American schools increasingly hit by ransomware, an event ticket agency is hacked and more.
Welcome to Cyber Security Today. It’s Wednesday, October 26th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
A public school district in Iowa has become the latest education board in the U.S. to be listed as a victim by a ransomware gang. According to researcher Brett Callow of ESET, the Karakurt gang is claiming responsibility. So far this year 32 school districts with over 1,800 schools in the U.S. have been impacted by ransomware. Crooks stole and released data from at least 18 of those boards. In addition at least 33 colleges and universities were impacted by ransomware. Of them, crooks stole data from 20 institutions.
Meanwhile researchers at Microsoft warned that a threat group known as Vice Society has not only recently been targeting schools in the U.S., it also uses different ransomware strains.
Crooks choose public sector institutions like school boards and municipalities because they may not be able to afford sophisticated cyber defences, and they may be more willing to pay ransoms or extortion than big companies.
Separately, the Hive ransomware group is posting data it claims to have stolen earlier this month from one of India’s biggest electricity suppliers, Tata Power. The Bleeping Computer news site says so far the data posted by the attackers appear to be personal information about Tata employees. Tata has said the attack was on its IT systems.
American event ticket agency See Tickets has admitted hackers may have stolen customers’ names and their credit or debit card information for over two years starting in late June of 2019. In a copy of letter filed with the state of Montana and sent to potential victims, the company says in April it realized that a hacker had compromised some event checkout pages.
Microsoft ended support for the Internet Explorer browser in June. Some IT departments made employees at their organizations switch either to Microsoft Edge or other browsers a while ago in anticipation of this. However, certain logs left behind by Internet Explorer still pose a risk because they allow access permissions within Windows. That’s according to researchers at Varonis. Hackers could use the access to either crash or cause a denial of service to a computer. A patch for one vulnerability was included on October 11th in this month’s Windows Patch Tuesday updates. But the other is still a risk. Windows administrators have to watch who is given administrator privilege over this log file.
As part of Cybersecurity Awareness Month it’s time to remind listeners of the importance of a safe password. Experts know what many people do wrong: They use passwords like 123456, the days of the week, the months of the year, their first names, names of sports teams or sequential letters on a keyboard like ‘qwerty’. Crooks know this and will test those first. So here’s my advice: First, get a software password manager to manage the different passwords you have to create. Your antivirus suite may come with one, or may be an option. Second, create a safe and different password for every important site you have to log into. An important site is your email, your office computer, your bank — anything that holds your sensitive personal information.
You have two choices for passwords: Create one from a jumble of letters, numbers and special characters — like an exclamation mark — of at least 12 characters; or create a passphrase composed of at least three random words that’s at least 15 characters long. The idea passphrases are relatively easy to remember.
Third, say yes whenever a website or service offers multifactor or two-factor authentication. Initially it’s an extra step for logging in by typing in a six digit code sent by email or an authenticator app on your smartphone. But it’s a key to added security. Remember, every site has to have a different password. More password advice is available here and here.
More people in Canada and the U.S. are using multifactor authentication. That’s according to a survey released this week by the Chubb insurance group. More than half of those surveyed said they now use multifactor authentication for logins, twice as many as last year. Perhaps they’re using it because their employer or email provider forces them too, but that’s still good. The bad news: 61 per cent of respondents say they have trouble keeping track of their passwords. They likely aren’t using password managers.
Finally, those of you with Apple devices should be looking for operating system updates or security patches. Apple this week released a new version of its macOS and updates to iOS and iPadOS.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.