Cybersecurity Saturday

Ransomware attacks remain in the headlines. Today Bloomberg reports

Colonial Pipeline is working to restore operations after a cyber-attack prompted the company to take its systems offline, threatening the supply of refined petroleum products to gas stations in major cities on the U.S. eastern seaboard.

The Washington Post reported that ransomware was used in the attack, citing two U.S. officials it didn’t identify. It wasn’t clear if the attack was carried out by foreign government hackers or a criminal group, the officials told the Post.

Cyberscoop reports on two major ransomware attacks on healthcare organizations — Scripps Health in San Diego and the Kansas based Midwest Transplant Network — which have occurred since the last Cybersecurity Saturday post. Bleeping Computer maintains a log of ransomware attack and issues here.

ZDNet calls attention to “paper by the Institute for Security and Technology’s (IST) Ransomware Task Force (RTF) – a coalition of cybersecurity companies, government agencies, law enforcement organisations, technology firms, academic institutions and others – has 48 recommendations to help curb the threat of ransomware and the risk it poses to businesses, and society as a whole, across the globe.”

The FBI offers password guidance in honor of World Password Day which was held last Thursday May 6.

“The following tips may help protect you and your information from a breach:

  • Make sure, at the very least, that your email, financial, and health accounts all have different unique passwords and/or passphrases.
  • Make sure your password is as long as the system will allow.
  • Set up multi-factor authentication for your accounts.
  • Don’t allow password ‘hints.’”

In closing here are a few cybersecurity tidbits —

  • Cyberscoop reports that “The Department of Homeland Security announced on Wednesday that it intends to hire 200 new cybersecurity professionals by July as the Biden administration aims to curb ransomware attacks affecting U.S. corporations, as well as foreign espionage operations.”
  • Fortune informs us that “Cloud rivals Microsoft, Google, and IBM have teamed up on a project to help companies better defend against hackers and other cybersecurity problems. The initiative, announced Thursday, involves tracking and recording attempts by hackers to infiltrate corporate systems. Because each cloud-computing vendor records security incidents differently, companies can have a hard time getting the full picture about the latest cybersecurity attacks, explained Daniel Conroy, chief technology officer for the digital unit of aerospace giant Raytheon, which is also part of the project.”
  • Cyberscoop provides the latest on fallout from the SolarWinds hack.