Ransomware Hits Georgia Courts as Municipal Attacks Spread

Ransomware has no shortage of cautionary tales and wakeup calls from the past decade. But for local governments, this past year has been a particularly brutal reminder of the threat. Following a 2018 attack that paralyzed the City of Atlanta for weeks, more than half a dozen cities and public services across the country have fallen to ransomware so far in 2019, on a near-monthly basis; the Administrative Office of the Georgia Courts became the latest victim on Saturday, when an attack knocked its systems offline.

The string of attacks on municipalities may seem like a new pattern. But it’s unclear how many of them, if any, were perpetrated by the same actors. And law enforcement officials emphasize that the spate of attacks actually fits into a broader, ever-growing trend of ransomware attacks that spans numerous industry sectors.

"We are seeing an increase in targeted ransomware attacks; however, we do not have enough data to indicate one industry or sector is being targeted more than another," the FBI told WIRED in a statement. "Cyber criminals are opportunistic. They will monetize any network to the fullest extent."


Latest Discounts
  • Watch This Video and Learn The New Way to End Anxiety and Panic Attacks Fast
  • Get Your complete guide to fishing in the waters of Unicoi State Park And Enjoy Fishing By Your Own
  • The stunning secret of turning your wife on with the push of a button.
  • Are you frustrated that your expensive karoke player does not let you play.
  • You Can Stop Your Panic Attacks And Enjoy Your Daily Activities Again.
  • The Auto Calm System Is A 8 Week System For Overcoming Anxiety And Panic Attacks
  • Helps You To Lose Weight In Just Four Weeks Without Strict Dieting And Exercise.
  • Scans your computer for missing, corrupt, or outdated Windows Drivers.
  • The scientifically proven way of adding inches of real height at any age.
  • Download the latest official drivers for your PC fix driver problems and keep them updated.
  • Find Out The Best Natural and Effective Way To Overcome Your Anxiety Attacks.
  • The Latest Boat Design Software Start building your dream Boat In 5 Mins
  • Reveals 1 Unusual Tip To Eliminate Excessive Sweating Forever In 48 Hours
  • Learn How To Treat Your Panic Attacks and Anxiety,Regain Your Self Confidence,and Enjoy Life Without Fear
  • Stop your panic attacks and eliminate anxiety from your life with powerful 4 steps
  • The Bug Out Forever course have literally anything you need to bug out.
  • This will lose weight, stop smoking, gain unlimited confidence and motivation.
  • ApeSurvival is all about survival and self-defense products, tips and news.
  • Clickbank Ads
     

    Incident responders agree with this assessment and note that attackers will capitalize on any technique that sees some success, to infect as many targets as possible and maximize the possibility of return.

    "There’s definitely an increase or uptick in the amount of ransomware campaigns that we’re seeing out there, but it’s not specific to municipalities or state or federal organizations, it’s just pretty much across the board in every industry vertical," says David Kennedy, CEO of the penetration testing and incident response consultancy TrustedSec. "We’re working seven consecutive ransomware attacks right now—a couple of manufacturing, a couple of credit unions, and one local type of government incident."

    One thing that does set cities and municipalities apart is that they are more likely to publicly disclose attacks and the ransom amounts criminals are seeking, because the attacks often disrupt public systems. Where organizations like businesses and hospitals sometimes have more leeway to work behind closed doors, attacks on government entities can be more immediately visible. And whether a local government is going to rebuild from an attack on its own or pay the ransom, money to respond comes from public funds or through a municipality's cybersecurity insurance. And lately, some municipalities have been very vocally coughing up the cash to hackers.

    In March, ransomware hit the court system in rural Jackson County Georgia, between Atlanta and Athens. Jackson County paid attackers $400,000. And throughout June, three Florida municipalities—Key Biscayne, Lake City, and Riviera Beach—were hit with ransomware. Lake City paid 42 bitcoin (almost $500,000) to attackers, and Riviera Beach paid 65 bitcoin (almost $600,000).

    "While the size of recent payouts are certainly not groundbreaking, publicly reporting on them is," says Jake Williams, founder of the Georgia-based security firm Rendition Infosec. "There are tons of targets out there, and most of them don't realize they have the exposure. I've never worked a ransomware case where a victim said 'we realized this could happen to us but were playing the odds it wouldn't.' Most of them have heard of ransomware but fail to realize they have an exposure."

    Desperate organizations have long paid ransoms as a sort of last-ditch, dirty secret when they don't think they can recover any other way. But incident responders suggest that the recent disclosures may only further fuel attackers' enthusiasm to hit as many local-level government targets as possible. In April, ransomware struck email and baggage systems at Cleveland Hopkins International Airport. In May, Baltimore City was crippled by ransomware, as was the Philadelphia Courts First Judicial District.

    On Monday, the Administrative Office of the Georgia Courts (a coordinating agency, not the courts themselves) had its website go down as it scrambled to contain the infection. Spokesperson Bruce Shaw told WIRED that the agency could not yet comment on the type of ransomware used in the attack but had seen no evidence of data exfiltration. He added that the systems being held for ransom do not contain personally identifying information. "On Saturday morning the Administrative Office of the Courts discovered sophisticated malware on our servers. After an assessment of our system, it was determined that it would be best to take our network offline," the agency said in a prepared statement provided by Shaw. "Our primary focus at this time is to ensure our systems remain secure and that we get them back up and running as soon as possible."


