The cities of Newark, Atlanta, and Sarasota have been hit. So have hospital systems and just this past week, one of the country's largest suppliers of beef, pork and poultry. Last month, the Colonial Pipeline from Texas to New Jersey was held hostage, leading to gas shortages all along the east coast. When the cyberattack targeted Leeds, Alabama, its mayor had no access to email, personnel files, or financial systems.
This week on 60 Minutes, correspondent Scott Pelley reports on the growing cyber threat called ransomware, a type of malware that locks up a victim's files and denies access to a computer system until money is paid with a digital currency that is hard to trace. While Pelley's report focuses on the effects of ransomware, the experts he spoke with said most attacks can be prevented.
If the computer is offline, Adobe Reader will respond with a not-so-friendly 'unknown error' and can't open the PDF. Once connected and the unlock request finally gets through, the 3rd party server verifies the login and either responds with the actual content, or exchanges a certificate to unlock the file contents for viewing. Updated Barnes and Noble tonight confirmed it was hacked, and that its customers' personal information may have been accessed by the intruders. The cyber-break-in forced the bookseller to take its systems offline this week to clean up the mess. One is from online watching hacking tutorials video and second is offline reading ethical hacking books. Here we provide you free hacking ebooks to learn hacking tricks Offline.These all hacking books are free for downloads. In this book list, you learn about how to hack, cracking the password, wifi hack and website hacking etc. The eBook reader measures only 0.3″ in width, making it one of the thinnest Kindle models you can find. It weighs only 6.4 oz so you can barely notice it in your bag, pocket, or purse. Storage Capacity. There are two versions of the Kindle Paperwhite that you can choose from. One has 8 GB of storage and the other has 32 GB.
The FBI's Mike Christman ran the bureau's cybercrime unit. He gave Pelley tips on preventing a ransomware attack:
Use two-factor authentication. Two-factor, or dual-factor authentication adds a layer of security to online accounts by requiring two ways of proving your identity. One common form of two-factor authentication is entering a password, then receiving a one-time numerical code via text message.
Backup your data offline. Use an external hard drive to secure important information.
Use internal firewalls on your network. That way, if a malicious actor accesses your computer, he cannot move laterally through the network and lock up the entire system. Experts liken it to preventing one person's case of the flu from turning into an epidemic.
Regularly update your password. Cyber criminals looking to hack into a system sometimes purchase stolen passwords on the dark web.
Remote access creates an additional set of vulnerabilities. Understand the risks, including the possibility of stolen passwords, and how to prevent them when allowing employees or IT staff remote access to networks.
The most common type of ransomware attack starts with a phishing email, which tries to get users to open an attachment or click on a link. The attachment or link then installs ransomware.
Tom Pace founded NetRise, a cybersecurity firm based out of Austin, Texas. When 60 Minutes spoke with him back in 2019, he was a vice president at BlackBerry Cylance. He spoke with 60 Minutes producer Henry Schuster about how to identify phishing emails, saying to look for these signs:
Misspelled words
Strange word choices
Odd links, especially from someone who wouldn't usually send a link
Unusual attachments, especially a zip file or a .exe file
Pace said to be aware of where the email is coming from, and if it appears to be coming from a friend, call the person and ask if they sent an attachment before you open it.
Pace told 60 Minutes that, when your computer tells you to update software, do it. It's called patching.
Over time, hackers find vulnerabilities within software, such as operating systems, Adobe Reader, and Microsoft Word. Vendors eventually patch those systems with regular updates—so you need to update as well.
When the pandemic hit, Pace said, that presented a complication for employers whose workforces needed to operate remotely. 'There's no way you can properly secure all of those connections, deploy appropriate hardware and software to make that as secure as a centralized network. Companies had two to five year transformation plans that they needed to execute in days to weeks, it was a nightmare.'
In January 2018, a ransomware attack shut down the computer systems at Indiana's Hancock Regional Hospital. The entire network was held hostage until the hospital paid a $55,000 ransom. Its CEO, Steve Long, now warns others about the threat of ransomware.
'Fundamentally good organizational dynamics are what you need,' Long told 60 Minutes. 'So the things you're trying to do anyway, that's what's going to help you get through this.'
The video above was originally published on May 5, 2019. It was edited by Will Croxton.
UpdatedBarnes and Noble tonight confirmed it was hacked, and that its customers' personal information may have been accessed by the intruders. The cyber-break-in forced the bookseller to take its systems offline this week to clean up the mess. See our update at the end of this piece. Our original report follows.
