{"id":14102,"date":"2019-08-28T03:00:17","date_gmt":"2019-08-28T03:00:17","guid":{"rendered":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/?p=14102"},"modified":"2022-10-14T18:27:52","modified_gmt":"2022-10-14T22:27:52","slug":"stopping-government-ransomware-attacks","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/stopping-government-ransomware-attacks.html","title":{"rendered":"Stopping Government Ransomware Attacks"},"content":{"rendered":"\n<p>No matter how much reporting we have done on ransomware, the problem continues to get worse. And boy, have we written many stories about it. We told you in June about a<a href=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/this-600k-payment-proves-ransomware-attacks-getting-worse.html\"> $600,000 payment made to ransomware hackers<\/a> and in the article, explained U.S. hacks have cost <a href=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/cost-of-u-s-breaches-north-of-3-trillion.html\">more than $3 trillion in ten years<\/a>!<\/p>\n\n\n\n<p>Another story we reported was 22% of small and medium businesses have been <a href=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/ransomware-just-affected-22-of-small-and-medium-organizations.html\">hit by ransomware<\/a>. <\/p>\n\n\n\n<p>Perhaps most interesting was the story about <a href=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/mayors-vow-to-not-pay-ransomware-hackers-but-a-vow-wont-do-it.html\">mayors vowing not to pay ransomware attackers anymore<\/a> &#8211; as if that would stop the attacks. As expected &#8211; three days later we reported another attack taking place,  La Porte County, Indiana got&nbsp;<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/la-porte-county-pays-130-000-ransom-to-ryuk-ransomware\/\">hit&nbsp;<\/a>with Ryuk ransomware and their website and email&nbsp;<a href=\"https:\/\/www.thenewsdispatch.com\/news\/article_d9809e48-7e8d-52d5-9d08-5d6c1adab2a2.html\">went down<\/a>.<\/p>\n\n\n\n<p>Another incredible happening was as we wrote about the <a href=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/reported-ransomware-attacks-are-horrifying.html\">totality of ransomware attacks hitting cities this year<\/a>, yet <a href=\"https:\/\/www.apextechservices.com\/topics\/articles\/443030-while-we-reported-ransomware-horrors-yet-another-attacked.htm\">another city was hit <\/a>&#8211; as we posted!<\/p>\n\n\n\n<p>We continue to do our part &#8211; we posted an <a href=\"https:\/\/www.apextechservices.com\/topics\/articles\/442962-how-prevent-ransomware.htm\">infographic titled How to Prevent Ransomware<\/a> in the hopes that graphics will more easily allow people to understand the problem and how to solve it.<\/p>\n\n\n\n<p>Today, Barracuda researchers have identified more than 50 cities and towns attacked so far this year. The team\u2019s recent analysis of hundreds of attacks across a broad set of targets revealed that government organizations are the intended victims of nearly two-thirds of all ransomware attacks. Local, county and state governments have all been targets, including schools, libraries, courts, and other entities. <\/p>\n\n\n\n<p>About 45 percent\nof the municipalities attacked had populations of less than 50,000 residents,\nand 24 percent had less than 15,000 residents. Smaller towns are often more\nvulnerable because they lack the technology or resources to protect against\nransomware attacks. Nearly 16 percent of the municipalities attacked were\ncities with populations of more than 300,000 residents.<\/p>\n\n\n\n<p>In the 55 attacks\nthis year, only two town governments and one country government paid the\nransom, all in June. In Florida, Lake City paid roughly $500,000 (42 Bitcoin), and\nRiviera Beach paid about $600,000 (65 Bitcoin), after trying and failing to\nrecover their data. In Indiana, La Porte County paid $130,000 to recover its\ndata. None of the cities attacked in 2019 so far have paid a ransom, including\nBaltimore, which spent $18 million to recover from the attack.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"752\" height=\"550\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/08\/local-governments-hit-by-ransomware.jpg\" alt=\"\" class=\"wp-image-14137\"\/><\/figure>\n\n\n\n<p>Ransomware\nused in recent attacks against state and local governments includes Ryuk,\nSamSam, LockerGoga and RobbinHood.