     

    The actors behind these recent incidents are largely unknown. Two of the three attacks in Florida involved the well-known ransomware called Ryuk, and some preliminary reports have indicated that this ransomware may currently be at work in the Georgia incident as well. But while this malware was first spotted in 2018 being used by hackers linked to North Korea, it seems to be in broad criminal circulation now and is therefore more difficult to attribute to a particular attacker. In general, ransomware attacks are a sort of pay-to-play market, in which technically sophisticated criminal syndicates offer malware and attack services to virtually anyone on the black market.

    Conventional wisdom, as well as the official recommendation of the US government, is to never pay hackers' ransoms. If they're not getting paid, they won't have an incentive to keep trying.

    "The payment of extortion demands encourages continued criminal activity, leads to other victimizations, and can be used to facilitate additional serious crimes," the FBI told WIRED in its statement. "Additionally, paying a ransom does not guarantee the victim will regain access to their data … The main thrust of the FBI’s ransomware outreach program is to inform the public that most ransomware can be prevented."

    Though ransomware has been a ubiquitous threat for years, investment hasn't come fast enough to address the risk, especially in settings like local government, where IT departments are chronically understaffed and underfunded. And incident responders note that for those who are unprepared, the reality of the decision about whether to pay is often fraught.

    "My recommendation is do not pay the ransom under any circumstance," Kennedy says. "But it’s not always a clear-cut issue. We had one case where we had a church that lost 20 years of their sermons in a ransomware attack, and that was a big deal for them. If an organization can pay $10,000 or $20,000 to recover, sometimes they're going to lean more toward paying."


    Latest Discounts
  • Get Your complete guide to fishing in the waters of Unicoi State Park And Enjoy Fishing By Your Own
  • The stunning secret of turning your wife on with the push of a button.
  • Are you frustrated that your expensive karoke player does not let you play.
  • You Can Stop Your Panic Attacks And Enjoy Your Daily Activities Again.
  • Watch This Video and Learn The New Way to End Anxiety and Panic Attacks Fast
  • The Auto Calm System Is A 8 Week System For Overcoming Anxiety And Panic Attacks
  • Reveals 1 Unusual Tip To Eliminate Excessive Sweating Forever In 48 Hours
  • Become A Certified Usui Reiki Healing Master With The Latest Reiki Certification Program.
  • Eve Online's Richest Player Reveals All His Techniques Making Billions
  • It attacks the root cause of your problem - something no other 'all-natural' ED cure does.
  • The Latest Boat Design Software Start building your dream Boat In 5 Mins
  • The Best RSS Autoblog Tool For Blogger Blogspot Blog.
  • Learn The 100 Natural Way To Stop Hair Loss and Re-Grow Your Hair...
  • Learn how you can easily create mobile apps to generate passive income.
  • Strategy And Mental Tennis Ebooks To Make You A Smarter Player.
  • Packed full of the info you need for profitable horse racing
  • Learn How To Attract the Man of Your Dreams And Receive A Marriage Proposal In Few Months
  • Discover how to boost your goal achieving skills in 30 days, guaranteed
  • Clickbank Ads
     

    As a result, ransomware scams are still extremely lucrative for attackers. One group, GandCrab, that offered a popular "ransomware as a service" platform shut down at the beginning of June. But it wasn't because of a law enforcement sting or an uptick in impenetrable defense—the hackers behind the service claim it was because they had just made so much money that they didn't need to go on. "We are leaving for a well-deserved retirement," the actors wrote in a forum post. "We have proved that by doing evil deeds, retribution does not come." They claim to have collected more than $2 billion in ransom payments, with those running the service getting about $2.5 million per week.

    These attacks can come at a high cost to local governments, whether they pay attackers or not. It cost Atlanta about $17 million to recover from its 2018 attack. Baltimore City has spent about $18 million to recover and improve its defenses.

    For organizations that don't have the will or resources to invest in ransomware defenses now, every day is a gamble that they won't pay for it later.


    Original Article : HERE ; The Ultimate Survival Food: The Lost Ways

     


    RELATED PRODUCTS
  • Watch This Video and Learn The New Way to End Anxiety and Panic Attacks Fast
  • You Can Stop Your Panic Attacks And Enjoy Your Daily Activities Again.
  • Are you frustrated that your expensive karoke player does not let you play.
  • The stunning secret of turning your wife on with the push of a button.
  • Get Your complete guide to fishing in the waters of Unicoi State Park And Enjoy Fishing By Your Own
  • Learn how to make wonderful smelling candles that put expensive candles sold in stores.
  • Download the latest official drivers for your PC fix driver problems and keep them updated.
  • Quickly Cure Panic Attacks And Anxiety In Less Than 60 Seconds - Guaranteed
  • Discover How To Add 20lbs To Your Bench Press, 15lbs To Deadlift, And 20lbs To Your Squat In 3 Months
  • Dont Let Social Anxiety Control Your Life Any Longer. Start Living.
  • Change Your Mind, Change Your Life Influence Your Mind and Others.
  • Know how to eliminate bacterial vaginosis forever in 72 hour.
  • Become A Certified Usui Reiki Healing Master With The Latest Reiki Certification Program.
  • Clickbank Ads