Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Weekly CyberTip: Top 10 Tips for Safer Shopping
Getting ready for Black Friday and Cyber Monday? Be sure to check out our Top 10 tips for safer shopping before you get started. Whether you’re making holiday purchases or simply looking for a great deal this month, make sure you stay cyber safe. Here’s a preview of top 10 tips for protecting your personal and financial information:
- Get patched
- Watch out for fake websites
- Watch for phishing scams
- Beware SMS-based and social media scams
- Check the site is secure
- Avoid using debit cards
- Use strong, single-use passwords
- Limit the data you share
- Don’t shop on public Wi-Fi
- Check for fraud after your holiday shopping
More cyber attacks on schools in Canada, U.S.
It has been a challenging week for many schools in Canada and the United States, with several cyber incidents being managed on both sides of the border:
- On November 14, the York Region School Board provided an update on a network outage caused by a cyber attack on November 8. System recovery is still in progress, with an investigation into the incident still underway. Law enforcement is involved, and the “board is working with third party experts, including legal and technical, to analyze the extent of the incident and begin work to restore services,” according to the latest statement.
- North Carolina Central University (NCCU), which reported an attack on its campus technology systems on November 13, is still recovering from the incident that caused them to “temporarily shut down all critical systems requiring logins with NCCU credentials, including, for example, Wi-Fi, MyEOL, Canvas and Outlook 365.” The school is currently using geo-blocking restrictions to limit access to their website in order to reduce the risk of further attacks. “Key partners at the UNC System Office, North Carolina Department of Information Technology, Joint Communications Task Force, FBI, U.S. Secret Service and other partners have been activated to investigate and respond,” according to the latest update from the school, which is located in Durham, northwest of Raleigh, NC.
- Meanwhile, on the outskirts of Los Angeles, the Glendale Community College reported on November 10 that they had suffered a cyber incident that affected a number of onsite facilities, and prompted proactive shutdowns as well. In a November 17 email to students, they announced that that had “turned a corner in the effort to fully restore the college’s information system,” and were hoping to allow students to get back onto systems after a blanket password reset. A week after the original incident, the school admitted that it is still “too early to make any conclusions regarding the potential compromise of personal information”. Staff are expected to go back to working in-person on November 20.
- Michigan’s North Muskegon school board was shut down on November 15 due to another cyber attack, according to a social media post by school board superintendent Dr. Curt Babcock. Schools re-opened for classes after only a single day of disruption. According to Dr. Babcock, “at this time, there is no evidence of any breach of sensitive student data or financial information. This incident, while unfortunate, appears to be limited in scope.” The board is “on the verge of resuming normal operations,” and will be bringing systems back online and re-activating staff and student accounts by the end of November.
Patch alert: Critical vulnerability in FortiSIEM software
Fortinet has issued a critical patch alert for a vulnerability discovered in the FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests. All versions of FortiSIEM 4.7, 4.9, 4.10, 5.0, 5.1, 5.2, 5.3, and 5.4 are affected.
The vulnerability is being tracked as CVE-2023-36553.
British library confirms cyber attack after three weeks of disruptions
On November 14, the British library confirmed that an incident that was first reported on October 30 is indeed an ongoing cyber incident.
“We’re continuing to experience a major technology outage as a result of a cyber-attack. The outage is still affecting our website, online systems and services, as well as some onsite services including Wi-Fi. We anticipate restoring many services in the next few weeks, but some disruption may persist for longer,” according to a post on their website.
Recovery looks to be weeks away – while the library suggested that many of its services will be available by mid-December, “some disruption may persist for longer.” In its cyber incident update, officials did not disclose any details about the ransomware gang behind the attack, but allowed that it was “a group known for such criminal activity.”