of them regularly. 

To ensure that this new account is as secure as possible and less likely to be compromised by a threat actor who succeeded in attacking the original account, either use a password tied to an entirely separate device or use two-factor authentication where users use a standalone app to generate the 2FA code rather than text messaging to the same number they used before. Users should try and fill in as much information as possible when setting up a new account to avoid making it less unique. Once the secondary email account has been established, the next step involves setting up a forwarding rule within the original Gmail account. 

By doing this, users can ensure that a copy of each email is automatically sent to the secondary account, providing a reliable backup in case the primary account is ever compromised. Implementing this backup method is a proactive way to safeguard important information against unexpected events. Although having email forwarding in place adds an extra layer of security, it’s important to note that, even if a malicious actor gains access to the original account, the secondary account remains secure as a standalone entity. Since the two accounts are independent of each other, each would need to be compromised separately for a complete breach to occur. This setup minimizes risks and provides an effective, manageable backup. 

In an era of increasingly sophisticated digital threats, proactively securing Gmail accounts has become a crucial task for individuals and organizations alike. Setting up a secondary account with distinct, robust security measures enhances protection and acts as a safeguard for sensitive data. Users who adopt additional defences—such as two-factor authentication (2FA) and other advanced security practices—are in a far better position to counteract potential cyberattacks. Today’s threat landscape demands a strategic approach to email security, where even the most secure accounts can face risks. Through these proactive steps, individuals create a resilient backup framework, ensuring their data remains accessible and protected regardless of evolving threats.
Read more »
Subscribe to: Posts (Atom)