Bookseller Barnes and Noble’s computer network fell over this week, and its IT staff are having to restore servers from backups.
The effects of the collapse were first felt on Sunday, with owners of B&N's Nook tablets discovering they were unable to download their purchased e-books to their gadgets nor buy new ones. That is to say, if they had bought an e-book and hadn't downloaded it to their device before B&N's cloud imploded, they would be unable to open and read the digital tome. The bookseller's Android and Windows 10 apps were similarly affected.
It soon became clear the problem was quite serious when some cash registers in Barnes and Noble’s physical stores also briefly stopped working.
One Register reader told us that as a result of the downtime:
You can see all of your purchases on your Nook, but you can't download any of them if you haven't already. This includes purchases you might have made during the outage. When you try, you see an error: 'Internal error: Exception executing the command.' This is consistent, whether it is the app for Android phones, the app for Windows 10, or Nook devices themselves.
In other words, none of the books you've bought from today back to the day you signed up for a Nook account are available for you to download and read.
When you go to your account on the Nook website, your library is empty. 100 per cent empty – and there is usually a free thing or two in there when you first sign up, but now it's nothing. In some cases, the cover images of books etc don't download. In some cases, you can't use the online store, either.
B&N has yet to confirm any details of the ongoing network collapse – which has spanned at least three days now – though it is whispered that malware may have taken hold of the bookseller's machines and spread to stores and the Nook cloud. The company told The Register it has “a network issue and are in the process of restoring our server backups,” which sounds like a ransomware attack. Warhammer 40k space marine mods.
The book flogger also said it is “investigating the cause,” though stressed there has been “no compromise of customer payment details which are encrypted and tokenized.”
That feels like a carefully worded statement and leaves open the possibility other customer records may have been compromised or meddled with – such as usernames, passwords, and contact details – but that payment information was protected.
Pressed for more detail on whether malware was responsible or whether user data had been compromised, a Barnes & Noble representative noted only that it was “working urgently to get Nook repaired,' and was investigating.
The length of time that the network has been down and the lack of communication from the company points to a more serious problem than a simple network failure. Initially the biz said the system would be back up within a few hours of the first reports of problems.
On Tuesday, some parts of the network reappeared, with cash registers and the BN.com website largely back up on Wednesday, although some webpages still showed problems and the Nook e-book system has been up and down all day, and at the time of writing is still suffering problems.
It wasn’t until Wednesday afternoon that a notice finally appeared on the Nook site announcing: “We're very sorry - NOOK Books are currently unavailable due to a system issue. We'll have this fixed as soon as we can.”
The Nook twitter account also finally acknowledged the problem mid-morning on Wednesday: “We are continuing to experience a systems failure that is interrupting NOOK content. We are working urgently to get all NOOK services back to full operation. Unfortunately it has taken longer than anticipated, and we sincerely apologize for this inconvenience and frustration,” it tweeted.
A second tweet continued: “Please be assured that there is no compromise of customer payment details which are encrypted and tokenized. We expect NOOK to be fully operational shortly and will post an update once systems are restored. Thank you for your patience.” ®
Shortly after this article was published, Barnes & Noble confirmed in an email to customers that it was hacked. The biz said it found out over the weekend, on October 10, that miscreants had broken into its computer systems, adding that customers' personal information stored on file may have been accessed or taken by the intruders. This info includes names, addresses, telephone numbers, and purchase histories.
Here are the salient portions of the message sent out this evening:
It is with the greatest regret we inform you that we were made aware on October 10, 2020 that Barnes & Noble had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems.
Firstly, to reassure you, there has been no compromise of payment card or other such financial data. These are encrypted and tokenized and not accessible. The systems impacted, however, did contain your email address and, if supplied by you, your billing and shipping address and telephone number. We currently have no evidence of the exposure of any of this data, but we cannot at this stage rule out the possibility. We give below answers to some frequently asked questions.
Your payment details have not been exposed. Barnes & Noble uses technology that encrypts all credit cards and at no time is there any unencrypted payment information in any Barnes & Noble system. No financial information was accessible. It is always encrypted and tokenized. It is possible that your email address was exposed and, as a result, you may receive unsolicited emails.
While we do not know if any personal information was exposed as a result of the attack, we do retain in the impacted systems your billing and shipping addresses, your email address and your telephone number if you have supplied these. We also retain your transaction history, meaning purchase information related to the books and other products that you have bought from us.
We'll update this story again as more information arrives.