Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Homeland Security. Show all posts
Homeland Security
Cyber Security Cyberalert CyberCrime Cyberhacks CyberThreat Homeland Security

Homeland Security Alerts on Increasing Risks for Schools

 


Educators and other school professionals are playing an increasingly crucial role in providing a safe environment in which students can learn in an era where children are being targeted by increasing physical and online attacks, according to US Homeland Security Secretary Alejandro Mayorkas, in his statement Wednesday. 

During his remarks at the opening of the National Summit on K-12 Safety and Security in 2024, Mayorkas referred to the school shooting that took place in Georgia on Sept. 4 that killed two students and two teachers, as well as his son. Since Sandy Hook Elementary School, in Connecticut, was targeted in a horrific attack nearly 12 years ago, the number of instances of gunfire on school grounds has surpassed 1,300, and this is just one of thousands of incidents that have followed since this heinous attack. 

Jeremy said that as a result of these attacks combined, there have been at least 436 deaths and 936 injuries. Even if there is no credible plan to plot an attack, threats of violence can cause an enormous amount of disruption to schools when it comes to the learning process. School administrators must be able to investigate the reports of threats, determine if they are imminent, and make plans for supporting students involved, as well as to reassure parents that their children are in safe hands. 

It's been reported that at least seven Houston Independent School District students have been arrested and charged as a result of an increase in school threats over the past few weeks. As the Houston ISD school district has informed us, many of the students arrested for making threats have been charged with felonies as a result of these threats. Earlier this month, Bellaire High School went into locked mode after receiving a bomb threat and unidentified officers arrested a student at the school, according to reports in the media. 

There are laws in place that prohibit hoax threats, such as the district's. It's not a joke, and the consequences can be very serious." This is not some kind of joke. Schools around the country have been plagued with an influx of hoax threats in the last few years. At least thirty reports of school threats have been made in August, which is the highest number in three years according to the FBI Houston field division, and it is a growing trend. 

According to Connor Hagan, acting spokesman for the FBI's Houston division, hoax threats can have devastating consequences for both the public and perpetrators if they are not taken seriously. In a scenario where an investigation reveals that a false or hoax threat has been made to a school or another public place, then the possibility of a federal charge, which carries a maximum sentence of ten years in prison, may be considered. 

As Mayorkas noted, it is common for kids to experience a flood of emotions at the beginning of any school year, especially if many are facing challenges. In addition, he remarked, "It is a tragedy that too many schools across the country have seen terror as a result of an attack over the last few weeks, which is entirely unnecessary.". Mayorkas also stressed that schools face challenges related to online threats, despite a lack of resources. 

According to a cybercriminal group claiming responsibility for a recent ransomware attack against some Rhode Island school districts, the attack resulted in the theft of 200 gigabytes of personal information, such as Social Security numbers, medical records, and counselling records. A ransom of $1 million is allegedly demanded to get the data back, and if it does not receive it, the data will be posted online. 

It has also been revealed that a group of men from Michigan, including a high school teacher, are to be charged under federal law with using social media to solicit explicit pictures from local children, said Mayorkas. Aside from the bomb threats that have been made against schools in Springfield, Ohio, Mayorkas also pointed out that social media have been filled with debunked but viral claims spreading worldwide that the town's Haitian immigrant population has stolen and eaten pets in the house. 

The city's officials and the police insist that there is no evidence that cats and dogs have been eaten and stolen. However, it is still worth noting that during the Sept. 10 presidential debate, former President Donald Trump emphasized the falsehood, bringing it to the centre of attention nationwide. In today's world where schools face increasing physical and online threats, it is necessary to take comprehensive security measures and exercise heightened vigilance to protect students and staff. 

During his speech, Secretary Mayorkas reiterated that the safety of students and educators was a top priority for her department, and that state, local, and federal authorities should work together as a team to ensure their safety. Despite the fierce rise of dangers in schools, administrators, law enforcement officials, and other stakeholders must remain proactive in helping to ensure that schools continue to be safe environments for children to learn in. 

It has never been more urgent than now to ensure that the nation's most vulnerable members' children are protected, especially in light of these challenges.
Read more »
User Privacy
Data Breach DHS Homeland Security Johnson Controls Server Hack User Privacy

Johnson Controls Breach Allegedly Leaked Sensitive DHS Data

 

A king-sized ransomware attack that targeted Johnson Controls forced certain parts of its IT systems to go offline and disrupted some of its operations. The attack on the renowned manufacturer of industrial control systems is reportedly the work of the Dark Angels hacker group. 

