Cyber Security News Update 2/16/2018

A group of hackers managed to steal $339.5 Million roubles, or $6 Million USD, from a Russian bank via their messaging system. The SWIFT messaging system is used for the wire transfer of money, and there have been various hacking attempts before this one. SWIFT hacks and Jackpotting ATM’s is a common attack in Russia and in other parts of the world as well. Jackpoting an ATM involves setting it to the factory settings and getting the ATM to freely dispense the money stored inside. Some ATM’s never get their passwords changed from the factory default, which leaves them very vulnerable to hacking and disruption. This isn’t the largest amount of money stolen from a bank via SWIFT transfer, that dubious honor goes to an Indian bank that had $81 Million in USD stolen. The attacks rely on a variety of methods such as hacking into the SWIFT portal used by banks, gaining administrator rights through phishing or social engineering attacks, physically tampering with bank devices to gain access or implant malware. There is a new security framework in play now, a mandatory compliance to 16 security protocols for all banks using the SWIFT messaging system. These controls include constant monitoring and multi-factor authentication for transfers and access. These sort of controls are normally required for normal business operations, but they weren’t for banks to transfer money.
Source: Hackers pilfered $6M from Russian central bank

Local officials in Davidson County, FL are dealing with a successful hack of their systems. Currently employees are locked out of their official computers due to a piece of ransomware that made it into their system. Reportedly 70 out of the 90 servers used to store personal and private data of the residents and companies in Davidson have been infected by the ransomware. The ransomware has shutdown the 911 Center, EMS Services, and the Sheriff’s office; all of these groups are important for maintaining the health and safety of the residents. The FBI is currently investigating the attack and is lending its support to the local teams that are trying to remove the virus. The longer the virus remains in play, the more servers it might infect and Davidson officials are apparently weighing the cost of paying the ransom vs being unable to access their computer systems. This is not the first Florida county to fall victim to an attack like this, Mecklenburg County was also infected with ransomware. Their systems weren’t backed up properly and it took them nearly a month before they achieved normal operations again.
Source: Davidson County officials investigating ‘major’ cybersecurity breach

The White House is looking at leveling penalties against Russia for its role in recent cyber attacks against the United States and abroad. Specifically, the White House is looking at Russia’s involvement in the NotPetya attack that became a world-wide cyber-epidemic. While the United States has also accused North Korea of being complicit in the attack, as well as several other cyber attacks, it would seem the White House has decided that blame ultimately rests with Russia. The White House has yet to release what sort of sanctions or punishments will be levied against Russia.
Source: US will impose costs on Russia for cyber ‘acts of aggression,’ White House cybersecurity czar says