Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Saturday September 07 2019, @03:14PM   Printer-friendly
from the invest-beforehand dept.

Arthur T Knackerbracket has found the following story:

The City of New Bedford, in Massachusetts, has found a way to deal with ransomware without paying: shoring up defenses, restoring from backups, and rebuilding systems.

The attack on the American city's systems was identified on July 5, after employees noticed unusual network activity upon returning from the July 4th holiday, Mayor Jon Mitchell explained in a press conference on Wednesday.

"We haven't seen any interruption in municipal services at all," said Mitchell.

The city's Management Information Systems (MIS) staff identified the presence of the file-scrambling RYUK nasty, a sophisticated form of ransomware, and through prompt action managed to limit its impact.

Supposedly named for a character in the manga series Death Note, RYUK can find and encrypt network drives, and delete volume snapshots to prevent the use of Windows System Restore in the absence of external backups.

[...] Mitchell attributes the relatively minor impact of the infection to luck, skill and the city's IT architecture.

The luck element has to do with the fact that the malware intrusion began over the July 4th holiday. Holidays and weekends are apparently a common time to launch ransomware attacks because IT staff tends to be scarce and less vigilant then; but in this case the holiday also ensured that many of the city's desktop PCs were powered down, which limited the ransomware's ability to spread.

The prompt action of the MIS staff on the morning of July 5th to defensively disconnect systems, according to Mitchell, helped reduce the impact of the infection.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by hwertz on Saturday September 07 2019, @04:37PM (5 children)

    by hwertz (8141) on Saturday September 07 2019, @04:37PM (#891005)

    They missed step 0 in avoiding ransomware: Don't run Windows!

    I'm serious, there's no good reason to run Windows on virtually any system. I'm running Ubuntu with "gnome flashback" desktop. Keep Windows the hell off there and you have control of your system rather than Microsoft; you won't get viruses and spyware; it's easy to use; and if you have the ol' budget problems you can keep those older systems as long as you want (Ubuntu has bloated over the years but still has about 1/2 the system requirements of Windows 10 or 7 for that matter.) Wine has gotten VERY good at running Windows software if you really do still have something that needs it. If you have some legacy something or other that needs 95 or XP, it is actually more likely to run under Wine than to run under 7 or 10.

    But good on them for having proper backups and such.

    Starting Score:    1  point
    Moderation   +4  
       Insightful=2, Informative=2, Total=4
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2) by captain normal on Saturday September 07 2019, @06:50PM (1 child)

    by captain normal (2205) on Saturday September 07 2019, @06:50PM (#891051)

    Hum...and systemd makes ubuntu act a lot like windows....

    --
    When life isn't going right, go left.
  • (Score: 2, Insightful) by fustakrakich on Saturday September 07 2019, @09:00PM

    by fustakrakich (6150) on Saturday September 07 2019, @09:00PM (#891082) Journal

    *foo! smells like an ad*

    Lack of attention and small user base are its saving grace. And Ubuntu would never be my first choice.

    --
    La politica e i criminali sono la stessa cosa..
  • (Score: 2) by epitaxial on Sunday September 08 2019, @12:53AM

    by epitaxial (3165) on Sunday September 08 2019, @12:53AM (#891128)

    This all boils down to operator error. The exact same thing could happen with poorly configured Linux distros.

  • (Score: 2) by progo on Monday September 09 2019, @02:54PM

    by progo (6356) on Monday September 09 2019, @02:54PM (#891696) Homepage
    • Hundreds of our desktops use a GPU or Wifi card that just does not work out of the box in Linux
    • We have dozens of units of a paper scanner that WILL NOT WORK without Windows; it's too expensive to develop two parallel desktop environments.
    • All of our employees use [brand] phones with special sync software for [thing] with a component that only works on MacOS or Windows, and we can't make MacOS work in our enterprise environment.
      • You don't just decide at the top that we're going to quit using Windows and then it happens. It's a long, slow process.