Be careful with conference invites, Montreal hospital hit and U.S. county documents reportedly leaked
Welcome to Cyber Security Today. It’s Friday October 30th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
There are lots of ways attackers try to use email to scam you, like sending fake invoices and documents. Here’s another: Fake invitations to real conferences you’re likely to attend. Politicians, academics and security researchers, for example, would likely consider going to a security conference. This week Microsoft said it detected and broke up lures sent to people going to the Munich Security Conference and a summit in Saudi Arabia. The lures looked like conference invitations. Several people fell for them. Microsoft believes the plan was to infect computers steal passwords and gain sensitive intelligence. It looks like the gang behind this were based in Iran. Senior executives, people who have access to sensitive information and political leaders should be careful handling emailed invitations to meetings and conferences. It helps if you protect your computer and email logins with multifactor authentication.
Earlier this week the FBI and the U.S. Cybersecurity and Infrastructure Agency warned they have credible information that a new wave of ransomware attacks on hospitals is about to happen. It may be a coincidence but Montreal’s Jewish General Hospital reported a cyber attack around the same time. Hospital officials say it isn’t ransomware because no demand for money has been received. IT systems and the phone system were affected.
Healthcare institutions are urged to have and practice their business continuity plans, train employees to be careful opening emailed attachments and links.
On Wednesday’s podcast I told you about a ransomware attack on a county in the U.S. state of Georgia. At the time the county said there was no evidence that any citizen or employee data had been compromised. Well, the Bleeping Computer news service reports a ransomware gang called DoppelPaymer now says it started to release copies of files it says were taken from county computers. Some of the data include voter registration records, although these already are public information. Other files appear to be election preparation documents and accounting records.
Finally, IT administrators running systems with Oracle WebLogic should install the latest security patch. Hackers are already hunting for systems that are open to being attacked.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals.
This afternoon we’ll release the Week In Review edition, with a discussion about election interference and misinformation with guest analyst Dinah Davis of Arctic Wolf. Listen on your drive home, on or the weekend.
Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.