DIRS.INFO The most relevant business & tech news

☆ Cyberattack on health insurance IT giant continues to disrupt business for doctors, therapists
▼ + stars: | 2024-02-28 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +6 min

“I’ve begun manually billing and I’m praying that I will be paid,” Disney told CNN. Lack of payment isn’t sustainableCarter Groome, chief executive of Health First Advisory, a cybersecurity firm whose clients include big health care organizations, estimated that some health care providers are losing more than $100 million per day because of the outage. “That’s just not sustainable in an industry with not a lot of cash on hand,” Groome told CNN. As of Wednesday morning, Change Health Care said the company’s affected network was still offline. Hackers using the malware have claimed a slew of attacks on US universities, health care providers and hotels in the last 18 months.

Persons: “ I’ve, ” Disney, Purvi, Parikh hasn’t, Carter Groome, That’s, ” Groome, ”, Leslie Porras, ” Porras, Tyler Mason, Mason, Parikh, ” Mason, Amy Cizik, Cizik, ” Cizik, Andrea Palm, ALPHV ransomware, John Riggi, ” Riggi Organizations: Washington CNN, CNN, Disney, Health, Advisory, Pipeline, ”, Healthcare, Care, “, Senior US, FBI, Human Service, Homeland Security, Reuters, Justice Department, American Hospital Association, AHA Locations: Maryland, New York, Utah, Salt Lake City

☆ An infamous hacking group is reportedly behind the cyberattack that has left US pharmacies reeling
▼ + stars: | 2024-02-27 | by ( Camilo Fonseca | ) www.businessinsider.com time to read: +3 min

A high-profile ransomware gang is responsible for the outage that has paralyzed US pharmacies, Reuters reported. Blackcat is behind the attack on UnitedHealth Group's claims management arm last week, per the report. The outage at Chain Healthcare, the payment management arm of healthcare giant UnitedHealth Group, was caused by a ransomware attack by hackers affiliated with Blackcat, Reuters reported, citing two unnamed sources. AdvertisementLast week's attack on Change Healthcare forced its parent company to disconnect its own systems "to prevent further impact," according to UnitedHealth Group. But experts aren't sure if the group responsible for last week's hack was sponsored by foreign actors.

Persons: Blackcat, UnitedHealth, —, Reddit, cybercriminals, Brett Callow Organizations: Reuters, Service, Healthcare, UnitedHealth, Blackcat, Caesars Entertainment, MGM Resorts, UnitedHealth Group, American Pharmacists Association, SEC, Colonial Pipeline, Google, Palo Alto Networks

☆ Cybercriminals raked in record $1.1 billion in ransom payments in 2023
▼ + stars: | 2024-02-07 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +2 min

Washington CNN —Cybercriminals extorted a record $1.1 billion in ransom payments from victim organizations around the world last year despite US government efforts to cut off their money flows, crypto-tracking firm Chainalysis said in a report released Wednesday. The surge in ransom payments, which nearly doubled the $567 million by Chainalysis in 2022, coincided with a “major escalation in the frequency, scope, and volume of attacks,” the New York based-firm said. After the FBI announced an operation that thwarted $130 million in ransom payments for several months in 2022, a variety of cybercriminal groups have struck US casinos, hospitals and schools in 2023, and have sometimes collected big payouts. MGM Resorts has estimated its recovery costs from a major ransomware attack last year at $100 million. Multiple US government agencies themselves were hacked by a Russian-speaking ransomware gang, as CNN first reported in July, though there were no reports of ransom payments made by those victims.

