Results 1 to 23 of 23
  1. #1
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    It's been nearly two weeks since the City of Baltimore's networks were shut down in response to a ransomware attack, and there's still no end in sight to the attack's impact. It may be weeks more before the city's services return to something resembling normal—manual workarounds are being put in place to handle some services now, but the city's water billing and other payment systems remain offline, as well as most of the city's email and much of the government's phone systems.

    The ransomware attack came in the midst of a major transition at City Hall. Mayor Bernard C. “Jack” Young assumed office officially just days before the attack, after the resignation of former mayor Catherine Pugh, who is facing an ever-expanding corruption investigation. And some of the mayor's critical staff positions remained unfilled—the mayor's deputy chief of staff for operations, Sheryl Goldstein, starts work today.


    To top it off, unlike the City of Atlanta—which suffered from a Samsam ransomware attack in March of 2018—Baltimore has no insurance to cover the cost of a cyber attack. So the cost of cleaning up the RobbinHood ransomware, which will far exceed the approximately $70,000 the ransomware operators demanded, will be borne entirely by Baltimore's citizens.
    https://arstechnica.com/information-...-consequences/

  2. #2
    Veteran SpursforSix's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jul 2015
    Post Count
    21,158
    I'd take a hard look at Marlo Stanfield.

  3. #3
    4-25-20 Will Hunting's Avatar
    My Team
    Boston Celtics
    Join Date
    Jun 2009
    Post Count
    22,310
    I'd take a hard look at Marlo Stanfield.
    I think it’s The Greek trying to get his shipments in through the Port Authority.

  4. #4
    Savvy Veteran spurraider21's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Apr 2012
    Post Count
    96,026
    I think it’s The Greek trying to get his shipments in through the Port Authority.
    Bubbles stepping his game up imo

  5. #5
    Still Hates Small Ball Spurminator's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jun 2003
    Post Count
    37,144

  6. #6
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425



  7. #7
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    The U.S. Transportation Department issued an emergency order in response to the Colonial Pipeline ransomware incident on Sunday; the move allows backed-up inventories of oil and fuel that are sitting in tanks and refineries in Texas and other parts of the country to be transported to New York more quickly via trucks while the pipeline is offline by easing restrictions on drivers.


    The emergency move, initially reported by the BBC, eases restrictions on the hours that truck drivers can work. The BBC had initially reported that the government issued a waiver to the Jones Act, which requires that goods shipped between U.S. ports be carried on U.S.-built and -owned ships — that is, vessels that are built, owned and operated by U.S. citizens or permanent residents. ...

    Separately, Bloomberg provided new information about the ransomware incident: the attackers stole nearly 100GB of data from Colonial Pipeline before locking some of its computers and servers and demanding a ransom. The attackers have threatened to publish the data online if Colonial doesn’t pay the ransom.

    Colonial published an update to its web site on Sunday saying that it has put small parts of the pipeline back in service, but the mainlines are still offline.
    https://zetter.substack.com/p/biden-...e-of-emergency

  8. #8
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    A source who works for a large midstream oil company that feeds fuel into Colonial’s pipeline told Zero Day that the control systems for his company’s tank farms connect directly to control systems at Colonial Pipeline and that as soon as they learned about the ransomware incident on Saturday, they disconnected those systems to prevent the ransomware from traveling to their systems from Colonial’s networks.


    He told Zero Day that his company has had to scramble to figure out what to do with the oil and fuel they have sitting in tanks and that they have received no word from Colonial about when the pipeline will be back online.


    “We had a big batch scheduled today [to go to Colonial],” he told Zero Day. Instead they have to figure out other storage options for the fuel or reduce capacity in the refineries feeding the tanks. They also have to keep the material in the tanks moving with mixers or it will “stratify and affect product quality,” he said.


