Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Homeland Security. Show all posts
User Privacy
Data Breach DHS Homeland Security Johnson Controls Server Hack User Privacy

Johnson Controls Breach Allegedly Leaked Sensitive DHS Data

 

A king-sized ransomware attack that targeted Johnson Controls forced certain parts of its IT systems to go offline and disrupted some of its operations. The attack on the renowned manufacturer of industrial control systems is reportedly the work of the Dark Angels hacker group. 

According to BleepingComputer, which broke the story first, the ransomware group is demanding $51 million in exchange for a decryptor and a complete wipeout of stolen data. 

As part of the hack, the company's ESXi servers were allegedly encrypted and some 27 terabytes of data were stolen by the digital hijackers. 

Theft of DHS data? 

The data hoard's potential exposure of private Department of Homeland Security (DHS) information, including physical floor plans of some agency buildings and security details on contracts with third parties, is of particular concern, CNN reported.

According to an internal DHS email reviewed by CNN, uncertainty exists around whether the Dark Angels or other digital hackers have taken control of Johnson Controls' private information. 

“Until further notice, we should assume that [the contractor] stores DHS floor plans and security information tied to contracts on their servers,” the memo stated. “We do not currently know the full extent of the impact on DHS systems or facilities.” 

Researchers believe that the ransomware employed in the attack is essentially an identical RagnarLocker Linux ransomware designed in 2021. In an 8K regulatory filing with the Securities and Exchange Commission (SEC), Johnson Controls stated that while some of its systems had been attacked by ransomware, many of its applications "remain operational." 

In the repair process, Johnson Controls' insurers are collaborating with external cybersecurity experts, perhaps managed security service providers (MSSPs), and possibly forensics experts. The attack commenced at the company's Asia offices and then extended to its subsidiaries. The cyber attackers reportedly launched the infiltration last weekend.

Statement from Johnson Controls 

Johnson Control reported in an 8K filing that the incident is expected to continue to hinder certain parts of the company's business operations: 

"Johnson Controls International plc (the “Company”) has experienced disruptions in portions of its internal information technology infrastructure and applications resulting from a cybersecurity incident. Promptly after detecting the issue, the Company began an investigation with assistance from leading external cybersecurity experts and is also coordinating with its insurers. 

The Company continues to assess what information was impacted and is executing its incident management and protection plan, including implementing remediation measures to mitigate the impact of the incident, and will continue taking additional steps as appropriate. " 

At this time, it's unclear whether Johnson Controls will be able to announce fourth-quarter and full-year fiscal year results, as well as the financial impact of the attack.
Read more »
WakeMed
CentraState Cyber Attacks Cybersecurity Department of Health and Senior Services Homeland Security Medibank data breach WakeMed

CentraState: Potential Cyberattack at CentraState Prompts Hospital to Divert Ambulances


The CentraState Medical Center's cybersecurity issue has caused the hospital to divert ambulances and the majority of new patients to other institutions. 

The Medical Center’s spokesperson, Lori Palmer says that the hospital’s critical care has not been affected and they are still taking some walk-in patients. "We are still accepting patients if people walk into the (Emergency Department). We have patients currently here, many of whom are currently being taken care of," she told. 

In addition, Friday's outpatient services were scheduled to be suspended at 1 p.m. and stay that way until further notice. 

While the cybersecurity issue was detected early Friday, the hospital is currently attempting to identify the extent and origin of the situation. Palmer adds that the hospital has immediately informed about the issue and alerted the state Department of Health and Senior Services. 

It is yet not clear whether the investigation involves the New Office of Homeland Security, which deals with cyberattack cases. 

Late November saw the release of an alert from the New Jersey office and its cybersecurity unit, the New Jersey Cybersecurity and Communications Integration Cell, warning the public to be on the lookout for any indications of cyber threats targeting individuals, organizations, and businesses throughout the state during the upcoming holiday season. 

Moreover, the alert level of the office is currently at “blue” or “guarded,” i.e. a general risk related to hacking or malicious activities, although no "known exploits have been identified or known exploits have been identified but no significant impact has occurred."

CentraState's cybersecurity issue comes weeks after many other hospitals reported a security breach, that later made news headlines. Some of the recent cases are listed below: 

  • Medibank Data Breach: In November, last year, Medibank hospital announced that it has faced a data breach, in which the attacker apparently accessed data involving patients’ names, date of birth, addresses, phone numbers, and email addresses. 
  • WakeMed Data Breach: Later, WakeMed and Duke Hospital of North Carolina reported that the personal and protected medical data of thousands of local patients may have been exposed to Facebook, by tracking pixel.

Read more »
Subscribe to: Posts (Atom)