Security News

To that end, CISA has worked with the National Security Council, various federal agencies, industry stakeholders and organizations like the ICS Village to develop a set of core initiatives for 2020. Four, CISA will have a focus on developing detection and incident-response training blueprints.

Six alleged drug criminals will go free thanks to a ransomware attack on a small Florida city, it was revealed this month. It suffered an attack involving the Ryuk ransomware in April 2019 that took city servers offline.

73% of government employees are concerned about impending ransomware threats to cities across the country, and more employees fear of cyberattacks to their community than natural disasters and terrorist attacks, an IBM survey has revealed. Data in the new Harris Poll found ransomware attacks might be even more widespread, with 1 in 6 respondents disclosing their department was impacted by a ransomware attack.

City and state governments can be especially hard hit. Though ransomware incidents against local governments increased in 2019, many agencies are still unprepared for a potential attack, according to a report released Thursday by IBM Security.

Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as ransomware-as-a-service continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn. RaaS groups such as Sodinokibi and Grandcrab have used this model to launch targeted attacks.

Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker. The allure of businesses is clear: Attackers can demand more money, earning a bigger potential haul from any given attack, aided by a service economy designed to help them more easily turn a criminal profit via increasingly advanced attack tools, he says.

The Reading Municipal Light Department, an electric utility in Massachusetts, informed customers on Monday that its systems were targeted last week in a ransomware attack. The company says the ransomware attack had no impact on the delivery of electricity, and it has found no evidence that customer financial data, which is stored on third-party systems, has been compromised as a result of the incident.

Organizations are detecting and containing attacks faster as the global median dwell time, defined as the duration between the start of a cyber intrusion and it being identified, was 56 days. Consultants attribute this trend to organizations improving their detection programs, as well as changes in attacker behaviors such as the continued rise in disruptive attacks which often have shorter dwell times than other attack types.

A home healthcare company has filed 17 breach reports after a ransomware attack on its cloud-based electronic health records vendor last December, illustrating once again how a vendor breach can have a wide impact. Personal Touch Home Care, a Lake Success, New York-based provider that has 17 offices in six states, recently submitted the breach reports on behalf of its various locations to the U.S. Department of Health and Human Services, according to the HHS Office for Civil Rights' HIPAA Breach Reporting Tool website, which lists health data breaches affecting 500 or more individuals.

The US Department of Homeland Security on Tuesday said that an infection by an unidentified ransomware strain forced the shutdown of a natural-gas pipeline for two days. The alert, issued by DHS's Cybersecurity and Infrastructure Security Agency, didn't say where the affected natural gas compression facility is located.