I saw that North Carolina decided not to pay the Ransomware to get their systems back online and will be using the backups they have. Kudos to them. Below is my take on Ransomware and the original article posted by the AP.
With every day, a new report of a Ransomware infiltration appears in the news, and most of the events go unreported. It is obvious our controls on these matters is relying on human reaction to not make a mistake, either by clicking on an email or bringing an affected machine on a network that could sprawl across multiple systems. Most SMB and Gov, do not have the security or technology in place to effectively protect their network. From IT Admins leaving bandaids on the systems to employees rushing to respond to all emails in their inbox, we are leaving doors open for these type of attacks. Email has become as bad as the home phone in the 90’s when telemarketers were calling all day. Until caller ID and DNC lists were introduced, we would just answer the call when it rang. Email delivery and security needs to be revamped for all and not just companies that can afford technologies that block with AI. I feel email should have a central registration and all organizations would subscribe to make sure they receive these emails. This would reduce the spoofing of the message and give more spam controls to companies that lack knowledge of SPF records and such. Imagine I am sending you an email, and as with SSL registration, the source is confirmed with a certificate authority. Your inbox would have an icon showing verified and safe. If this icon is missing the message is either denied by your mail server or moved to a sandbox where all external access is blocked and the message is not able to run code.
There are technologies today to block spam and some phishing attempts, but until the technology is as simple as registering a car on a network, most companies and gov will not implement properly.
Opinion by:
Robert Giannini
The article below is from the AP:
Hackers were able to lock down several servers of a county government in North Carolina with ransomware this week, locking local officials out of computer systems that manage inmate populations, child support, and other social services. But despite the outages, the county isn’t planning to pay the $23,000 ransom demanded by the hackers.
“I am confident that our backup data is secure and we have the resources to fix this situation ourselves,” Mecklenburg County manager Dena R. Diorio said in a statement on Wednesday. “It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible.”
Mecklenburg County, which includes the city of Charlotte and surrounding areas, was hit on Monday with ransomware and has been struggling to get its systems back online ever since. In the meantime, county officials have been forced to revert to paper systems.
Population numbers for Mecklenburg County jails are expected to rise, the county said on its website, because the inmate releases have to be handled manually and the entire process is significantly slowed down. Calls to a domestic violence hotline are only able to go to voicemail, the AP reported, so counselors have resorted to regularly checking the messages and trying to get back in contact with callers. The local tax office is also struggling to process payments.
But despite all the disruptions, the county “remains open for business,” its site says.
“It was going to take almost as long to fix the system after paying the ransom as it does to fix it ourselves,” Diorio said. “And there was no guarantee that paying the criminals was a sure fix.”
Source credit goes to https://www.apnews.com/f361364942fc474e84caa5e49ef2ae44/Ransomware-slows-North-Carolina-county-government-to-a-crawl
