WEATHER ALERT
Casting a wide intrusion net: Dozens burned with single hack
Read full article: Casting a wide intrusion net: Dozens burned with single hackMuch like the SolarWinds hacking campaign, the hack of dozens of Accellion customers on at least four continents suggests both government and the private sector have been falling far short in a digital age core mission: Protecting sensitive data. France suffered a similar hack, blamed by its cybersecurity agency on Russian military operatives, that also gamed the supply chain. The Accellion hack was different in one key respect: Its file-transfer program resided on victims’ networks either as a stand-alone appliance or cloud-based app. Too often, software companies with hundreds of programmers have just one or two security people, said Katie Moussouris, CEO of Luta Security. AdCybersecurity threat analysts hope the snowballing of supply-chain hacks stuns the software industry into prioritizing security.
Hacked software provider won't say if ransomware involved
Read full article: Hacked software provider won't say if ransomware involvedAn updated statement on Tyler's webpage did not address whether ransomware may have been involved. Customers' use of Tyler products for election data reporting appears limited. Nashville's information technology director said the city uses a Tyler “open-data” product, Socrata, to post unofficial election night results, among other uses. Tyler said Socrata data is hosted on Amazon Web Services, not on the network that was hacked. Hanna Pickering, director of information technology in Portland, Maine, said the city uses Tyler platforms for payroll, permitting, city inspections, city planning and human resources, among other things.