Cyber Security Today, Nov. 15, 2021 – Cyberattack hits Ottawa medical clinic, FBI email server hacked, and a record DDoS attack

Cyberattack hits Ottawa medical clinic, FBI email server hacked, and a record DDoS attack.

Welcome to Cyber Security Today. It’s Monday, November fifteenth. I’m Howard Solomon, contributing author on cybersecurity for


An Ottawa medical clinic has been struck by a cyberattack that knocked out its IT methods. The sufferer is the Rideau Valley Health Centre. A message on its website says, “Unfortunately the incident is past our management, and has additionally affected different events.” Not solely can’t sufferers’ information be accessed the clinic’s telephone system has been affected, that means employees are having bother answering calls. So far, the web site says, there isn’t a proof affected person info has been accessed or compromised. Most docs are seeing already scheduled appointments. But the clinic might not be capable of slot in pressing care. Patients might must go to a different walk-in clinic, or a hospital.

IT professionals have been alarmed Saturday when a message despatched from an FBI server warned 100,000 people who information from their corporations had been exfiltrated in a cyber attack. But those that carefully learn the message realized from its wording that this was a rip-off. Someone had accessed an FBI email service for mischief. And the aim? Likely to embarrass cybersecurity skilled Vinny Troia. The email message blamed Troia for the supposed hack. The cyber news site The Record pointed out that Troia wrote a e-book about a hacking group referred to as TheDarkishOverlord. Someone began a smear marketing campaign after that, together with hacking Troia’s web site and Twitter account. The pretend FBI email seems to be one other a part of this marketing campaign.

However, cybersecurity reporter Brian Krebs interviewed a particular person taking credit score for the hack. The aim, this particular person mentioned, was to indicate a vulnerability within the FBI’s IT system. The email server that was hacked was linked to a non-public portal for regulation enforcement companies and intelligence teams. Anyone wanting to make use of it wanted to fill out a web-based kind for permitted entry. They’d then get an email message with a one-time passcode for affirmation. But the particular person Krebs interviewed mentioned the portal’s web site leaked the one-time passcode. The attacker took benefit. Once they’d permitted entry they have been in a position to make use of it to ship out the mischievous email. If true there’s a lesson for web site builders.

Over a week in the past I informed you that distributed denial of service assaults are rising. Here’s an replace: DDoS mitigation provider Cloudflare said that final week it blocked the most important denial of service attack it’s seen. It peaked at just under 2 terabytes of knowledge per second. The total attack, which lasted one minute, was powered by 15,000 compromised internet-connected units and servers chained collectively in a botnet. By the best way, a few of these compromised servers are operating unpatched variations of the GitHub open-source software program improvement suite. Owners of these compromised units normally don’t know they’re the unwitting device of hackers. Denial of service assaults are used to threaten organizations, in addition to to cover cyber assaults. They are another excuse why organizations and people have to verify their software program and {hardware} are operating the most recent safety updates so that they aren’t inadvertently being utilized by attackers.

Crooks have some ways of utilizing email to hack into corporations. Malicious attachments and hyperlinks in messages are one. Another is hiding malicious hyperlinks in email code. A security company called Avanan recently discovered the most recent model of this trick: Writing malicious hyperlinks in a tiny font. A common font dimension is 12 factors. But hackers have been just lately seen decreasing sure code to 1 level in dimension. That method the unhealthy hyperlink within the message gained’t be seen by email filters that search for malicious hyperlinks. Tactics like this are referred to as obfuscation. The Avanan report notes the scams it’s seen utilizing this trick are sending messages to Microsoft 365 customers asking them to click on on a hyperlink to reset their password. The hyperlink, in fact, goes to a pretend web page. Victims who reset their passwords there are giving them away to the crooks. IT employees have to make sure their email scanning packages can detect obfuscation techniques.

That’s it for now Remember hyperlinks to particulars about podcast tales are within the textual content model at That’s the place you’ll additionally discover different tales of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing in your good speaker.

Related Posts