TechRisk In the News

Below is a short list of technology events that highlight the different impacts an event can have on a company and the need for better technology risk management.


Georgia Hospital and "suspicious network activity"

 

According to a statement posted on St. Joseph's/Candler's Facebook page, hospital officials became aware of "suspicious network activity" and immediately shut down their computer systems to limit the incident's potential impact. A preliminary investigation determined that the incident involved ransomware.

The hospital system added that law enforcement had been alerted and that it would notify patients if personal or health information was accessed during the incident.  

"Nothing is more important to us than continuing to provide the care our patients expect," the statement continued. "Patient care operations continue at our facilities using established back-up processes and other downtime procedures. Our physicians, nurses and staff are trained to provide care in these types of situations and are committed to doing everything they can to mitigate disruption and provide uninterrupted care to our patients."

SolarWinds hack could have been deterred by simple security measures.

 

The SolarWinds hack, one of the largest cybersecurity incidents in U.S. history, may have been deterred or minimized if basic security measures had been put in place, a top government official acknowledged earlier this month.

In a June 3 letter to Sen. Ron Wyden (D-Ore.) provided to The Hill on Monday, Cybersecurity and Infrastructure Security Agency (CISA) acting Director Brandon Wales agreed with Wyden’s question over whether firewalls placed in victim agency systems could have helped block the malware virus used in the SolarWinds attack. 

“CISA agrees that a firewall blocking all outgoing connections to the internet would have neutralized the malware,” Wales wrote. 

Colonial Pipeline Ransomware Attack

 

The Department of Justice (DOJ) has managed to recover part of the ransom paid to the criminal hacking group believed to be responsible for the attack on the Colonial Pipeline, which disrupted a major supply of fuel to the East Coast for roughly a week in May.

Deputy Attorney General Lisa O. Monaco announced on June 7 that the DOJ, through its new Ransomware and Digital Extortion Task Force, was able to recover about 64 of the 75 bitcoins paid to the attackers by “following the money” — even though the money was in difficult-to-trace cryptocurrency. Once it knew the address of the hackers’ wallet, it was able to get a court order to seize the funds in it. The FBI apparently had the digital key needed to open the wallet. How it got that access has not been made public. The seizure is a rare example of ransomware payments being recovered.

The billion dollar bewail: Citibank cannot recover $900 million inadvertently wired to lenders.

 

In what most will find a shocking and unjust ruling, on February 16, 2021, Judge Furman of the United States District Court for the Southern District of New York ruled in In re Citibank August 11, 2020 Wire Transfers that Citibank could not recover $900 million that all parties and the Court acknowledge it inadvertently wired to lenders.

Citibank, which was acting as the cosmetic company Revlon’s loan agent, intended to send $8 million in interest payments to Revlon’s lenders. Instead, Citibank accidentally wired a total of $900 million to a group of 10 asset managers (whose clients received more than half of the $900 million payment) and other creditors behind a 2016 syndicated term loan to Revlon. The next day, Citibank advised the lenders of its mistake and asked that the money erroneously wired be returned. About $400 million was returned, but the recipients of the remaining $500 million refused to return those funds. Citibank sued to recover the money.

Now, we finally know the cost of a data breach. And it’s HUGE!

 

Everyone knows corporate data breaches can be expensive, but does anyone really know exactly how expensive? Recent estimates for the average cost have landed all over the map, ranging from $4 million to $7 million. But when it comes to the top end of the scale, those appraisals turn out to be laughably small.

British Airways system outage 'caused by IT worker accidentally switching off power supply’

 

A power outage at British Airways that disrupted tens of thousands of people’s travel plans last weekend plunging hubs Heathrow and Gatwick into chaos, was reportedly caused by a staff blunder.

According to The Times, a power supply unit at the centre of the outage was in perfect working order and was deliberately shut down which triggered the disturbance. The paper reported that an investigation of the episode will therefore likely focus on human error.

RushCard is being fined and forced to pay millions in restitution to customers.

 

NEW YORK (AP) — RushCard, the debit card company founded by hip-hop mogul Russell Simmons, is being fined and forced to pay millions in restitution to customers that were affected by a 2015 outage that cut users off from their money.

In 2015, RushCard decided to change its payment processing company to MasterCard. Typically a routine software change, the upgrade was handled improperly, resulting in a system-wide failure of RushCard's payment processing and deposit accepting systems.

