Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Florida. Show all posts

Ransomware Attack on Lab in Florida

Florida-based laboratory witnessed a ransomware attack that has leaked the personal health information (PHI) of more than 30,000 individuals. Nationwide Laboratory Services situated in Boca Raton, noticed suspicious activities on its network on May 19, 2021. After the investigation on suspicious activities, it has been revealed that the group of attackers had used ransomware to encrypt files across the healthcare provider’s network, making data inaccessible for every member. 

Laboratory Services firm recruited a third-party cybersecurity firm to investigate further into the attack and aid with cleanup. According to Digital forensics, the group of cyber-attackers hacked into parts of Nationwide Laboratory Services’ network that housed patients’ PHI. 

The perpetrators of the attack compromised the data of patients including their names, addresses, dates of birth, lab test results, Medicare numbers, medical record numbers, and health insurance information. Furthermore, a notice on the security incident has been released by the Nationwide Laboratory Services that gives a warning that “a small number of individuals had their Social Security numbers affected.” 

According to the lab, the attack did not exploit all nationwide patients’ data. It was also reported that the compromised data varied from person to person. The laboratory firm added, “Nationwide has no indication that any information was or will be used for an improper purpose.” 

It was about October 28 when Nationwide had published a report about the data breach to the Department of Health and Human Services’ Office for Civil Rights. A study has shown, around 33,437 individuals’ personal credentials may have been compromised recently. Individuals who have been affected extensively by the ransomware attack were notified and given recommendations on how to secure their important data. 

“On May 19, 2021, Nationwide Laboratory Services realized that a ransomware virus had begun encrypting files stored on its network,” the laboratory reported…” 

“…An unauthorized entity may have deleted a restricted number of files from its system in addition to encrypting them.” Firm added.

Heartless Attackers Stole Identities of Surfside Condo Collapse Victims

 

Threat actors are targeting people who died in the June 24 collapse of Champlain Towers South in Surfside by ransacking their bank accounts and opening a credit card in their names. 

“It's terrible. I can't wait to put a face to these deeds right now, and I think all of South Florida is eager to see who would do something like this - what kind of person would do something like this. But I'm looking forward to our police department apprehending them, and they are out there looking. I wouldn't want to be that person right now,” Surfside Mayor Charles Burkett told 10 News.

The account of Antonio Lozano, 83, and his wife Gladys, 79, married nearly 59 years and found in their bed together, was compromised by a hacker the day of their funeral, their son Sergio Lozano told WSVN News. The hackers filled out a change of address form and opened up fraudulent credit cards and bank accounts for his parents’ account, then withdrew money via Zelle. 

“I find it totally devastating, after losing my parents, that I have to deal with all the estate issues, and now I’m having to deal with somebody stealing from my parents. After they’re dead and buried, they’re stealing from them?” Sergio Lozano stated. 

Authorities aren’t revealing details about how many of the victims have already been targeted but are urging family members of victims to check both recent credit history and contact the Social Security office. The death toll from the tragic condo collapse is currently hovering around 100. 

‘It’s the revictimization of the victims that we’re sort of starting to experience right now with these hackers. They’ve seen the names in the paper, they’re going right to that and we’ve had to have discussions with the families and listen to them telling us the stories about all of a sudden credit cards appearing in their names and things being purchased in their name, so we’ve told ‘em, you’ve got to immediately shut down your credit,” Burkett added.

Hacker Attacked a Water Plant in Florida

 

A hacker penetrated computer networks at Oldsmar, Florida, water treatment plant, remotely delivering a 100-fold boost in a chemical that is exceptionally perilous in concentrated sums. In an assault with the possibility to harm public health, the hacker on February 5 accessed a city computer and changed the level of sodium hydroxide which is utilized to eliminate metals and control acidity, from 100 parts for each million to 11,100 parts for every million, as per Bob Gualtieri, who serves as the sheriff of Pinellas County. 

This is a “significant and potentially dangerous increase,” Gualtieri said at a Monday press conference. The attacker momentarily entered the computer system at 8 a.m. on Feb. 5, before leaving and returning at about 1:30 p.m. for roughly three to five minutes, Gualtieri said. In that window, the operator of the water plant could see the attacker on screen, “with the mouse being moved about to open various software functions that control the water being treated in the system,” Gualtieri said. 

When the hacker left the computer system, the operator whose computer was remotely taken over promptly brought down the level of the chemical, otherwise called lye. This move forestalled any harm to people in general and the drinking water, Gualtieri said. He said there were extra counteraction measures inside the water system that would have kept polluted water from reaching the public. It isn't yet known whether the break originated from the U.S., or outside of the country, Gualtieri said. Oldsmar, with a population of almost 15,000, is situated around 15 miles northwest of Tampa.

“Many of the victims appear to have been selected arbitrarily, such as small critical infrastructure asset owners and operators who serve a limited population set,” said Daniel Kapellmann Zafra, manager of analysis at Mandiant Threat Intelligence. Through “remote interaction with these systems,” the hackers have engaged in “limited-impact operations.” None of those examples brought about any damage to individuals or infrastructure, Zafra said. “We believe that the increasing interest of low sophisticated actors in industrial control systems is the result of the increased availability of tools and resources that allow malicious actors to learn about interactions with these systems,” he added.

Florida Teen Responsible for Hijacking High Profile Twitter Accounts Arrested, Faces 30 Felony Charges


US police authorities in a press conference on Friday said they had arrested the main accused and two other suspects responsible for a major Twitter hack earlier this month. The main accused is recognized as Graham Ivan Clark, 17 years teen who lives in Tampa, Florida. WFLA-TV, a Florida-based news agency that reported the incident for the first time, said that it was the main suspect (Clark), who was arrested for the Twitter attack. The arrest happened through a national collaboration IRS, Secret Service, the FBI, and the DOJ.


Andrew Warren, State Attorney of Hillsborough, charged Clark responsible for the 15th July Twitter incident. Clark was alleged for being the "mastermind" behind the attack in which the 'suspects hijacked various high profile Twitter accounts.' The hackers used these accounts to tweet about fake cryptocurrency scams. Here's a list of hijacked accounts: Joe Biden, Barrack Obama, Bill Gates, Kanye West, Elon Musk, Apple, Jeff Bezos, Uber, Michael Bloomberg, Kim Kardashian, and various others. According to officials, the hack resulted in getting $1,00,000 worth amount transferred to Clark's account within a day.

Clark now faces 30 felony charges. These include: 

  • Communications Fraud 
  • Organizing Fraud 
  • Use of personal information for frauds 
  • Accessing electronic device without legal authority


The charges specified above were declared through Livestream by the Hillsborough State Attorney. In the beginning, Warren didn't specify whether Clark had other associates working for him. After the press conference, it came to public notice that two other suspects were working with Clark, identified as Mason Sheppard, 19, alias name "Chaewon," and Nima Fazeli, 22, alias name "Rolex." The suspect's arrest happened just after Twitter had published its inquiry report related to th 15th July Twitter hack.

Some of the critical points in the report are mentioned below:

  • The incident happened on 20th July 2020 
  • To gain access to Twitter employees' accounts, hackers used phone bases social engineering systems. Hackers got access to the slack accounts and gained credentials (Yet to be confirmed) 
  • Hackers escaped the 2 step authentication; the report doesn't mention whether backend accounts or slack accounts. 
  • After this, hackers used Twitter's tech support tools to control the accounts. 
  • Hackers breached 130 accounts 
  • Hackers also attempted to sell some of the high profile Twitter profiles.

Pensacola City Hit by a Cyberattack After Deadly Shooting at Naval Air Station


The city of Pensacola, Florida was hit by a cyberattack that came in the wake of a deadly shooting at the naval air station wherein a Saudi flight student killed three sailors and wounded eight others.

