Friday, August 23, 2019

More Ransomware attacks

I've been posting about Ransomware for a while now.  Basically, it's malicious software that gets installed after an attack.  It encrypts all the data on the computer and demands payment to decrypt the files.  Baltimore got hit hard by it in the last 6 months or so, and there's enough money in the scam to keep it near the top of security threats.

Lawrence has been on top of this as long as I have, and has a breaking story:
Early on August 16, a total of 23 local government organizations in Texas were hit by a coordinated ransomware attack. The type of ransomware has not been revealed, and Texas officials asserted that no state networks were compromised in the attack. 
A spokesman for the Texas Department of Information Resources (TDIR) told Ars that authorities are not ready to reveal the names of the entities affected, nor other details of the attack.
So the Bad Guys hit a lot of towns, and hit them hard enough that the towns probably haven't figured out just how bad things are.  Baltimore was pretty bad, with people not being able to pay taxes (so nobody could sell a house).

Lawrence has excellent advice that I heartily second:
Consider this yet another reminder to use strong passwords you can remember, to backup all your files (especially all your important files) regularly, update your virus definitions and security patches regularly (between starting and publishing this piece, I updated both Firefox and macOS), and to never open an email attachment or click on a link unless you’re absolutely sure you know who it’s from.
And props to Lawrence, who made this a couple years back:

We posted about how to back up your data here and here.  I think we need to collect all our backup posts into a single post and highlight it on the side of the blog.

UPDATE 23 August 2019 09:58: The series on backing up your data can be found here.  FYI, I do not recommend Western Digital storage products anymore because they had a hard coded backdoor.  Maybe they've changed since this series of posts but that's such a boneheaded security mistake that I wonder what else they've done.


Old NFO said...

I do that regularly. And also have off site backups. Sigh...

Will said...

So, when will the various governments start sending out hit teams to terminate these people? If not, I'm thinking this could be crowd-funded, if some group wants to get it started privately.

I'm pretty sure most everyone who has a computer would be willing to kick in a buck or two per month to put a crimp in this business.

Bonus would be to post it on some u-tube competitor as pay-per-view. THAT would get them both up and running!

Borepatch said...

Will, I think a nearer-term question is when will the various governments start backing up their data?