Persons: Washington CNN — Cybercriminals, Chainalysis, Jackie Burns Koven, Biden Organizations: Washington CNN, FBI, CNN, MGM Resorts, Colonial Pipeline, US Treasury, White, Justice Locations: York

☆ US judge refuses to overturn Exxon permit denial to truck crude oil in California
▼ + stars: | 2023-09-27 | by ( Clark Mindock | ) www.reuters.com time to read: +3 min

REUTERS/Yuri Gripas/File Photo Acquire Licensing RightsCompanies Exxon Mobil Corp FollowSept 27 (Reuters) - A U.S. judge on Wednesday refused to overturn a California county's decision to block Exxon Mobil Corp (XOM.N) from using tanker trucks to ship crude oil from coastal facilities to inland refineries while a ruptured pipeline is fixed. The company has said trucks are "essential" to restarting three offshore oil platforms and an onshore oil processing facility that have been shuttered since the spill. Gee's decision did not address Exxon's claims that the board's decision amounted to an unconstitutional taking of the company's property and other constitutional claims. Attorney Linda Kropp, who represented several of those groups, said Exxon's trucking plan is "reckless, dangerous and totally unwelcome" and said it puts the community at risk of oil tanker crashes. Exxon had sued in May 2022, alleging the board's denial was a "prejudicial abuse of discretion."

Persons: Yuri Gripas, Dolly Gee, Exxon's, Gee, Linda Kropp, Clark Mindock, Alexia Garamfalvi, Chris Reese Organizations: Exxon, Colonial Pipeline, REUTERS, Companies Exxon Mobil Corp, Exxon Mobil Corp, Santa Barbara County, Supervisors, Sierra Club, Thomson Locations: Washington , U.S, U.S, California, Los Angeles, Santa, Santa Barbara

☆ FBI director urges private sector to lend government more support in cyber intelligence
▼ + stars: | 2023-09-18 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +3 min

FBI Director Christopher Wray testifies during a Senate Appropriations Subcommittee on Commerce, Justice, Science, and Related Agencies hearing on Capitol Hill May 10, 2023 in Washington, DC. WASHINGTON, D.C. – FBI Director Christopher Wray said Monday that the federal government is relying more than ever on private sector support to ensure that U.S. infrastructure remains secure. Wray said that artificial intelligence may help China's cyber intelligence operations in their efforts to overpower U.S. defenses, and reiterated that Chinese hackers outnumber the FBI's cyber and intelligence agents by at least 50 to 1. China is poised to "use the fruits of their widespread hacking to power, with AI, even-more-powerful hacking efforts," he added. North Korean hacking groups, for example, often seek to generate revenue for the government while gathering espionage for the state.

Persons: Christopher Wray, Wray, it's, Colonial's Organizations: Commerce, Justice, Science, Capitol, WASHINGTON , D.C, Mandiant's mWise Conference, Google, FBI, Cybersecurity Infrastructure Agency, Colonial Pipeline Locations: Washington , DC, WASHINGTON ,, Washington, China, Korean, Ukraine, Eastern Europe, U.S, East

☆ Thousands of employees in the US Department of the Interior are using accounts that are easily hacked
▼ + stars: | 2023-08-06 | by ( Katie Hawkinson | ) www.businessinsider.com time to read: +3 min

A report from the US Department of the Interior showed that 21% of employee accounts could be hacked. The report also noted that nearly 500 employees used "Password-1234" to protect their accounts. A report from the Department of the Interior reveals the most-used password among their employees last year was "Password-1234." "My sneaking suspicion is that Interior Department employees are no different from most Americans in how they use passwords, so if this problem exists in my department, it could exist across the federal government and in business offices and private homes nationwide," Greenblatt wrote. Greenblatt also noted that 99.99% of the 18,000 accounts that staff cracked met the Department's password complexity requirements — including "Password-1234."

Persons: Kathleen Sedney, Mark Lee Greenblatt, Greenblatt Organizations: US Department of, Washington Post, Department of, Integrity, Interior Department Locations: Washington, United States

On Tuesday, the Biden administration announced it’s moving to implement a cybersecurity labeling program aimed at helping consumers pick out trustworthy tech products that are rated as more secure than the competition. Products certified under the new program may come with a QR code that links to a national database affirming its participation, the administration added in a release. “This new labeling program would help provide Americans with greater assurances about the cybersecurity of the products they use and rely on in their everyday lives,” the administration said in a statement. “It would also be beneficial for businesses, as it would help differentiate trustworthy products in the marketplace.”The government proposal comes two years after President Joe Biden signed an executive order calling for an “‘energy star’ type of label” for tech products. “Market forces alone were never going to be sufficient to force manufacturers to step up and deliver more secure devices,” he said.

