Computer Security

Subterms

    More stories

    • 138 Shares169 Views

      in Elections

      The Aftermath of a U.K. Cyberattack: Blood Shortages and Delayed Operations

      by

      Several London hospitals, still reeling from a cyberattack last week, have made an urgent plea to medical students to help stem the disruption.Several London hospitals, still under significant strain more than a week after a cyberattack crippled services, have asked medical students to volunteer to help minimize disruption, as thousands of blood samples have had to be discarded and operations postponed.The ransomware attack on Synnovis, a private firm that analyzes blood tests, has crippled services at two major National Health Service hospital trusts, Guy’s and St. Thomas’ and King’s College, which described the situation as “critical.”According to a memo leaked in recent days, several London hospitals asked medical students to volunteer for 10- to 12-hour shifts. “We urgently need volunteers to step forward and support our pathology services,” said the message, which was reported earlier by the BBC. “The ripple effect of this extremely serious incident is felt across various hospital, community and mental health services in our region.”The attack also disrupted blood transfusions, and the N.H.S. appealed to the public this week for blood donors with O-negative blood types, which can be used in transfusions for any blood type, and O-positive blood types, which is the most frequently occurring blood type, saying it could not match patients’ blood at the same frequency as usual.While the N.H.S. has declined to comment on which group was suspected of carrying out the attack, Ciaran Martin, a former head of British cybersecurity, told the BBC last week that a Russian cybercriminal group known as Qilin was most likely the perpetrator. Synnovis said last week in a statement that it was working with the British government’s National Cyber Security Center to understand what had happened.Synnovis, in an email sent Monday to primary health providers, said that thousands of blood test samples would probably have to be destroyed because of the lack of connectivity to electronic health records. In a statement on Wednesday, Synnovis said that the I.T. system had been down for too long for samples taken last week to be processed.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 100 Shares99 Views

      in Elections

      Ticketmaster Confirms Data Breach. Here’s What to Know.

      by

      The hacking group ShinyHunters has claimed responsibility for stealing the user information of more than 500 million Ticketmaster customers.Ticketmaster confirmed in a federal filing on Friday that it was investigating a data breach after a hacking group known as ShinyHunters claimed responsibility for stealing the information of more than 500 million Ticketmaster customers.In the filing, with the U.S. Securities and Exchange Commission, Ticketmaster’s parent company, Live Nation Entertainment, said it had “identified unauthorized activity within a third-party cloud database environment.”Who is behind the breach?ShinyHunters, a hacker group believed to have been formed around 2020, is believed to have been behind the breach.Brett Callow, a threat analyst with the cybersecurity company Emsisoft, said it was a “credible threat actor,” though not much more was known about the group.Its chief aim appears to be to obtain personal records and sell them.Its past victims have included Microsoft and AT&T, among dozens of other companies in the United States and elsewhere, according to federal prosecutors.In March, AT&T confirmed a breach in a news release and said it had affected roughly 70 million past or present customers.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 138 Shares139 Views

      in Elections

      Taiwan, on China’s Doorstep, Is Dealing With TikTok Its Own Way

      by

      The island democracy was early to ban TikTok on government phones, and the ruling party refuses to use it. But a U.S.-style ban is not under consideration.As it is in the United States, TikTok is popular in Taiwan, used by a quarter of the island’s 23 million residents.People post videos of themselves shopping for trendy clothes, dressing up as video game characters and playing pranks on their roommates. Influencers share their choreographed dances and debate whether the sticky rice dumplings are better in Taiwan’s north or south.Taiwanese users of TikTok, which is owned by the Chinese internet giant ByteDance, are also served the kind of pro-China content that the U.S. Congress cited as a reason it passed a law that could result in a ban of TikTok in America.One recent example is a video showing a Republican congressman, Rob Wittman of Virginia, stoking fears that a vote for the ruling party in Taiwan’s January election would prompt a flood of American weapons to aid the island democracy in a possible conflict with China, which claims it as part of its territory. The video was flagged as fake by a fact-checking organization, and TikTok took it down.About 80 miles from China’s coast, Taiwan is particularly exposed to the possibility of TikTok’s being used as a source of geopolitical propaganda. Taiwan has been bombarded with digital disinformation for decades, much of it traced back to China.But unlike Congress, the government in Taiwan is not contemplating legislation that could end in a ban of TikTok.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 125 Shares189 Views

      in Elections

      Biden Bans Chinese Bitcoin Mine Near U.S. Nuclear Missile Base

      by

      An investigation identified national security risks posed by a crypto facility in Wyoming. It is near an Air Force base and a data center doing work for the Pentagon.President Biden on Monday ordered a company with Chinese origins to shut down and sell the Wyoming cryptocurrency mine it built a mile from an Air Force base that controls nuclear-armed intercontinental ballistic missiles.The cryptomining facility, which operates high-powered computers in a data center near the F.E. Warren base in Cheyenne, “presents a national security risk to the United States,” the president said in an executive order, because its equipment could be used for surveillance and espionage.The New York Times reported last October that Microsoft, which operates a nearby data center supporting the Pentagon, had flagged the Chinese-connected cryptocurrency mine to the federal Committee on Foreign Investment in the United States, warning that it could enable the Chinese to “pursue full-spectrum intelligence collection operations.” An investigation by the committee identified risks to national security, according to the president’s order.The order did not detail those risks. But Microsoft’s report to the federal committee, obtained last year by The Times, said, “We suggest the possibility that the computing power of an industrial-level cryptomining operation, along with the presence of an unidentified number of Chinese nationals in direct proximity to Microsoft’s Data Center and one of three strategic-missile bases in the U.S., provides significant threat vectors.”Now, the mine must immediately cease operations, and the owners must remove all their equipment within 90 days and sell or transfer the property within 120 days, according to the order, which cites the risks of the facility’s “foreign-sourced” mining equipment. A vast majority of the machinery powering cryptomining operations across the United States is manufactured by Chinese companies.Cryptomining operations are housed in large warehouses or shipping containers packed with specialized computers that typically run around the clock, performing trillions of calculations per second, hunting for a sequence of numbers that will reward them with new cryptocurrency. The most common is Bitcoin, currently worth more than $60,000 apiece. Crypto mines consume an enormous amount of electricity: At full capacity, the one in Cheyenne would draw as much power as 55,000 homes.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 138 Shares119 Views