Tens of thousands of RushCard users — a significant number of them poor, minority customers without bank accounts — were suddenly cut off from their paychecks. The outage lasted for days, and, for some people, weeks. RushCard customers told stories, often through social media, about how they were unable to purchase basic necessities because all of their money was tied up in RushCard.

The homepage for the digital site of the Wall Street Journal experienced technical difficulties on Wednesday.

 

The technical glitch came at almost the same that the New York Stock Exchange halted trading due to its own "technical issue," which was a major story for the news outlet.

At approximately 11:45 a.m. on Wednesday the homepage for WSJ.com presented an error page that read "oops, 504! Something did not respond fast enough, that's all we know..."  Soon after the homepage returned, but with a temporary homepage design.

Trading resumes on NYSE after nearly 4-hour outage

 

Trading finally resumed at 3:10pm ET. It's been a rough day for stocks. The Dow shed 261 points (about 1.5%), mostly because of China's stock market plunge and ongoing fears about Greece, although the NYSE "glitch" didn't help investor confidence.

"Given the global paradigm of what's going on in the EU, Greece, China, this is the last thing that the U.S. equity markets need," said Peter Kenny, chief market strategist at the Clear Pool Group, a financial technology firm. Kenny worked on the NYSE floor for 25 years.

United flights resume after computer problem

 

United issued a statement saying it suffered from "a network connectivity issue this morning," and apologized to customers for any inconvenience. It said that 4,900 flights were impacted by the problem worldwide.

Later Wednesday, Homeland Security chief Jeh Johnson assured the public that United's outage was not connected to a computer problem that disrupted trading at the New York Stock Exchange. The airline official also said "there was no hacking whatsoever" in the United outage.

"I have spoken to the CEO of United myself," he said, "and it appears that the malfunctions from United and New York Stock Exchange were not the result of any nefarious actor."

A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever

 

AMID ALL THE noise the Sony hack generated over the holidays, a far more troubling cyber attack was largely lost in the chaos. Unless you follow security news closely, you likely missed it.

I'm referring to the revelation, in a German report released just before Christmas (.pdf), that hackers had struck an unnamed steel mill in Germany. They did so by manipulating and disrupting control systems to such a degree that a blast furnace could not be properly shut down, resulting in "massive"---though unspecified---damage.

2011 PlayStation Network outage

 

The 2011 PlayStation Network outage (sometimes referred to as the PSN Hack) was the result of an "external intrusion" on Sony's PlayStation Network and Qriocity services, in which personal details from approximately 77 million accounts were compromised and prevented users of PlayStation 3 and PlayStation Portable consoles from accessing the service. The attack occurred between April 17 and April 19, 2011, forcing Sony to turn off the PlayStation Network on April 20. On May 4, Sony confirmed that personally identifiable information from each of the 77 million accounts had been exposed. The outage lasted 23 days.

At the time of the outage, with a count of 77 million registered PlayStation Network accounts, it was one of the largest data security breaches in history. It surpassed the 2007 TJX hack which affected 45 million customers. Government officials in various countries voiced concern over the theft and Sony's one-week delay before warning its users.

Polish teen derails tram after hacking train network

 

A Polish teenager allegedly turned the tram system in the city of Lodz into his own personal train set, triggering chaos and derailing four vehicles in the process. Twelve people were injured in one of the incidents.

The 14-year-old modified a TV remote control so that it could be used to change track points, The Telegraph reports. Local police said the youngster trespassed in tram depots to gather information needed to build the device. The teenager told police that he modified track setting for a prank.

"He studied the trams and the tracks for a long time and then built a device that looked like a TV remote control and used it to manoeuvre the trams and the tracks," said Miroslaw Micor, a spokesman for Lodz police.

The Mars Climate Orbiter Disaster

 

The Mars Climate Orbiter was a small space probe launched on December 11, 1998, by NASA to enter Martian orbit and both study the atmosphere of the Red Planet and provide valuable insight into its climate and any surface changes that might occur. The launch went as planned, and the probe traveled toward Mars with seemingly no issues, but unknown to the mission control team on Earth, the spacecraft was being put on a trajectory that would lead to the failure of the mission.

The orbiter was being navigated by various teams of people—some who used metric units, and others who used imperial units. Due to this simple conversion error—and the misconfiguration of the computer systems on the part of Lockheed—a course correction sent the Mars Climate Orbiter far too close to the planet, and it was likely violently burned up and destroyed in the atmosphere.