Rampant ransomware.

[Flintstone61]

Stuxnet was left on some USB thumbdrives, in hopes some Iranian, would eventually come across one, and bring it into the Centrifuge. and apparently that is what happened to uranium enrichment problems in Iran. Don't quote me on Specific's I have "Sumtimers"

 

[Left Coast Geek]

my final $job, from which I retired a few years ago (when my department was shut down after 20 years), was a large multinational manufacturing firm.

some years earlier the HR and Payroll operations, which had been moved overseas to a SE asian country, someone got ahold of a jr HR person by phone, and faked being a US executive VP on the road, and convinced the jr HR person to email them the entire US payroll database. that included name, SS#, home and work address, phone numbers, bank routing numbers for autodeposit, spouse and children names, and their SS #s, etc etc etc. this effected something like 15000 US employees.

who needs computer hacking when you've got a telephone?

 

[mikeynags]

my final $job, from which I retired a few years ago (when my department was shut down after 20 years), was a large multinational manufacturing firm.

some years earlier the HR and Payroll operations, which had been moved overseas to a SE asian country, someone got ahold of a jr HR person by phone, and faked being a US executive VP on the road, and convinced the jr HR person to email them the entire US payroll database. that included name, SS#, home and work address, phone numbers, bank routing numbers for autodeposit, spouse and children names, and their SS #s, etc etc etc. this effected something like 15000 US employees.

who needs computer hacking when you've got a telephone?

You're absolutely right. It's called social engineering and it takes advantage of the weakest link in the chain, the human

 

[Left Coast Geek]

You're absolutely right. It's called social engineering and it takes advantage of the weakest link in the chain, the human

in this specific case, I feel sorry for the young SE asian girl who probably barely spoke english. but yeah, weakest link. and yeah, Big.Corp saves money moving HR and Payroll to SE Asia, and screws their entire staff.

in my case, I'm happy to be retired, my department was dissolved and our functions moved to various development groups in Asia that had been working under us.

 

[alastairstevenson]

Another big supplier hit by ransomware:

JBS: World's largest meat supplier hit by cyber-attack

JBS: Cyber-attack hits world's largest meat supplier

The ransomware attack may mean delays for some customers in the US, Canada and Australia, the firm says.

www.bbc.co.uk

 

[alastairstevenson]

But so much worse when critical national infrastructure is brought down :

US fuel pipeline hackers 'didn't mean to create problems'

The US has relaxed rules on fuel transport after a ransomware cyber-attack took the pipeline offline.

www.bbc.co.uk

In a surprising development, it seem the FBI has managed to acquire and open the attacker's Bitcoin wallet and recover the ransom that Colonial paid :

Colonial Pipeline: US recovers most of ransom, justice department says

The US Department of Justice says it has seized most of the $4.4m (£3.1m) paid to cyber-criminals.

www.bbc.co.uk

 

[Jessie.slimer]

Does anyone else find it odd that these highly skilled hackers still had that much stolen currency in their bitcoin wallet to be "recovered"?

Did the FBI actually return it to Colonial?

Even if the story is true, by the FBI's own admission they still got away with over $1M...

 

[Nick70068]

We use a phishing training service. Each user gets and email each month enticing them to follow the link. It’s reasonably effective. Better than nothing.

We required cybersecurity training for all faculty, staff, and students at a large medical school. Training includes an emphasis on phishing techniques used to gain access to our network. Monthly an in-house phishing email is randomly sent out to network users. And without a doubt, there are network users that fall for this. Offenders have their network access temporarily disabled until they meet with I.T. to explain what they did, and are required to repeat additional training. Yet, many times they are repeat offenders.

 

[alastairstevenson]

Even if the story is true, by the FBI's own admission they still got away with over $1M...

Bitcoin value has dropped a lot over the timeframe.

 

[Jessie.slimer]

Bitcoin value has dropped a lot over the timeframe.

Even stranger then if the full amount was still in there. You'd think people competent enough to pull this off would be smart enough to move it out of the account used in the crime.

 

[sebastiantombs]

We required cybersecurity training for all faculty, staff, and students at a large medical school. Training includes an emphasis on phishing techniques used to gain access to our network. Monthly an in-house phishing email is randomly sent out to network users. And without a doubt, there are network users that fall for this. Offenders have their network access temporarily disabled until they meet with I.T. to explain what they did, and are required to repeat additional training. Yet, many times they are repeat offenders.

As I've said before, you can't cure stupid. There are times when even the most cautious and savvy can fall for these little gems, too.

 

[alastairstevenson]

An update on the JBS hack :

The world's largest meat processing company has paid the equivalent of $11m (£7.8m) in ransom to put an end to a major cyber-attack.

Meat giant JBS pays $11m in ransom to resolve cyber-attack

Hackers disrupted operations in several markets at the world's largest meat processing company.

www.bbc.co.uk

 

[Paranoid_Loyd]

We took the approach of using host-based firewalls (that aren't Microsoft). We found over 40 Microsoft applications that phone home for one reason or another.
Our rule set only allows signed MS applications to communicate with the domain controllers over specified TCP/UDP ports. Everything else is specific and granular in nature.
It was a lot of overhead but I'm positive that Excel.exe can only perform LDAP queries to the DC and not download other software or perform other operations.
The concept is simple, but the execution uses a lot of resources up front.
Still figuring out the white-listing software portion, but I'll call it done when that's up and running.
After all that, we'll still have to deal with stupid human tricks

 

[alastairstevenson]

Another big supply-chain ransomware attack :

About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.
Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

US companies hit by 'colossal' cyber-attack

A cyber-security firm says it believes the Russia-linked REvil ransomware gang is responsible.

www.bbc.co.uk

 

[handinpalm]

Most likely the best way to control this ransomware it to outlaw cryptocurrency, until the $ can be tracked to users. Until then it is open warfare and we are going to lose. Nothing is going to happen until a ransomware attack causes major catastrophic problem with the power/water infrastructure and many people die. We are never really proactive, only reactive.

BTW, what was on the "off limit" list that Biden gave Putin? I guess we will never know, so he does not have to hold him accountable.

Another big supply-chain ransomware attack :

US companies hit by 'colossal' cyber-attack

A cyber-security firm says it believes the Russia-linked REvil ransomware gang is responsible.

www.bbc.co.uk

 

[alastairstevenson]

One of the many victims of this attack :

Swedish Coop supermarkets shut due to US ransomware cyber-attack

Some 500 stores are forced to close due to the ripple effects of a major cyber attack in the US.

www.bbc.co.uk