    His company was told that Colonial’s main pipelines would “not be fixed in 1-2 days, but won’t take six weeks.” He’s not sure why Colonial would provide such a wide-ranging time period but said it’s “very concerning for our interests.”
    “We gotta find storage for refineries [and we] might run out [of storage] it takes too long. Then refineries [will have to] cut back. Problem escalates,” he said.

  9. #9
    Believe. MultiTroll's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jun 2011
    Post Count
    22,802
    aka complete bull by the oil and gas pigs to inflate prices?

  10. #10
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    The source who works for the midstream oil company told Zero Day that one reason Colonial might still be keeping the pipelines offline — in addition to needing to add security measures to it — is because “something they need for [restarting] the pipeline is ransomed.”


    He thinks this could be the automated ticketing system for billing customers, which is on the corporate IT network that was hit with the ransomware. If that system is locked, Colonial can’t invoice customers automatically, he said.

  11. #11
    Veteran SpursforSix's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jul 2015
    Post Count
    21,158
    aka complete bull by the oil and gas pigs to inflate prices?
    Doubtful. Seems like this would negatively impact oil demand.

  12. #12
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425

  13. #13
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    DC police now

    A Russian-speaking ransomware syndicate that stole data from the Washington, D.C., police department says negotiations over payment have broken down and it will release sensitive information that could put lives at risk if more money is not offered.
    https://apnews.com/article/police-te...78d5b88d4ff44b

  14. #14
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    serious doxxing


  15. #15
    Savvy Veteran spurraider21's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Apr 2012
    Post Count
    96,026
    leading to gas shortages in the southeast, too. but unfortunately, much like the toilet paper fiasco of 2020, most of the problems are being caused by people panic-buying and hoarding. a lot of reports of people filling extra canisters with gas in recent days, etc

    North Carolina has it particularly bad, but VA is no picnic, and most of the gas stations in our area are having shortages too. we have ~1/2 tank full in both our cars, and i work from home, so im going to hold off as long as i can before scouring gasbuddy to find a place to fill up

  16. #16
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    crime pays


  17. #17
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    DC Police files hacked


  18. #18
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    Washington D.C. gas shortage reaches critical level

    Just 12% of gas stations in the US capital still have fuel for sale, after cybercriminals forced a shutdown of the nation's largest gasoline pipeline.


    Gasoline deliveries were being made in all of its markets but it would take "several days" to return to normal, Colonial stated.

    Energy Secretary Jennifer Granholm pleaded with drivers not to hoard fuel.

    "Really, the gasoline is coming,'' she said. "If you take more than what you need, it becomes a self-fulfilling prophecy in terms of the shortages," she said.

  19. #19
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425

  20. #20
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425

  21. #21
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    If meat packing wasn’t an oligopoly (JBS is ~20% of global processing) this wouldn’t be such a big deal.

    /

  22. #22
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425
    The software in question, Kaseya VSA, is popular among so-called managed service providers, which provide IT infrastructure for companies that would rather outsource that sort of thing than run it themselves. Which means that if you successfully hack an MSP, you suddenly have access to its customers. It’s the difference between cracking safe-deposit boxes one at a time and stealing the bank manager’s skeleton key.
    So far, according to security company Huntress, REvil has hacked eight MSPs. The three that Huntress works with directly account for 200 businesses that found their data encrypted Friday. I
    “This is SolarWinds, but with ransomware,” says Brett Callow, a threat analyst at antivirus company Emsisoft. “When a single MSP is compromised, it can impact hundreds of end users. And in this case it seems that multiple MSPs have been compromised, so …”



    BreachQuest's Williams says that REvil appears to be asking victim companies for the equivalent of roughly $45,000 in the cryptocurrency Monero. If they fail to pay within a week, the demand doubles. Security news site BleepingComputer reports that REvil has asked some victims for $5 million for a decryption key that unlocks “all PCs of your encrypted network,” which may be targeted to MSPs specifically rather than their clients.
    https://www.wired.com/story/kaseya-s...e-attack-msps/

  23. #23
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    89,425

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •