Understanding the Nationwide Cybersecurity Concerns

In June 2023, a wave of cyberattacks targeting critical software systems across the nation thrust cybersecurity concerns into the forefront. These attacks highlighted the vulnerability of digital infrastructure, prompting heightened vigilance among individuals and organizations alike. 

In Indiana, where reliance on digital technology is pervasive, the potential impact of such breaches is significant. Beyond mere inconvenience, these attacks jeopardize the integrity of personal and sensitive information, disrupt essential services, and erode public trust in the state’s digital governance.

Scott Shackelford, Executive Director of the Center for Applied Cybersecurity Research at Indiana University, offers valuable insights. He emphasizes the far-reaching consequences of compromised personal information, stressing that once exposed, such data can never be fully reclaimed. Unfortunately, he believes that “what we’ve seen so far is just the tip of the iceberg.”

Collaborative Efforts: Strengthening Indiana’s Cyber Defenses

Indiana is leveraging the expertise of renowned institutions like Indiana University and Purdue University to enhance its cybersecurity posture. Through rigorous assessments and collaborative initiatives, the state aims to identify vulnerabilities, mitigate risks, and safeguard Hoosiers’ digital assets.

Being Proactive with Threat Assessments

IU and Purdue’s partnership with the Indiana Office of Technology exemplifies an important approach to cybersecurity – being proactive and conducting comprehensive assessments to find out where you might have weaknesses in your cybersecurity stack. 

We are happy to help you in that regard. Our team of experts will run you through a complimentary threat assessment to find out where you can improve. Click the link HERE to book a meeting.

A Good Reminder for a Safer Future

In conclusion, the recent cyberattack serves as a sobering reminder of the ever-present threat posed by cyber threats. Indiana’s proactive response and collaborative efforts underscore its commitment to fortifying cybersecurity resilience and safeguarding the interests of its residents. By leveraging expertise, conducting assessments, and empowering individuals, Indiana is poised to navigate the evolving cybersecurity landscape and emerge stronger and more resilient than ever before.

link to article

University officials say an investigation learned of suspicious activity on a computer network where hackers were able to get the personal information of individuals tied to the University of Michigan during a cyberattack back in August, 2023.

The investigation determined an unauthorized third party was able to access personal information relating to certain students and applicants, alumni and donors, employees and contractors, University Health Service and School of Dentistry patients, and research study participants.

The information included social security numbers, driver’s licenses or other government-issued identification numbers, financial account or payment card numbers, and health information. The university determined that the hacker gained access between Aug. 23-27.

Education is one of the most targeted sectors for ransomware. One reason educational organizations are at such high risk is because of the valuable information they store. They have social security numbers, banking information, credit card numbers, birthdates, and other personal information. In addition, this information does not just stem from students, but from all employees and parents. Another reason the education sector is targeted is because typically their IT equipment is not always state of the art. The school districts have budgetary constraints that make it difficult to fund IT security investments.

According to a study done by Emsisoft Malware Lab, in 2019, the United States was hit by a myriad of ransomware attacks “that impacted at least 966 government agencies, educational establishments and healthcare providers at a potential cost in excess of $7.5 billion.” That number is astounding. Of these attacks, 89 were educational sectors which potentially affected 1,233 individual schools. These numbers demonstrate the severity of the issue and reiterate the need for a data backup and recovery plan.

The attack is just the latest in an upward trend or attacks over the last few years.

As reported on by Infosecurity Magazine, nearly half of all ransomware attacks now target small schools and municipalities.

Ransomware attacks on the national education sector have surged by 80% in the past year alone, according to the Institute for Security and Technology.

Link to original article.

In December of 2023, HealthEC, a Corewell Health service provider announced a data breach exposed patients’ personal and medical information.

The cyberattack is just one of the latest in a series of attacks and data breaches impacting health systems across the U.S.

According to research published in the Journal of the American Medical Association, the number of attacks on U.S. hospitals each year doubled between 2016 and 2021.

CISA CPG Guidelines

CISA recommends taking advantage of third-party validation options available at zero cost to organizations like yours to help identify cybersecurity gaps.

Trinsio offers four complimentary services including a Firewall Network Threat Assessment.

Based on actual traffic hitting your firewall over a 24-hour period, a Trinsio network threat assessment will confirm your firewall’s effectiveness by documenting all of the incoming and outgoing threats to your network based on more than 50 lists maintained by the cyber intelligence community.

link to original article

In early August of 2023, Louisiana’s St. Landry Parish School District reported it fell victim to a ransomware attack.

Originally the school district reported no sensitive information was compromised, then a few months later cyber criminals leaked more than 200,000 files containing personal information on students, teachers, and local business owners.

After St. Landry Parish refused to pay a $1 million ransom, files began being distributed on Telegram containing health records, Social Security numbers, tax records, dates of birth, home addresses, parents’ phone numbers, and even login credentials for district systems.

The attack is just the latest in an upward trend or attacks over the last few years.

As reported on by Infosecurity Magazine, nearly half of all ransomware attacks now target small schools and municipalities.

Ransomware attacks on the national education sector have surged by 80% in the past year alone, according to the Institute for Security and Technology.

Link to original article.

In our digitally-driven world, a recent cybersecurity incident has put the Kansas court system into the spotlight. Termed a “security issue,” this event disrupted online operations across 104 counties, leaving clerks unable to manage essential filings. As we unravel the details of this incident, we’ll explore the vulnerability of critical systems and the urgent need for robust cybersecurity measures. 

Details of the Attack:

Details surrounding the recent cyber incident that shook the Kansas court system remain elusive. Described as a “security incident,” it disrupted online operations across 104 counties, leaving clerks unable to receive online filings. The nature of the attack, whether it involved sophisticated malware, a distributed denial-of-service (DDoS) assault, or possibly ransomware, has not been officially disclosed. Brandon Joiner, CEO of ONX IT Solutions, speculates that, given the system’s perceived antiquation, a DDoS attack could be plausible, overwhelming a web server and causing a site crash.

Impact on Operations and Public Access:

The repercussions were extensive, hampering the court system’s ability to electronically process cases, accept online filings, and provide accessible court information. To mitigate the situation, a public access service center was instituted, offering limited computer access to the public. As of now, all filings must be submitted in paper format. 

Beating the Odds: Strengthening Cybersecurity Measures:

In the face of escalating cyber threats, companies and organizations can fortify their defenses by adopting robust cybersecurity measures. This includes staying on top of the latest security technologies, implementing stringent access controls, and conducting regular employee training to mitigate human-centric vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) recommends a proactive approach, advocating for third-party evaluations to assess vulnerabilities comprehensively. These evaluations, often conducted by reputable cybersecurity firms, offer an unbiased perspective, helping organizations identify and address potential weaknesses before malicious actors exploit them.

CISA’s Guidance and Third-Party Evaluations:

CISA plays a pivotal role in guiding organizations through the cybersecurity landscape. As a proactive measure, CISA advises companies to engage in third-party evaluations, emphasizing their importance in identifying and mitigating risks. By collaborating with external cybersecurity experts, organizations can gain a fresh perspective on their security postures and leverage insights to enhance their resilience against evolving threats. In the ever-evolving realm of cybersecurity, continuous vigilance and a commitment to proactive measures are essential to stay one step ahead of potential adversaries.

The Kansas court cybersecurity incident prompts a sober reflection on the imperative need for heightened cybersecurity defenses in an era where digital interconnectivity is the norm. As organizations grapple with evolving cyber threats, the lessons drawn from this incident underscore the importance of proactive measures. Strengthening cybersecurity defenses, adopting the latest technologies, and prioritizing employee training are not merely recommendations but necessities.

Book a meeting with us for a FREE threat assessment

Link to article