Free Republic

The hacking of a UnitedHealth affiliate is a symptom of consolidation within the health care sector, and it’s likely to get even worse.In a bid to win reelection, the Biden administration keeps trying to sell the country on all the supposed benefits of Obamacare. Before continuing their sales campaign, they might want to check in with the doctors’ offices struggling to make payroll.For over a month, the multitrillion-dollar health care sector has had to respond to a hack on a payment processor owned by UnitedHealthGroup, the nation’s largest insurer. Axios reported that hospitals, doctors, medical equipment suppliers, and pharmacies are...

It's nationwide knowledge that in early May the Colonial Pipeline company suffered a severe cyberattack that shut down its pipeline connecting Texas to the East Coast. On June 1, JBS Foods suffered another crippling cyberattack. According to industry estimates, JBS controls 20 percent of the slaughtering capacity for American cattle and hogs. The JBS attack also generated headlines. The FBI and security officials believe two criminal organizations conducted the attacks. Their names sound a bit like those of the sinister super gangs found in James Bond novels. However, these gangs aren't fiction nor are their crimes. A crime group called...

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents published by the crime gang suggest a total leak of the Fulton County data could put lives at risk and jeopardize a number of other...

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.

About 60 credit unions in the US are experiencing outages because of a ransomware attack on an IT provider the credit unions use, a federal agency said Friday. The National Credit Union Administration (NCUA), the agency that insures deposits at federally insured credit unions, said in a statement to CNN that it was “coordinating with affected credit unions” in the wake of the hack. The full extent of the outage and its impact on credit unions was unclear Friday evening. One of the affected credit unions, New York-based Mountain Valley Federal Credit Union, said that technicians from the hacked IT...

San Bernardino County paid a $1.1 million ransom to hackers who infiltrated the Sheriff's Department computers, officials acknowledged Friday. Last month, the department admitted a hack encrypted many of its files, disrupting systems and blocking access to data. County officials told ABC News on Friday that the county carries insurance for such attacks and its share of the ransom came out to just over $511,000. After negotiating with the hackers, the insurance company and county agreed to pay to restore the system to its full functionality and secure data.

The City of Dallas confirmed that a ransomware attack compromised a number of servers in its system, including the Dallas Police Department's website. Late Monday morning, CBS News Texas' J.D. Miles reported that the outage impacted the department's computer assisted dispatch system, called CAD, which directs police to emergencies and other calls. The issue forced 911 call takers to manually write down instructions for the responding officers, who were only able to respond through their phones and radios. CBS News Texas obtained an image the ransomware note. The hackers claim that they encrypted the city's critical data, and threatened to...

The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including ransomware actors. In its announcement, the FBI says the operation was carried out with the help of the Virtual Currency Response Team, the National Police of Urkaine, and legal prosecutors in the country. The nine websites and their servers seized in this operation are: 24xbtc.com 100btc.pro pridechange.com 101crypta.com uxbtc.com trust-exchange.org bitcoin24.exchange paybtc.pro owl.gold Visiting any of these domains today displays the seizure banner below, alternating its message between Russian and English. [Banner behind the article link above.] The seized sites...

A major ransomware attack compromised a host of sensitive information held by the US Marshals Service, including details about potential targets of investigations and employees of the federal law enforcement agency. The cyberattack was discovered in “a stand-alone USMS system” on Feb. 17 and prompted a forensic investigation by the Department of Justice, said Drew Wade, a spokesperson for the Marshals Service. On Feb. 22, officials from the Marshals Service briefed investigators from the DOJ, who determined the breach was a “major incident” that affected an array of sensitive law enforcement information. “The affected system contains law enforcement sensitive information,...

Flights are grounded all across the USA… but why? Everybody knows the proximate cause, but is there a deeper rot at the FAA and our Department of Transportation? You bet! “How could the FAA leave all US domestic flights grounded for the first time since the 9/11 terror attacks?” is the obvious question, after Wednesday’s hot mess at the FAA. Under Transportation Secretary Pete Buttigieg, a better question might be, “Yes, but were flights grounded with diversity, equity, and inclusion?” Because DEI is exactly where Buttigieg’s priorities lie — not with the vital business of keeping our transportation infrastructure operating....

UPDATED Rackspace has admitted a ransomware infection was to blame for the days-long email outage that disrupted services for customers. The security snafu took down some of Rackspace's hosted Microsoft Exchange services on Friday afternoon [12/02/2022]. In its most recent update, posted at 0826 Eastern Time on Tuesday [12/06/2022], Rackspace said it has now "determined this suspicious activity was the result of a ransomware incident," and has hired a "leading cyber defense firm to investigate." The company hasn't yet determined what customer data was touched. "If we determine sensitive information was affected, we will notify customers as appropriate," it added.