      in Elections

      How to Claim Your Part of a $5.6 Million Ring Settlement

      by

      The Federal Trade Commission is sending payments to customers who had certain Ring home security cameras and accounts during a particular time period, the agency said.The Federal Trade Commission said this week that some people who had bought certain home security cameras made by Ring, which is owned by Amazon, would be eligible for refunds for their purchase. The payments, totaling more than $5.6 million, are part of a settlement between Ring and the F.T.C. over claims that the company failed to protect customer accounts.Here’s what to know.What is the lawsuit about?The F.T.C. sued Ring last May, accusing the company of giving employees and contractors access to customers’ private video footage. The agency said in its complaint that Ring had used the videos to train computer algorithms without first getting customers’ consent. Ring also failed to have proper protections, which made customer accounts, videos and cameras more vulnerable to hacking, the F.T.C. said.The F.T.C. and Ring reached a settlement that month. As part of the agreement, Ring paid a settlement that would be used for customer refunds, deleted all private videos that it shouldn’t have access to, and established a privacy and security program. The F.T.C. is now using the money Ring paid to send 117,044 PayPal payments to affected customers.Ring did not immediately respond to a request for comment. But in a statement after the settlement, Ring said that it addressed issues about its security and privacy practices “well before” the F.T.C.’s lawsuit, and that the agency “mischaracterizes our security practices and ignores the many protections we have in place for our customers.”How do I find out if I am eligible for the refund?If you had a Ring account and certain types of Ring devices, such as the indoor camera models Stick Up Cam and Indoor Cam, before Feb. 1, 2018, you are eligible for a refund, according to a court order.The defendant — in this case, Ring — is typically required to provide a list of customers, their contact information and how much they paid. The F.T.C. will use the information to send payments.Eligible customers should have already received an email from the F.T.C.How much will I receive?Your payment depends on the type of Ring device you owned and the time you had your account.I got a PayPal payment from the F.T.C. How do I know if it is real?If you are eligible for a refund, you should have received an email from the agency (from the address subscribe@subscribe.ftc.gov) before Tuesday. Since payments were issued on Tuesday, you should have received another email from PayPal about the refund. You have to redeem the payment by May 22, or it will be returned to the F.T.C.If you would like the F.T.C. to send you a check instead, or have any other questions about the payment, you can speak with the refund administrator, Rust Consulting, by calling 1-833-637-4884. You can also email your request to info@ring.com. More

    • 125 Shares119 Views

      in Elections

      How Scam Calls and Messages Took Over Our Everyday Lives

      by

      Digital life is cluttered with bogus text messages, spam calls and phishing attempts. You can try to block, encrypt and unsubscribe your way out of it, but you may not succeed. Welcome to Scam World Toma Vagner Welcome to Scam World You open your eyes and grope for your phone. You check your inbox and […] More

    • 138 Shares119 Views

      in Elections

      AT&T Passcodes for Millions Are Reset After Leak of Customer Records

      by

      Nearly eight million customers and 65.4 million former account holders were affected by the data breach, the company said.The telecommunications giant AT&T announced on Saturday that it had reset the passcodes of 7.6 million customers after it determined that compromised customer data was “released on the dark web.”“Our internal teams are working with external cybersecurity experts to analyze the situation,” AT&T said. “To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history.”The company said that “information varied by customer and account,” but that it may have included a person’s full name, email address, mailing address, phone number, Social Security number, date of birth, AT&T account number and passcode.In addition to those 7.6 million customers, 65.4 million former account holders were also affected.The company said it would be “reaching out to individuals with compromised sensitive personal information separately and offering complimentary identity theft and credit monitoring services.”AT&T said it reset the passcodes for those affected and directed customers to a site with details about how to reset them. It also said that it was starting a “robust investigation supported by internal and external cybersecurity experts.”A company representative did not address specific questions about how the breach happened or why it went unnoticed for so long.TechCrunch, which first reported on the passcode reset, said it informed AT&T on Monday that “the leaked data contained encrypted passcodes that could be used to access AT&T customer accounts.”TechCrunch said it delayed publishing its article until the company “could begin resetting customer account passcodes.”In its report, TechCrunch said that “this is the first time that AT&T has acknowledged that the leaked data belongs to its customers, some three years after a hacker claimed the theft of 73 million AT&T customer records.”AT&T had previously denied a breach of its systems but how the leak happened was unclear, TechCrunch reported.AT&T said that it did not know whether the leaked data “originated from AT&T or one of its vendors” and that it “does not have evidence of unauthorized access to its systems resulting in theft of the data set.”The episode comes after AT&T customers experienced a widespread outage last month that temporarily cut off connections for users across the United States for several hours. The Feb. 22 outage affected customer in cities including Atlanta, Los Angeles and New York.At its peak, there were around 70,000 reports of disrupted service for the wireless carrier, according to Downdetector.com, which tracks user reports of telecommunication and internet disruptions.A few days later, AT&T offered customers affected by the outage a $5 credit in an effort to “make it right.” More