Page 16 - Threat Intelligence 12-20-2019
P. 16

New Orleans Under CyberSecurity Attack, Declares State Of Emergency. Mayor LaToya Cantrell has declared a
        state of emergency in New Orleans, which has ordered the shutdown of most of the city’s computer network
        following a ransomware attack. The attack started at 5 a.m. CST on Friday, according to the City of New
        Orleans’ emergency preparedness campaign, NOLA Ready, managed by the Office of Homeland Security and
        Emergency Preparedness. The organization tweeted a warning that “suspicious activity was detected on the
        City’s network.” At that point, the City’s IT department required the city’s servers to be powered down, with all
        employees to turn off computers and disconnect from Wi-Fi. No ransom request has yet been made, and the
        Mayor indicated emergency services were still operating, with fire and police responding as needed. State and
        federal agencies are assisting the city in its recovery and investigation of the attack. There was no word on
        when full network services would be restored.

                Source:  https://www.yahoo.com/entertainment/orleans-under-cybersecurity-attack-declares-
                162831295.html



        Ransomware Attack on Minnesota Health Facility. A Minnesota healthcare facility specializing in treatments
        for the face, teeth, mouth, and jaw has been hit by a ransomware attack. Southeastern Minnesota Oral &
        Maxillofacial Surgery (SEMOMS) announced the data security incident on Thursday via their website. On
        September 23, 2019, threat actors struck a server used by the organization. IT staff were able to intervene
        immediately to restore the impacted data. No mention was made as to the amount of money demanded by
        the attackers or whether the ransom was paid.  All 80,000 patients of the facility are being informed of the
        incident, which SEMOMS said "may have resulted in the inadvertent exposure of patients’ health information."
        In a statement published on their website, SEMOMS said: "Although at this time there is no evidence that
        patient information was actually accessed or viewed, or any indication of anyone’s information being misused,
        the practice has taken steps to notify anyone who may have been affected by this incident, including sending
        letters to anyone whose information may have been exposed.“
                Source:  https://www.infosecurity-magazine.com/news/ransomware-attack-on-minnesota/




        Bitcoin ransomware locks 10 years’ worth of government data in Argentina. Bitcoin-hungry hackers have
        attacked a data center in Argentina which houses local government files. According to Alicia Bañuelos, Minister
        of Science and Technology of the local government of San Luis, said the attack took place on November 25. In
        an interview with Agencia de Noticia de San Luis — a local government digital news outlet — on December 2,
        Bañuelos said the center had already recovered 90 percent of the encrypted data. Some 7,700 GB —
        approximately 10 years worth data — was originally compromised as a result of the attack. “Decrypting the
        files will take at least 15 days, mostly due to the sheer size of the archive,” Bañuelos added during the
        interview. The size of the Bitcoin ransom is unknown, but reports suggest attackers asked for somewhere in
        between approximately $37,000 and $370,000 (0.5 and 50 BTC) in exchange for decrypting the files.
                Source: https://thenextweb.com/hardfork/2019/12/09/bitcoin-ransomware-government-data-
                argentina/



        Town Restores Computer Network After Ransomware Attack. A Rhode Island town is restoring access to parts
        of its municipal computer network following a ransomware attack.  About 75% of East Greenwich's computer
        servers were infected with encryption Thursday afternoon, said Town Manager Andrew Nota. The town's
        information technology department and a third-party vendor have been restoring the information that was
        encrypted.  No personal information was stolen and at least 10 to 20 town department computers have been
        found to be infected, Nota said. That figure is likely to rise as the investigation continues.

        Source: https://www.usnews.com/news/best-states/rhode-island/articles/2019-12-09/town-restores-
        computer-network-after-ransomware-attack

                                                    www.accumepartners.com
                                                                                                                    16
   11   12   13   14   15   16   17   18   19   20