<\/p>\n\n\n\n<p>Barracuda researchers see attacks like this against government organizations on a regular basis. Email is the most common threat vector for these types of ransomware attacks but the blast radius can easily reach networks, applications and a wide variety of sensitive and critical data. <\/p>\n\n\n\n<p>While this\nstudy focused on attacks in the United States, there have been similar attacks\nglobally, with attacks hitting four communities of varying sizing in Canada as\nwell the <a href=\"https:\/\/www.csoonline.com\/article\/3330651\/hacker-posts-ransom-demand-on-dublins-luas-tram-system-site.html\">Dublin tram system in Ireland<\/a> and <a href=\"https:\/\/www.cybersecurity-insiders.com\/ransomware-attack-on-telangana-and-andhra-pradesh-power-utilities\/\">power utilities in India<\/a> and <a href=\"https:\/\/www.zdnet.com\/article\/ransomware-incident-leaves-some-johannesburg-residents-without-electricity\/\">South Africa<\/a>. <\/p>\n\n\n\n<p>The exclusive infographic above sums it up and has ideas on how to prevent ransomware in your organization.<\/p>\n\n\n\n<p>In addition, we suggest:<\/p>\n\n\n\n<p>1) Read&nbsp;<a href=\"https:\/\/www.apextechservices.com\/topics\/articles\/442289-cybersecurity-essentials-every-business.htm\">cybersecurity essentials<\/a>&nbsp;\u2013 a simple list which will help most organizations become far more secure.<\/p>\n\n\n\n<p>2) Go to a phishing simulation vendor now and sign up for one of their offerings.&nbsp;<a href=\"https:\/\/www.phishingbox.com\/\">Phishing Box<\/a>,&nbsp;<a href=\"https:\/\/www.knowbe4.com\/\">KnowBe4&nbsp;<\/a>and&nbsp;<a href=\"https:\/\/www.phish360.com\/\">Phish360<\/a>;&nbsp;are all great.<\/p>\n\n\n\n<p>3) We also recommend you get a&nbsp;<a href=\"https:\/\/www.apextechservices.com\/\">free evaluation of your cybersecurity risk&nbsp;<\/a>from an MSP\/MSSP immediately \u2013 they can also help you build in the needed compliance to reduce the risk of being fined.<\/p>\n\n\n\n<p>4) Finally,  <em>Learn about the latest in everything you need!&nbsp;<strong>Cybersecurity<\/strong>,&nbsp;<a href=\"https:\/\/cvxexpo.tmcnet.com\/east\/\">the Channel<\/a>,&nbsp;IT, IOT,&nbsp;<a href=\"http:\/\/www.intelligentedgeexpo.com\/\">Edge<\/a>, AI,&nbsp;<a href=\"https:\/\/www.sd-wanexpo.com\/east\/\">SD-WAN<\/a>,&nbsp;and the&nbsp;<a href=\"https:\/\/www.futureofworkexpo.com\/\">Future of Work<\/a>&nbsp;at the world\u2019s only&nbsp;<strong><a href=\"http:\/\/www.mspexpo.com\/\">MSP Expo<\/a><\/strong>, part of the&nbsp;<\/em><strong><em><a href=\"http:\/\/www.itexpo.com\/\">ITEXPO<\/a><\/em><\/strong><em>&nbsp;#TechSuperShow,&nbsp;Feb 12-14, 2020 Fort Lauderdale, FL.<\/em> <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/itexpo-2019-hall-7.jpg\" alt=\"\" class=\"wp-image-12172\" srcset=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/itexpo-2019-hall-7.jpg 800w, https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/itexpo-2019-hall-7-768x576.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/figure>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>No matter how much reporting we have done on ransomware, the problem continues to get worse. And boy, have we written many stories about it. We told you in June about a $600,000 payment made to ransomware hackers and in the article, explained U.S. hacks have cost more than $3 trillion in ten years! Another<\/p>\n","protected":false},"author":44,"featured_media":14103,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[156],"tags":[2290,1796,2318,1839,2319,2316,2315],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/14102"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=14102"}],"version-history":[{"count":4,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/14102\/revisions"}],"predecessor-version":[{"id":14138,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/14102\/revisions\/14138"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media\/14103"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=14102"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=14102"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=14102"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}