The Kansas City Area Transportation Authority (KCATA) is currently dealing with a ransomware attack on its IT infrastructure, which has affected the organization’s 911 service calls and communication systems. According to the latest FBI report, the attack is suspected to have been carried out by a ransomware spreading gang. Despite the disruption caused by the attack, normal bus services have not been affected. Forensic experts are actively investigating the incident to determine the full impact.
Hewlett Packard Enterprise (HPE) has also fallen victim to a cyber attack, with data being siphoned by hackers. The attack has been attributed to the Russian threat actor Cozy Bear, also known as Midnight Blizzard. This attack aimed to gather information and pressure the company for ransom. HPE’s incident response team was able to respond promptly, minimizing the financial and operational damage. The incident was reported in the SEC 8-K filing for this month.
In other news, the Securities and Exchange Commission (SEC) has amended rules for reporting cyber attacks, now requiring companies to report incidents within a 96-hour timeframe. This update, which came into effect in July 2023, obligates businesses to publicly disclose cyber attacks and share information with law enforcement promptly.
The ongoing conflict between Ukraine and Russia has taken a digital turn, with Russian-backed cyber volunteers, the National Cyber Army, launching distributed denial of service attacks on critical infrastructure in Ukraine. The targets of these attacks include power infrastructure, oil and gas supplies (Naftogaz), banks (Monobank), postal service (Ukrposhta), and transportation agencies (Ukrzaliznytsia). This escalation in cyber attacks adds to the suffering of affected populations, with leaders on both sides showing hostility towards peace talks.
In the realm of social media, Twitter has introduced passkeys for enhanced security, exclusively available to American users. This mobile security feature, currently limited to iOS devices, provides an alternative to traditional passwords. Passkeys are generated using cryptography, with public keys stored on service providers’ servers in encrypted form and private keys remaining on the user’s device for authentication.
Lastly, New York-based Equilend has faced a digital disruption following a cyber attack, initially mistaken for a technical glitch. The cyber attack coincided with the recent announcement of Equilend’s acquisition by Welsh, Carson, Anderson & Stowe. As a result, the Wall Street firm has activated its recovery team to assess the financial implications of the attack.
These cyber attacks and security breaches highlight the growing threats faced by organizations, businesses, and individuals in the digital landscape. With cyber warfare becoming increasingly prevalent, it is imperative for entities to prioritize cybersecurity measures to safeguard against such attacks and mitigate their impact.