As the trainee who pulled the shooting had ties to a foreign nation, the incident was labeled as a potential terrorist attack and has consequently incited international controversy. Officials suspect a link between both the incidents, however, no confirmatory lead has been gained onto the subject of the connection between the two events.

The city has been struggling with the cyberattack that began around 1:45 a.m on Saturday and took down the city's computer systems while keeping various city services at halt. Reportedly, the incident has incapacitated the city's online payment services, email services, phone lines, and 311 customer service. However, emergency support services such as fire and police remain unaffected during the incident, as per the officials.

Commenting on the matter, the city's spokeswoman, Kaycee Lagarde said, "I can confirm the city of Pensacola has experienced a cyberattack and we've disconnected much of our city's network until the issue can be resolved."

"As a precaution, we have reported the incident to the federal government," Lagarde added.

Officials have been investigating to determine the nature of the attack, whether it was a ransomware attack or not along with the details of any valuable information lost during the incident.

"The city of Pensacola is experiencing a cyber attack that began this weekend that is impacting our city network, including phones and email at City Hall and some of our other buildings," said Mayor Grover, C. Robinson.

"We're still trying to figure out what's happened, what's there and what there may be potential for."

"We don't know if they're connected or not,"

"We have discussed and we have talked with the FBI. It's my understanding that we sent stuff to them, and we're continuing to work. Our computer people worked through the weekend to see what was happening." He further told at his weekly press briefing.

This year witnessed an unusual rise in the number of cyberattacks on governments– local and state; US cities and towns have been particular targets for ransomware attacks in recent times. Reports state that most of these were co-ordinated chains of attacks aimed at breaching computer networks.

The latest statements on the issue suggest that the city is actively involved with the FBI in order to resolve the matter.

Florida city to pay $600,000 to a ransomware gang





The city council of  Riviera Beach, Florida, have voted unanimously to pay more than $600,000 in Bitcoins to a ransomware gang who had held its computer systems hostage for three weeks. 

The ransomware spread throughout the city’s computer network, after an employee clicked on a malicious link in an email. 

"Ransomware is commonly delivered through phishing emails or via 'drive-by downloads,'" according to Homeland Security. "Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment."

The attack has locked all files and shut down all the city's services. Operations have been down ever since, with the exception of 911 services, which were able to continue to operate, although limited.

According to the Palm Beach Post’s report the ransomware affected the city’s email, 911 calls couldn't enter into computer records, and systems that controlled the water utility were offline.

The city council first decided to resolve the issue by paying $941,000 for new computers, but now they have decided to pay the ransom.

The amount of money would be paid from the city's insurer, although it's unclear wether hackers will decrypt the locked files afterward or not. 

The city council refused to comment.  



Hit by Ransomware Attack, US Town Agrees to pay Attackers $600,000 in Bitcoin



Riviera Beach, a small city which is located just north of West Palm Beach, fall prey to a massive cyber attack, wherein the hackers paralyzed the city's computer systems and have asked the city council to pay a $600,000 ransom in Bitcoin in order to have the data released.

With the hope of regaining the access to the encrypted data in the cyber attack, the officials of the Florida town conducted a meeting this week where the council agreed to pay the criminals 65 Bitcoin, a difficult to track currency.

Reportedly, it was after an employee of the town's police division accessed a phishing email, the virus which paralyzed all the computer systems in the city was unleashed.

To spread the word about the ransomware attack amongst the residents, a notice was posted on the city website which stated that they had undergone a data security event and was "working with our internal management team third-party consultants to address all issues."

Commenting on the matter, Mr. Rebholz, a principal for Moxfive, a technology advisory firm, said, “The complexity and severity of these ransomware attacks just continues to increase,”

“The sophistication of these threat actors is increasing faster than many organizations and cities are able to keep pace with.” He added.

A number of American cities have fallen prey to similar, computer-based breaches wherein the attackers demanded heavy ransoms for the restoration of the networks. Recently, Baltimore experienced a similar attack and though they refused to pay the ransom, the attack cost the city $18 million to fix damages.