Persons: Biden, it’s, —, cybersecurity, ”, Joe Biden, Dave DeWalt, “ We’ve Organizations: CNN, National Institute of Standards, Technology, NIST, House, Products, Twitter, PayPal, Federal Communications Commission, FCC, Colonial Pipeline, Companies, Amazon, Cisco, Google, LG, Logitech, Samsung, Consumer Technology Association

☆ U.S. officials call spy program key to big cases, but give few details
▼ + stars: | 2023-06-13 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +4 min

SAN FRANCISCO, June 12 (Reuters) - Senior U.S. government officials warned on Tuesday of serious national security risks if a key surveillance program set to expire this year isn't renewed, but declined to share specifics of cases in which it had been useful. But the agency has misused the program to spy on Americans numerous times, because the program also allows access to information of Americans in communication with foreigners. "It's not just useful or important or helpful, but at this point, it is vital to addressing a wide array of national security challenges." Among other reforms, the groups have called for requiring a warrant for searches of Americans’ information on the database. Requiring a warrant would be "profoundly harmful" to the country's national security, one U.S. official said.

Persons: isn't, It's, Zeba Siddiqui, Gerry Doyle Organizations: FRANCISCO, Senior U.S, Foreign Intelligence, U.S, Federal Bureau of Investigation, FBI, Colonial Pipeline, U.S ., Center for Democracy & Technology, Monday, National Intelligence, Thomson Locations: United States, U.S, China, Russia, Iran, North Korea, San Francisco

☆ 'Aggressive' China cyberattacks are the 'defining threat' of our time, top U.S. cyber official says
▼ + stars: | 2023-06-13 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +3 min

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, testifies before a House Homeland Security Subcommittee, at the Rayburn House Office Building in Washington, D.C., April 28, 2022. China's cyber-espionage and sabotage capacities are an "epoch-defining threat," the top U.S. cybersecurity official said, warning that in the event of open warfare "aggressive cyber operations" would threaten critical U.S. transportation infrastructure "to induce societal panic." "We, as an American people, need to understand not just cyber resilience but the imperative of operational resilience and the importance of societal resilience," the CISA director said. Chinese cyber infiltration and espionage have been an ongoing concern for American companies. A disruption of critical pipelines, communications infrastructure, or transportation services could cripple the U.S. economy in the case of conflict.

Persons: Jen Organizations: Infrastructure Security Agency, Homeland Security, Washington , D.C, China's, Infrastructure Security, Aspen Institute, Microsoft, U.S, Corporate, U.S ., Colonial Pipeline Locations: Rayburn, Washington ,, U.S, China, Asia, East

☆ Panic buying causes widespread gas station closures in South Florida
▼ + stars: | 2023-04-19 | by ( Chris Isidore | ) edition.cnn.com time to read: +3 min

New York CNN —More than half of gas stations in the Miami-Fort Lauderdale area were without gasoline Wednesday after flooding from last week’s massive storm caused a wave of panic buying by drivers topping off their gas tanks. “I would estimate that 80% of [station closings] are due to panic buying,” said Patrick De Haan, head of petroleum analysis for GasBuddy, which tracks station closings and gas prices. Data from GasBuddy showed that 59% of stations in the Miami-Fort Lauderdale market were closed Wednesday, up from about 20% on Sunday. But the even better news is that with full tanks, drivers will not need to fill up in the coming days as they normally might have, and the panic buying is likely to subside. He expected most of the closed stations to be reopened by the weekend.

