{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

03/16/2020
linkedin facebook twitter instagram
WorkScoop
A closer look at the Norsk Hydro ransomware attack yields new lessons for experienced researchers. And more on how hackers are trying to exploit the coronavirus pandemic. This is CyberScoop for Monday, March 16.

A failed DDoS attempt, at best

Over the weekend, the Department of Health and Human Services was the target of an attempted cyberattack, a source with knowledge of the matter tells CyberScoop. HHS saw an attempt to overwhelm its systems with traffic as the department continues to respond to the novel coronavirus outbreak. Signs pointed to a failed distributed denial-of-service attack -- no systems were taken offline and no data appears to have been stolen. Nonetheless, we are sure the department's IT staff could do without the headache. Our team is on the story.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


The Norsk Hydro attack, revisited

The Norwegian metals giant Norsk Hydro was crippled by ransomware a year ago. Researchers are still digging for clues on who was behind it. Regardless of who was responsible, though, it was a “worryingly effective blueprint” for state-backed hackers to hide behind malware associated with criminals to achieve their goals, Dragos’ Joe Slowik argued in research published Monday. He examines how the LockerGoga code used against Norsk Hydro was more disruptive than previous versions of the malware. Who would target a huge company with good security practices, and not bother to cash in on the breach? Perhaps we’ll never know, but learning from the attack can help defend against future hacking attempts. Sean Lyngaas looks back.


Ransomware strikes Czech hospital testing for coronavirus

The Czech Republic’s second-largest hospital revealed Friday that it was hit by a cyberattack, forcing it to delay some operations. It was not clear how, if at all, the incident would affect coronavirus tests, but it was nonetheless a reminder of how cyberattacks have the potential to exacerbate the global health crisis. Lukasz Olejnik, a former cyberwarfare adviser to the International Committee of the Red Cross, said that, in times of crisis, taking out individual elements of a health care system can damage collective resilience. Sean has more details.


New details linked to breach of European grid organization

The European Network of Transmission System Operators for Electricity, and its 42 utility members across Europe, is a rich hacking target. Attackers could use data housed on ENTSO-E’s IT network to target individual utilities. There’s no evidence that has happened following the recent breach of ENTSO-E’s network. But new details are coming to light on the breach, despite ENTSO-E’s staying quiet on the incident. The attackers used a remote hacking tool to access ENTSO-E’s email server for weeks using a commodity remote hacking tool, according to an incident report that sources say matched the ENTSO-E breach. Sean had the scoop.


How to protect yourself while working from home

Attackers will have additional opportunities to break into networks in the coming weeks as more U.S. workers log on from home as the country responds to the COVID-19 outbreak, warns the Cybersecurity and Infrastructure Security Agency in an alert Friday to the public. Any organization that uses virtual private networks, including agencies at all levels of government, should remember basic cyber-hygiene procedures such as updating and patching networks, staying alert to phishing attempts and using multi-factor authentication when possible. For organizations without multiple-factor authentication, CISA recommends at least using strong passwords. FedScoop's Jackson Barnett has the update.


Big vulnerabilities lurk in Voatz voting app

An extensive audit published Friday of Voatz, the mobile app that’s been used to collect live ballots from overseas voters in multiple states since early 2018, revealed 16 “severe” technical vulnerabilities. These include sensitive user data being exposed to the company’s developers and improper use of cryptographic algorithms, a blow to a company that has staked its reputation on its use of blockchain technology. The audit confirmed the findings revealed last month by researchers at the Massachusetts Institute of Technology who found, among other flaws, that Voatz’s use of third-party vendor to authenticate the identity of its users could compromise the anonymity of ballots the app collects. Benjamin Freed had more at StateScoop.


A coronavirus-tracking app locked users' phones to demand $100

A new Android app that promises to deliver up-to-date figures on the coronavirus pandemic includes a strain of malicious software which locks up a user’s phone, and demands an extortion fee. The ransomware app, called CovidLock, threatens to erase everything on an infected phone if victims don’t pay $100 in bitcoin within 48 hours, according to the security firm DomainTools. The app is not available in the Google Play store, and the number of people affected remains unclear. DomainTools has said it intends to release a decryption tool for affected victims, while Reddit users claim to already have deciphered the password to release locked data. The program only represents scammers’ latest attempt to use concerns around the coronavirus, or COVID-19, to defraud anxious technology users. Jeff Stone has the news.


Tweet Of The Day

Image

Can't be clearer on this one, folks.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}