Payment-seeking software made by Russian hackers was used in three quarters of all the ransomware schemes reported to a US financial crime agency in the second half of 2021, a Treasury Department analysis released on Tuesday (Nov 1) showed. In analysis issued in response to the increase in number and severity of ransomware attacks against critical infrastructure in the United States since late 2020, the US Financial Crimes Enforcement Network (FinCEN) said it had received 1,489 ransomware-related filings worth nearly US$1.2 billion in 2021, a 188 per cent jump from the year before. Out of 793 ransomware incidents reported to...

...Deputy Attorney General Lisa Monaco said investigators had seized 63.7 Bitcoins, now valued at about $2.3 million, paid by Colonial (COLPI.UL) after last month's hack of its systems that led to massive shortages at U.S. East Coast gas stations....An affidavit filed on Monday said the FBI was in possession of a private key to unlock the hackers' Bitcoin wallet. It was unclear how the FBI gained access to this key...."Today, we've turned the tables on DarkSide," said Monaco, referring to a ransomware group widely believed to have been behind the crippling fuel pipeline attack.

Among many claimed benefits, cryptocurrencies supposedly offer two significant benefits over fiat currencies: 1) autonomy and 2) discretion. This past week, the U.S. federal government took them both down. The U.S. Department of Justice issued a press statement that it had seized $2.3 million in cryptocurrency. The seizure was the result of the FBI's Colonial Pipeline investigation. As a reminder, Colonial Pipeline, the U.S.'s largest pipeline for refined oil products, was the victim of a cyberattack. Against the U.S.'s wishes and policies, Colonial Pipeline paid millions in ransom to retake control of the pipeline. According to the FBI, they had...

Hackers crippled computer networks across multiple government agencies, including the Finance MinistryCosta Rica has declared a state of emergency after ransomware hackers crippled computer networks across multiple government agencies, including the Finance Ministry. The official declaration, published on a government website Wednesday, said that the attack was “unprecedented in the country” and that it interrupted the country’s tax collection and exposed citizens’ personal information. The hackers initially broke into the Finance Ministry on April 12, it said. They were able to spread to other agencies, including the Ministry of Science, Technology and Telecommunications and the National Meteorological Institute. Leon Weinstok,...

One of the world’s top manufacturers and distributors of agricultural equipment announced Thursday that a ransomware attack impacted operations. Duluth, Georgia-based AGCO Corp. released a statement that some of its manufacturing plants have slowed production for several days because of a ransomware attack. “AGCO is still investigating the extent of the attack, but it is anticipated that its business operations will be adversely affected for several days and potentially longer to fully resume all services depending upon how quickly the Company is able to repair its systems,” AGCO’s statement read. AGCO has an extensive portfolio of machines and equipment manufacturers...

Ransomware. I got this email. I donated to some Republican politicians and someone sold my email address. I get about 100 emails a day asking for donations. Well the ransomware crooks got my email address. These crooks do not know that my operating system is Linux Mint on a home built computer from parts. I have no camera or microphone. I would like to report this to the FBI, but do not know how. Is there a way to track down the crooks by using their Bitcoin wallet and address. The email uses my address as the 'sent from' address....

Toyota Motor on Tuesday halted operations at all of its plants in Japan after a major supplier was hit by a cyberattack, disrupting the automaker's parts supply management system. The company is suspending 28 lines at 14 plants. Subsidiaries Hino Motors and Daihatsu Motor will also halt operations at some plants in Japan on Tuesday. The announcement that operations would be halted came on Monday, confirming an earlier Nikkei report. The automakers are still determining whether they will be able to return to normal operations after Wednesday. The shutdown will affect production of around 13,000 vehicles, or 4% to 5%...

One of the most prolific families of ransomware now has additional Linux and VMware ESXi variants that have been spotted actively targeting organisations in recent months.Analysis by cybersecurity researchers at Trend Micro identified LockBit Linux-ESXi Locker version 1.0 being advertised on an underground forum. Previously, LockBit ransomware – which was by far the most active ransomware family at one point last year – was focused on Windows.LockBit has a reputation as one of the most sneaky forms of ransomware. And now the Linux and VMware ESXi variant means that the ransomware could potentially spread itself even further, encrypting a wider...

Kronos, a human resources giant, says it suffered a ransomware attack that may keep its systems offline for weeks and will likely impact how its customers issue paychecks and track hours worked. Many large employers are scrambling to set up temporary systems to keep workers paid, including writing paper checks for potentially thousands of employees. The companies affected by the Kronos ransomware hack are now working on finding backup plans to ensure their employees get paid, which includes issuing paper checks, according to a report by NPR. Many of Kronos’ customers include municipal governments, university systems and large corporations. Dozens...