CyberSecurity: Ransomware in the News April 2019
https://www.ispeech.org/text.to.speech
Ransomware is a terrible thing that can cost those affected money, time, and potentially their precious data. This video will review 3 recent ransomware events in the new that hit the city of Albany New York, the Canadian Domain Registration Authority, and Jackson County Georgia.
News Sources:
City of Albany New York:
Bleeping Computer Article: https://www.bleepingcomputer.com/news/security/new-york-albany-capital-hit-by-ransomware-attack/
Press Release by City of Albany: https://www.albanyny.gov/newsandevents/news/19-03-31/City_of_Albany_Outlines_Service_Availability.aspx
Update from WNYT (Local News Station in Albany): https://wnyt.com/news/cyber-attack-computer-recovery-albany/5301717/
Canadian Domain Registration Authority:
Bleeping Computer Article: https://www.bleepingcomputer.com/news/security/ransomware-hits-garage-of-canadian-domain-registration-authority/
Jackson County Georgia:
Bleeping Computer Article: https://www.bleepingcomputer.com/news/security/ransomware-attack-on-jackson-county-gets-cybercriminals-400-000/
Case 1: The City of Albany New York reported a ransomware attack in the last weekend of March 2019. Initially it was only reported by bleeping computer that all services but Birth Certificates, Death Certificates, or Marriage Certificates were working. On April 1st bleeping computer reported payroll was affected as well. Then later that day they reported the police computers were affected as well. This caused issues with police scheduling, overtime, and using police computers for incidents and investigations.
This was a relatively minor ransomware incident compared to what it could of been but having a police department electronic needs mostly shut down or hindered is never a good thing. The city of Albany did not appear to have good backups because the recovery time was quite long in my opinion. We will likely find out in a few weeks if they did or if they paid the ransom.
This is a good example of why you should always have 3 backups with 1 that is offline.
Case 2:
The Canadian Domain Registration authority had its parking lot computers hit by ransomware. People were able to park for free while they were down. This lot had an entrance to TD place Stadium and had 1000 parking spots. So quite a bit of money could have been lost due to this ransomware. There were 2 major issues with this case. Issue 1, the parking company did not appear to have backups. Issue 2, the attack did not appear to be a targeted attack which mean the attacker did a scan on the internet and found a vulnerability to hit these parking machines. The organization in charge of the parking meters should have had vulnerabilities patched or restricted access to the internet from these parking meters.
Case 3: Jackson County Georgia had all services affected by ransomware except emergency services. The only reason that was not affected was because a third party provider hosted it. Everything had to be done by paper. They did not have usable backups. They had no offline backups and the ones they had got hit by ransomware. This is why it is essential your have offline backups! They had no choice but to pay the ransomware fee of $400,000. Had they just spent the money to get a good backup system in place they would have likely saved a lot of money and time. I do not recommend paying ransoms as it encourages the creators of ransomware to keep pushing it out. You are also not guaranteed to get the decryption key back.
Thanks for watching this content. If you like the video please click the like button and if you enjoy my content please subscribe.
Books I have read that I recommend:
Nick Saben: How Good Do You Want to Be: https://www.youtube.com/redirect?q=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000XU4TW2%2Fref%3Das_li_tl%3Fie%3DUTF8%26camp%3D1789%26creative%3D9325%26creativeASIN%3DB000XU4TW2%26linkCode%3Das2%26tag%3Dsecuritysec-20%26linkId%3D29e0bc5f9dcc0dd64e5c7bad9b694d0a&redir_token=j5D_rd5l5dH6Y1qX75nGa1cEDeR8MTU1NDc2MTMxMUAxNTU0Njc0OTEx&event=video_description&v=4OynxdeYvTk
Ghost in the Wires: https://www.youtube.com/redirect?q=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0047Y0F0K%2Fref%3Das_li_tl%3Fie%3DUTF8%26tag%3Dsecuritysec-20%26camp%3D1789%26creative%3D9325%26linkCode%3Das2%26creativeASIN%3DB0047Y0F0K%26linkId%3D61d6463226d4927e9cc6c7103fde5e56&redir_token=j5D_rd5l5dH6Y1qX75nGa1cEDeR8MTU1NDc2MTMxMUAxNTU0Njc0OTEx&event=video_description&v=4OynxdeYvTk
The Art of Intrusion: https://www.youtube.com/redirect?q=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0471782661%2Fref%3Das_li_tl%3Fie%3DUTF8%26camp%3D1789%26creative%3D9325%26creativeASIN%3D0471782661%26linkCode%3Das2%26tag%3Dsecuritysec-20%26linkId%3D0127d93285e0305c89f99bf26acf096c&redir_token=j5D_rd5l5dH6Y1qX75nGa1cEDeR8MTU1NDc2MTMxMUAxNTU0Njc0OTEx&event=video_description&v=4OynxdeYvTk
2019-04-08 22:30:00
source
Gloss