☆ White House aims to shift cybersecurity burden from individuals and small businesses to tech providers
▼ + stars: | 2023-03-02 | by ( Lauren Feiner | ) www.cnbc.com time to read: +3 min

The White House released its long-awaited National Cyber Strategy on Thursday, providing a road map for how the Biden administration aims to defend the U.S. from a rapidly growing number of online threats. "The president's strategy fundamentally reimagines America's cyber social contract," Acting National Cyber Director Kemba Walden said during a press briefing on Wednesday. The White House is proposing that legislation establish liability for software makers which fail to take reasonable precautions to secure their products and services. The White House said the work has already started. WATCH: Closing keynote: The White House is serious about cybersecurity

☆ Even hackers are getting laid off: As companies beef up cybersecurity, one hacker group reportedly let go of 45 telemarketers tricking people into inviting ransomware
▼ + stars: | 2023-02-21 | by ( Sindhu Sundar | ) www.businessinsider.com time to read: +3 min

More countries are targeting payments made to appease ransomware attackers, according to Gartner. As US Department of Justice investigators and companies beef up their oversight of cybersecurity threats, the impact of ransomware attacks — hackers demand ransom payments from targets — has been blunted, according to a Wall Street Journal report. Ransomware hacks can have high stakes, especially when hackers blackmail targets over private information in order to extract payments. In 2021, the agency created new groups internally, including the National Cryptocurrency Enforcement Team and the Ransomware and Digital Extortion Task Force. Countries are generally also stepping up their oversight of ransomware attacks and trying to improve privacy regulations, according to the research and consulting firm Gartner.

WASHINGTON, Jan 26 (Reuters) - The FBI revealed on Thursday it had secretly hacked and disrupted a prolific ransomware gang called Hive, a maneuver that allowed the bureau to thwart the group from collecting more than $130 million in ransomware demands from more than 300 victims. They were then able to alert victims in advance so they could take steps to protect their systems before Hive demanded the payments. In that case, the Justice Department seized some $2.3 million in cryptocurrency ransom after the company had already paid the hackers. The Justice Department said that over the years, Hive has targeted more than 1,500 victims in 80 different countries, and has collected more than $100 million in ransomware payments. Attorney General Merrick Garland said the FBI's operation helped a wide range of victims, including a Texas school district.

☆ The dark web's criminal minds see Internet of Things as next big hacking prize
▼ + stars: | 2023-01-09 | by ( Elizabeth Macbride | ) www.cnbc.com time to read: +4 min

But 2022, say experts, may have marked an inflection point due to the rapid proliferation of IoT (Internet of Things) devices. For the past decade, manufacturers, software companies and consumers have been rushing to the promise of Internet of Things devices. IoT devices are a key entry point for many attacks, according to Microsoft's Digital Defense Report 2022. "While the security of IT hardware and software has strengthened in recent years, the security of Internet of Things (IoT) … has not kept pace," according to the report. What many experts are anticipating is the day enterprising criminals or hackers affiliated with a nation-state figure out an easy-to-replicate scheme using IoT devices at scale.

☆ Corporate Tech Leaders Untangle Their Cybersecurity Roles
▼ + stars: | 2022-12-22 | by ( Belle Lin | ) www.wsj.com time to read: +6 min

Information technology and cybersecurity chiefs grew closer than ever in 2022, a dynamic allowing for more comprehensive threat mitigation, but raising new questions over responsibilities. About 50% of the company’s threat planning simulations, in which IT plays an active role, involve ransomware scenarios, according to Ms. Smart. Ms. Allison is retiring at the end of the year, the company said, and will be succeeded by Gary Harbison. Photo: Adobe Inc.Prasad Ramakrishnan, the CIO and former CISO of software maker Freshworks Inc., said IT and security have shared roles in evaluating the cybersecurity resiliency of corporate software purchases. And in securing a hybrid work environment, his joint cybersecurity and IT roles included adding a new cybersecurity layer on top of cloud-based software on company laptops.

