Cyberattacks targeting K-12 schools hit record levels in 2020
K-12 cybersecurity incidents have steadily climbed in recent years, but 2020 was especially bad in terms of both the quantity and severity of attacks, according to a study published Wednesday by organizations that have closely tracked such incidents since 2017. There were 160 disclosed K-12 cyber incidents in the third quarter of 2020, when schools adopted new learning platforms and deployed thousands of new devices to students and educators, compared to just 49 incidents in the first quarter of the year…
Spanish government falls victim to Ryuk ransomware attack
The Spanish government has fallen victim to a ransomware attack on Tuesday that impacted the IT systems of the Servicio Público de Empleo Estatal (SEPE), the agency that manages and pays out government unemployment benefits. The incident affected the agency’s backend systems and public website.
Healthcare Providers Were Warned of a Ransomware Surge Last Fall. Some Still Aren’t Sure How Serious the Threat Was
Late last October, when the U.S. government warned of an imminent ransomware threat to the country’s hospitals and healthcare providers, many in the industry had a similar reaction: they paused, took a deep breath, and braced for impact. But one of the organizations tasked with distributing critical threat information across the healthcare sector was not among them, instead turning a skeptical eye on the government’s alert…
NSA and CISA promote PDNS concept
The US National Security Agency and the Cybersecurity and Infrastructure Security Agency have published this week a joint advisory urging companies to adopt DNS-based security solutions as part of a concept the agencies are calling Protective DNS (PDNS).
White House Cybersecurity Adviser Wants a ‘Cleanliness Rating’ for Software Security
Policymakers are considering a number of changes to the nation’s cybersecurity posture as a result of the SolarWinds supply chain attack discovered late last year, including data breach notification laws and greater oversight of the nation’s critical infrastructure. In one of her first public appearances since joining the Biden White House, Deputy National Security Adviser Anne Neuberger floated another idea from an unlikely place: New York City dining establishments…
Microsoft: Chinese APT Targeted Exchange Servers With Four Zero-Days
Technology giant Microsoft released emergency security updates today for its Exchange email server to patch four zero-day vulnerabilities that were exploited by a Chinese state-sponsored hacking group. Named Hafnium, Microsoft said the group has a history of targeting internet-facing servers as an entry point into its targets’ internal networks….
Cybersecurity Failings Get Top Billing Among Lawmakers and Federal Watchdogs
Federal cybersecurity is in a worse place than it was two years ago, with agencies failing to implement more than 750 recommended changes, including ones that could have prevented or helped the government respond to the recent Russian cyberattack on dozens of public and private organizations. That’s the assessment the Government Accountability Office, a watchdog agency, gave Tuesday in its “high risk” report that it issues every two years to Congress….
More Zero-Days Have Been Linked to Private Companies Than Any Nation State
Using data from a spreadsheet compiled by Google Project Zero researchers, the Atlantic Council research team said that of the 129 zero-days abused in real-world attacks since 2014, there was enough information to attribute 72 to a specific threat actor. Of these 72 cases, researchers said that 14 zero-days could be linked to private companies as the creators of the zero-day exploit that was deployed in the attack. The 14 zero-days, taken collectively, put private companies as the largest supplier of zero-days abused in the wild, larger than any single state or the cybercrime ecosystem as a whole…
Four Things We Learned (And Four Things That Remain Unclear) About the Russia Hack
The U.S. Senate and House of Representatives hauled the CEOs of SolarWinds, FireEye, CrowdStrike and Microsoft onto (semi-virtual) Capitol Hill last week to answer questions about the sweeping Russian compromise of U.S. government and corporate networks—the first public hearings dedicated to the campaign to date. In honor of the occasion, The Record watched 7.5 hours of testimony so you didn’t have to. Here are eight key takeaways…
A Conversation With Alisa Esage, a Russian Hacker Who Had Her Company Sanctioned After the 2016 Election
In December 2016, then-President Barack Obama signed an executive order that announced sanctions on Russian individuals and organizations in response to election interference efforts. The list included several notorious hackers, as well as Russia’s Federal Security Service (FSB) and Main Intelligence Directorate (GRU). Also on the list was a lesser-known organization that left many puzzled: ZOR Security, founded by virus analytics expert Alisa Esage…