According to BleepingComputer, which broke the story first, the ransomware group is demanding $51 million in exchange for a decryptor and a complete wipeout of stolen data. 

As part of the hack, the company's ESXi servers were allegedly encrypted and some 27 terabytes of data were stolen by the digital hijackers. 

Theft of DHS data? 

The data hoard's potential exposure of private Department of Homeland Security (DHS) information, including physical floor plans of some agency buildings and security details on contracts with third parties, is of particular concern, CNN reported.

According to an internal DHS email reviewed by CNN, uncertainty exists around whether the Dark Angels or other digital hackers have taken control of Johnson Controls' private information. 

“Until further notice, we should assume that [the contractor] stores DHS floor plans and security information tied to contracts on their servers,” the memo stated. “We do not currently know the full extent of the impact on DHS systems or facilities.” 

Researchers believe that the ransomware employed in the attack is essentially an identical RagnarLocker Linux ransomware designed in 2021. In an 8K regulatory filing with the Securities and Exchange Commission (SEC), Johnson Controls stated that while some of its systems had been attacked by ransomware, many of its applications "remain operational." 

In the repair process, Johnson Controls' insurers are collaborating with external cybersecurity experts, perhaps managed security service providers (MSSPs), and possibly forensics experts. The attack commenced at the company's Asia offices and then extended to its subsidiaries. The cyber attackers reportedly launched the infiltration last weekend.

Statement from Johnson Controls 

Johnson Control reported in an 8K filing that the incident is expected to continue to hinder certain parts of the company's business operations: 

"Johnson Controls International plc (the “Company”) has experienced disruptions in portions of its internal information technology infrastructure and applications resulting from a cybersecurity incident. Promptly after detecting the issue, the Company began an investigation with assistance from leading external cybersecurity experts and is also coordinating with its insurers. 

The Company continues to assess what information was impacted and is executing its incident management and protection plan, including implementing remediation measures to mitigate the impact of the incident, and will continue taking additional steps as appropriate. " 

At this time, it's unclear whether Johnson Controls will be able to announce fourth-quarter and full-year fiscal year results, as well as the financial impact of the attack.
Read more »
WakeMed
CentraState Cyber Attacks Cybersecurity Department of Health and Senior Services Homeland Security Medibank data breach WakeMed

CentraState: Potential Cyberattack at CentraState Prompts Hospital to Divert Ambulances


The CentraState Medical Center's cybersecurity issue has caused the hospital to divert ambulances and the majority of new patients to other institutions. 

The Medical Center’s spokesperson, Lori Palmer says that the hospital’s critical care has not been affected and they are still taking some walk-in patients. "We are still accepting patients if people walk into the (Emergency Department). We have patients currently here, many of whom are currently being taken care of," she told. 

In addition, Friday's outpatient services were scheduled to be suspended at 1 p.m. and stay that way until further notice. 

While the cybersecurity issue was detected early Friday, the hospital is currently attempting to identify the extent and origin of the situation. Palmer adds that the hospital has immediately informed about the issue and alerted the state Department of Health and Senior Services. 

It is yet not clear whether the investigation involves the New Office of Homeland Security, which deals with cyberattack cases. 

Late November saw the release of an alert from the New Jersey office and its cybersecurity unit, the New Jersey Cybersecurity and Communications Integration Cell, warning the public to be on the lookout for any indications of cyber threats targeting individuals, organizations, and businesses throughout the state during the upcoming holiday season. 

Moreover, the alert level of the office is currently at “blue” or “guarded,” i.e. a general risk related to hacking or malicious activities, although no "known exploits have been identified or known exploits have been identified but no significant impact has occurred."

CentraState's cybersecurity issue comes weeks after many other hospitals reported a security breach, that later made news headlines. Some of the recent cases are listed below: 

  • Medibank Data Breach: In November, last year, Medibank hospital announced that it has faced a data breach, in which the attacker apparently accessed data involving patients’ names, date of birth, addresses, phone numbers, and email addresses. 
  • WakeMed Data Breach: Later, WakeMed and Duke Hospital of North Carolina reported that the personal and protected medical data of thousands of local patients may have been exposed to Facebook, by tracking pixel.

Read more »
Subscribe to: Posts (Atom)