☆ Cyber Insurers Turn Attention to Catastrophic Hacks
▼ + stars: | 2022-11-28 | by ( James Rundle | ) www.wsj.com time to read: +5 min

While cyber insurance has evolved significantly in recent years, insurers say they might still be unprepared for the fallout from a catastrophic cyberattack. “I think it’s important we stress that the insurance industry has not had a catastrophic event,” said John Coletti, head of cyber reinsurance at Swiss Re. “We have hundreds of years of history of understanding that risk,” Mr. Tiernan said. Part of the challenge for modeling cyber catastrophes is that historical data simply doesn’t exist to produce accurate models, Mr. Tiernan said. “We probably need to pay a little more attention to the assumptions that underpin them.”Write to James Rundle at james.rundle@wsj.com

☆ Hot Market for Cyber Insurance Begins to Stabilize
▼ + stars: | 2022-11-15 | by ( Richard Vanderford | ) www.wsj.com time to read: +6 min

The market for cyber insurance has begun to stabilize after a surge in ransomware attacks in recent years propelled a steep rise in premiums, observers say. Cyber insurance can pay ransoms to hackers who lock company technology systems, or it can help offset the cost of responding to data breaches. The insurance itself remains relatively niche—insurer Munich Re Group estimated the global value of cyber insurance premiums at $9.2 billion at the outset of 2022, compared with hundreds of billions of dollars spent in the U.S. alone for commercial insurance, according to the Insurance Information Institute—but events spurring premium increases have become familiar. But not all companies can, as some must have cyber insurance to work with partners, Mr. McNicholas said. “The cyber insurance community has to be fairly nimble and flexible in how it looks at risk.”Write to Richard Vanderford at Richard.Vanderford@wsj.com

☆ Reported Ransomware Incidents, Costs Soared in 2021, Treasury Says
▼ + stars: | 2022-11-04 | by ( James Rundle | ) www.wsj.com time to read: +4 min

U.S. banks flagged ransomware-related transactions adding up to more than $1 billion in 2021, the Treasury Department said, although risk experts said that barely scratches the surface of cybercrime’s true economic scale. In 2020, such transactions totaled $416 million across 487 reports. FinCEN is an arm of the Treasury that analyzes financial data to identify money laundering, terrorist financing and other crimes. Reports from the first six months of 2021 alone exceeded the total for all of 2020, FinCEN said, noting that around 75% of incidents in 2021 stemmed from Russia-based cyber actors. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors.

☆ U.S. banks processed roughly $1.2 billion in ransomware payments in 2021, according to federal report
▼ + stars: | 2022-11-01 | by ( Chelsey Cox | ) www.cnbc.com time to read: +2 min

U.S. banks and financial institutions processed roughly $1.2 billion in likely ransomware payments in 2021, a new record and almost triple the amount in 2020, according to a federal financial crimes watchdog. The report reflects a sweeping government effort to identify and report ransomware attacks following the hacking of U.S.-based Colonial Pipeline's IT network in May 2021. FinCEN said there were 1,489 ransomware incidents costing nearly $1.2 billion last year, a substantial rise from $416 million in damages recorded in 2020, according to the report. The agency said four of the overall top five ransomware attacks reported during this period are tied to Russia. In March, Biden signed a measure requiring some businesses to report certain cyber incidents and ransomware payments to the Cybersecurity, Infrastructure and Security Agency.

☆ Cybersecurity Tops the CIO Agenda as Threats Continue to Escalate
▼ + stars: | 2022-10-17 | by ( Steven Rosenbush | ) www.wsj.com time to read: +6 min

Cyber and information security has been at the top of their agenda since 2020. Newsletter Sign-up WSJ | CIO Journal The Morning Download delivers daily insights and news on business technology from the CIO Journal team. Gartner forecasts that worldwide information security and risk-management spending by end-users will reach $188.336 billion in 2023, up 11.3% from the current year. It’s what boards are talking about,” said Truist Financial Corp. Chief Information Security Officer Howard Whyte. He and Truist CIO Scott Case work closely to understand the Charlotte, N.C.-based bank’s changing attack surface and cybersecurity risk.

