Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Seattle. Show all posts
Stolen Data
Bitcoin Cyber Attacks Ransom Attack Rhysida Rhysida Ransomware Rhysida ransomware gang Seattle Seattle Port Stolen Data

Port of Seattle Faces $5.9 Million Ransom Demand in Rhysida Cyberattack

 

The Port of Seattle is confronting a severe cybersecurity crisis as the Rhysida ransomware group demands a ransom of 100 bitcoins (approximately $5.9 million). Rhysida, which has gained notoriety for targeting organizations worldwide, released screenshots of stolen documents, claiming they possess sensitive data such as scanned U.S. passports, Social Security numbers, and tax forms. The group has threatened to sell this data on the dark web if their ransom demands are not met within a week. 

In a joint statement with Seattle-Tacoma International Airport, the Port of Seattle has made it clear they will not pay the ransom, despite threats to publicly release the stolen data. A Port spokesperson emphasized that refusing to comply is part of their firm stance against negotiating with cybercriminals. The extent of the data breach is still under investigation, but Rhysida’s involvement suggests a sophisticated attack that exploited vulnerabilities in the port’s systems. The attack was initially detected on August 24, leading to widespread service disruptions. 

Critical systems were impacted, including baggage handling, check-in kiosks, ticketing, Wi-Fi, and digital display boards, creating significant inconvenience for travelers. The port responded swiftly, isolating affected systems to prevent further breaches. This disruption highlights the real-world consequences of ransomware attacks on essential infrastructure, raising concerns about cybersecurity preparedness in public sectors. Rhysida operates as a ransomware-as-a-service group, enabling other cybercriminals to use its platform for extortion. The group, active since June 2023, has a history of targeting multiple sectors, including government, healthcare, and critical infrastructure, with a focus on the U.S. 

According to cybercrime research platform eCrime.ch, Rhysida has claimed nearly 150 victims since its emergence, demonstrating its rapid growth and effectiveness in breaching high-value targets. The breach at the Port of Seattle emphasizes the growing threat of ransomware attacks on critical infrastructure and serves as a wake-up call for organizations to prioritize cybersecurity measures. Authorities, cybersecurity experts, and the port’s internal IT team are working together to assess the full impact of the attack and develop strategies to restore normal operations. Given the evolving tactics of ransomware groups like Rhysida, this incident underscores the urgent need for comprehensive security strategies and employee training to protect against future breaches. 

In light of this attack, cybersecurity agencies have warned other U.S. ports and critical infrastructure organizations to strengthen their defenses against similar threats. This breach represents a broader trend of ransomware groups targeting critical infrastructure, which, if left unchecked, could have far-reaching implications on national security and economic stability. The Port of Seattle’s refusal to pay the ransom aligns with federal guidelines discouraging negotiations with cybercriminals, but it remains to be seen whether this approach will mitigate the impact of the breach or provoke further retaliation from Rhysida. 

The incident serves as a stark reminder that cybersecurity threats are increasingly sophisticated, requiring organizations to adapt their defense strategies to safeguard sensitive data and operations.
Read more »
Seattle
Cyber Attacks data security Online Library Online Services Privacy Concerns Ransomware attack Seattle

Seattle Public Library Hit by Ransomware Attack, Online Services Disrupted

 

The Seattle Public Library (SPL) has faced a significant cybersecurity incident, with its online services being disrupted due to a ransomware attack. This attack, detected over the weekend, led to the library taking proactive measures by bringing its online catalog offline on Tuesday. By Wednesday morning, while some services had been restored, many critical functionalities remained unavailable, affecting numerous patrons who rely on the library's digital resources. 

The ransomware attack has caused extensive service interruptions. The library's main website is back online, and some digital services, such as Hoopla, are accessible. Hoopla allows library cardholders to remotely borrow audiobooks, movies, music, and other media. However, several essential services are still offline, including e-book access, the loaning system for physical items, Wi-Fi connectivity within library branches, printing services, and public computer usage. 

The library has reverted to manual processes to continue serving its patrons. Librarians are using paper forms to check out physical books, CDs, and DVDs, ensuring that patrons can still access these materials despite the digital outage. In the case of SPL, the specific details of the ransomware attack, including how the library's systems were compromised and whether any data was stolen or accessed, have not been disclosed. The library has prioritized investigating the extent of the breach and restoring services. The SPL has reassured its patrons that the privacy and security of their information are top priorities. 

In a public statement, the library acknowledged the inconvenience caused by the service disruptions and emphasized its commitment to resolving the issue swiftly. "Privacy and security of patron and employee information are top priorities," the library stated. "We are an organization that prides itself on providing you answers, and we are sorry that the information we can share is limited." The incident underscores the growing threat that ransomware poses to public institutions. Libraries, like many other organizations, handle vast amounts of personal data and provide critical services that can be attractive targets for cybercriminals. 

The ransomware attack on the Seattle Public Library is a stark reminder of the vulnerabilities that public institutions face in the digital age. As the library works to restore full functionality, it will likely implement enhanced security measures to prevent future incidents. This incident may also prompt other libraries and public institutions to re-evaluate their cybersecurity protocols and invest in more robust defenses against such attacks. In the broader context, the attack on SPL highlights the importance of cybersecurity awareness and preparedness. Public institutions must continually adapt to the evolving threat landscape to protect their digital assets and ensure uninterrupted service to their communities.
Read more »
Seattle
Amazon Bitcoin Bitcoin-style system cryptocurrency Proof-of-work system Seattle

Amazon granted patent for Bitcoin-style system

Cryptocurrency rumor mongers are likely to be dancing today as Amazon has successfully filed a patent for a Bitcoin-styled Proof-of-Work system. But don’t get ahead of yourself, it doesn’t look like the Seattle-based ecommerce giant will be accepting Bitcoin for payments.

Despite first being filed in December 2016, Amazon’s patent application was granted earlier this week and appears to outline a system that uses Proof-of-Work to prevent distributed denial-of-service (DDoS) attacks.

“One way to mitigate against such attacks is to configure a service such that requests to the service incur some sort of expense, thereby providing a disincentive to participating in the attack,” the application reads.

Planting a Merkle Tree

Amazon proposes to use Merkle Trees to present a Proof-of-Work challenge and make it too costly for a series of computers to perform a DDoS attack.

But what’s a Merkle Tree? In short, Merkle Trees are cryptographic tools where blocks of data are manipulated to give them a unique identifier also known as a hash.

These hashes are then manipulated again to create a parent hash. Parent hashes are always a combination of two or more child hashes. It’s layers on layers of hashed data.

Since computing power is required to build a Merkle Tree, performing such hashes could get very costly in terms of time, electricity, and resources. In turn, this makes DDoS attacks economically unfeasible.

In the case of Amazon’s patent, imagine having to construct a Merkle Tree before you’re allowed to access a website hosted on one of its servers. To an individual the cost might be insignificant, but to an organization trying to carry out a DDoS attack – which might involve many hundreds of computers – it could become prohibitively expensive.

Merkle Trees are also used in Proof-of-Work blockchains like Bitcoin as part of its consensus mechanism. But for now that’s as close as Amazon will get to Bitcoin.
Read more »
Subscribe to: Posts (Atom)