Ransomware Baltimore

Most affected sectors of Ransomware

Ransomware has seen a greate increase since the last year. The attacks have been increased by about 400%.

Right now Ransomware is a good business for hackers, since hefty amounts are being paid from organizations who have failed to secure themselves from these attacks or develop a good Cyber Security strategy.

Backups are not enough.

They key to the solution is Cloud Backup and Unified Threat Management systems.

Lets see some of the industries that have been affected mostly

Government

  • The attack on Baltimore left the city’s systems offline for over 3 weeks. By refusing to pay the ransom of $76,000, the city was forced to rebuild its digital systems. This left the city with a hefty $18.2 million estimate. Property transactions, tax, and water billing were all disrupted.
  • A trio Florida Cities paid over $1.2 million collectively after ransomware hit Key Biscayne, Lake City, and Riviera Beach in June. In this instance, the governments affected all agreed to pay the ransomware. In the months since the attacks, US mayors have all agreed to not pay ransoms.
  • This April, information boards and email were encrypted in an attack on Cleveland/John Hopkins Airport. Both the airport and the Mayor’s office were initially slow to give any details. The city claims to have managed the damage internally with conflicting reports that the FBI was involved.

Healthcare Providers

Education

  • Similar to the DCH Health System attack, the Rockville Center School District in Long Island, NY was infected with RYUK Ransomware this August. The school district paid close to $100k to have their information decrypted.
  • Flagstaff United School District closed for two days following a ransomware attack in September. No details were released on the recovery from the incident.
  • In July, Monroe College based in New York City fell victim to an unknown strain of ransomware. The hackers later requested $2 million dollars to decrypt the infected hardware.
Ransomware Protection Tips

How to protect against Ransomware Attacks (Ransomware Protection Tips)

Ransomware Protection Tips

Its very important to understand that most hacker attacks involve Remote Desktop Connection vulnerabilities.

This means that they actually brute force your remote desktop connection password or they take advantage of security flaws in your remote desktop connection to be able to access your network infrastructure from the outside.

Lets identify what you should do in order to prevent an incident that even if your infrastructure has been hacked, you can have minimum impact.

How to protect against Ransomware Attacks

  1. You should use a credible antivirus solution for your endpoints (such as Webroot, Bitdefender, Sophos etc)
  2. You should never user the user account “Administrator” on other hosts than the domain Controller.
  3. You should have active “User” privileges in the Servers / Clients so user access should be limited
  4. Don’t use the Administrator password in other devices like NAS or Backup devices
  5. You should create a new e-mail account with different password for the antivirus panel, and you should never use it on other services
  6. Don’t use common passwords anywhere. Especially Administrator or privileged user access passwords.
  7. Start using a Cloud backup solution and make sure that you use different email and password
  8. Don’t save passwords in browsers or in any text file on the computers
  9. Use 2 Factor Authentication (2FA) logins whenever available (Microsoft Accounts, Google Accounts, Banking accounts etc)