☆ Rising premiums, more restricted cyber insurance coverage poses big risk for companies
▼ + stars: | 2022-10-11 | by ( Bob Violino | ) www.cnbc.com time to read: +7 min

Luke MacGregor | Bloomberg | Getty ImagesAmong the many consequences of the rising number of costly data breaches, ransomware, and other security attacks are pricier premiums for cyber security insurance. The high demand for cyber coverage is in part fueled by greater awareness among companies of the threat cyber risk poses for businesses of all sizes, it said. The study said the cost of cyber insurance is based in part on the frequency, severity, and cost of cyber attacks, "all of which have been increasing. "But now, carriers are becoming less likely to include it, and are instead offering cyber coverage separately. "Also, companies that go bare on cyber liability may see an impact on revenue, as customers and suppliers increasingly make cyber coverage a requirement of doing business."

☆ UK police arrest 17-year-old on suspicion of hacking
▼ + stars: | 2022-09-23 | by ( ) www.reuters.com time to read: +1 min

Register now for FREE unlimited access to Reuters.com RegisterA hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. Top U.S. fuel pipeline operator Colonial Pipeline has shut its entire network after a cyber attack, the company said on Friday. read moreRegister now for FREE unlimited access to Reuters.com RegisterThe police could not confirm if the arrest was related to that investigation. In April, City of London Police charged two teenagers aged 16 and 17 in connection with an investigation into hacking. Register now for FREE unlimited access to Reuters.com RegisterReporting by Farouq Suleiman and Paul Sandle; editing by William James and Alex RichardsonOur Standards: The Thomson Reuters Trust Principles.

Criminal hackers have recently targeted U.S. school districts and will likely continue to escalate their attacks this school year, federal agencies warned Tuesday. Hackers infected the district’s computer networks with malicious software, locking up files and demanding a ransom payment. While classes in Los Angeles weren’t canceled, the attack caused a “significant disruption” to the school district and some of its services, the district announced. Since then, there haven’t been any such high-profile ransomware attacks on energy infrastructure. Ransomware attacks on schools also run the risk of giving hackers access to children’s personal information, the government warned.

☆ Ransomware's new business model enables anyone to extort companies for massive payouts. Some insiders say it's a criminal twist on the strategy that made cloud giants so successful.
▼ + stars: | 2022-09-02 | by ( Belle Lin | ) www.businessinsider.com time to read: +5 min

Ransomware is following the business and distribution model that made cloud giants so successful. Experts say it's so easy to buy ransomware tool kits that hackers can make a monthly income from it. In the same vein, ransomware developers are taking care of back-end operations to get hackers up and running. Today's ransomware gig economy includes a network of behind-the-scenes operatorsThe ransomware gig economy behind ransomware-as-a-service programs has also expanded rapidly over the past two years. Record-breaking payouts include a $4.4 million ransom secured by hackers that attacked the fuel-pipeline operator Colonial Pipeline in 2021.

☆ 1.000 de companii afectate de atacul cibernetic al hackerilor în SUA; În Suedia, casele a 800 de supermarketuri au paralizat
▼ + stars: | 2021-07-04 | by ( ) www.jurnal.md time to read: +3 min

Prima consecinţă a acestui atac cibernetic a fost aceea că un mare lanţ de supermarketuri din Suedia a trebuit să închidă sâmbătă peste 800 de magazine, casele sale fiind paralizate de atac. Conform estimării firmei de securitate IT Huntress Labs, "peste 1.000 de companii" au fost afectate de acest atac ransomware. Specialiştii americani în securitate IT suspectează că în spatele acestui atac cibernetic s-ar afla gruparea de hackeri ruşi REvil, informează Reuters. Preşedintele Biden, care a ordonat sâmbătă o anchetă, a afirmat că "primul gând a fost că nu a fost vorba de guvernul rus, dar încă nu suntem siguri". Agenţia americană pentru securitate cibernetică şi securitate a infrastructurii (CISA) "monitorizează îndeaproape situaţia", potrivit unui oficial al instituţiei, Eric Goldstein.

Persons: Reuters, Mulţi, Joe Biden, Vladimir Putin . Preşedintele Biden, Eric Goldstein, Alfred Saikali, Hardy, Bacon Organizations: Kaseya Locations: SUA, Suedia, Miami, Statele Unite, Rusia

Search resuls for: "Colonial Pipeline"

25 mentions found