Disabling ransomware attacks targeting US cities on the rise



[ad_1]

The company has compiled all known occurrences of ransomware infections from local government systems, a type of cyber attack that encrypts files from a computer, the attacker requesting payment – usually in bitcoin – from 39, a key to unlock it.

The federal government and the FBI do not follow attacks at the national level.

There have been 22 known public sector attacks so far in 2019, which would be greater than 2018, and this does not take into account that attacks are often only reported months or years after their release. discovery.

The last big city to be hit is Baltimore, who was infected with a ransomware Tuesday. He quarantined his networks and was forced to manually provide most of his municipal services.

"It's frustrating, it's unfortunate, but we are working on it," said Baltimore City Council President Brandon Scott on Friday.

Report reveals Chinese spies stealing NSA hacking tools
At the end of March, Albany, the capital of the state of New York, quietly admitted to being hit with a ransomware on a Saturday. This is a typical choice because hackers calculate that attacks can do more damage when IT staff do not work.

The city announced the attack the very day of its discovery, but downplayed its severity, announcing only that it had affected a handful of municipal services, including the issuance of marriage and entertainment licenses. birth certificates. Many of these issues were resolved early in the work week.

However, the mayor did not mention that the Albany Police Department's systems had been significantly affected.

"We've been crippled, basically, for a whole day," Gregory McGee, a police vice-president of the Albany Police Department's union, told CNN.

"All of our incident reports, all of our crime reports, are all digitized," McGee said, implying that the police had to write down everything that had happened on paper. They showed up at work and did not have access to staff schedules.

How Mueller investigations have been hindered by encryption applications and the disappearance of messages

"We were like, who is working today?" Said McGee. "We have no idea what our workforce is, who is supposed to be here."

The office of the Mayor of Albany has not responded to multiple requests for update on the attack, although a spokesman previously said that the city would make an announcement a Once she was cleaned up.

The law enforcement forces were also targeted in Texas in March, when the Fisher County Sheriff's Office was infected and reportedly lost the ability to connect to a database of the application of the law at the state level.

Late last month, Genesee County, Michigan, which includes the city of Flint, announced that it was finally free of ransomware, after an attack actually ended the service of County taxes for most of the month of April.

First attack in 2013

The first known infection by the government regarding ransomware struck the small town of Greenland, New Hampshire in 2013, but the number of attacks did not explode until 2016, when they were 46.

The number dropped to 38 in 2017 – which indicates a temporary reduction in the number of ransomware infections worldwide – before moving to 53 last year.

Industry estimates suggest that ransomware attacks cost billions of dollars each year, although it is difficult to accurately quantify costs as there is no complete record of attacks in the United States. the world and all are not reported.

Mueller discovers new ways for Russia to intervene in the 2016 election

The number of self-reported victims at the FBI's Internet Complaint Center has declined in recent years. There were 2,673 cases in 2016; 1,783 in 2017; and 1,493 last year. These figures do not reflect all the cases that the FBI is aware of through field office reports.

This suggests that hackers are increasingly aware of who they decide to target, in order to maximize the revenue they can earn, according to the special agent in charge of surveillance, Adam Lawson, from the FBI's Great Crimes Unit of Cybercrime.

"It is less of an individual user, and it targets more the private sector, the business or the public sector, the municipalities, the police, etc. These attacks increase, whereas the attacks against individual users are decreasing, "Lawson told CNN.

"I think our assessment is the following (which is targeted, that is) that has more money." An individual user, if his computer is affected by a ransomware, is sort of a cost-benefit analysis. Benefits: "I have this computer for five years. I will not pay you $ 300 to unlock my computer, I'll get another one. While for a corporate network, you lock the main controller or some essential records, it's a lot more complicated for them. So it probably depends on who is paying the money. "

Authors

The attacks are perpetrated by a wide variety of actors, ranging from criminal gangs to people who would work at least tangentially with the governments of their countries.

On occasion, international law enforcement agencies have been able to coordinate and arrest the attackers of the ransomware. In 2017, for example, a joint operation by six law enforcement agencies, including the FBI, arrested three suspects in Romania and two in Hungary, accused of leading the scam. CTB-Locker.

But just as often, when the US authorities have been able to identify and indict a person who, in their opinion, is responsible for an attack, they have been out of reach of the countries where they are. can not be extradited to the United States.

The United States said two Iranians were responsible for the two most destructive municipal ransomware attacks in the United States, Atlanta and Newark. The ransomware, called SamSam, has successfully extorted over $ 6 million in ransom, said the Justice Department, and caused more than $ 30 million in damages.

The two most destructive ransomware worms in the world, WannaCry and NotPetya, appeared a few months apart in 2017, reportedly being created in North Korea and Russia before losing control.

The FBI has probably identified other suspects, but the agency expects them to visit countries where the United States is able to coordinate arrests.

"We know who some of these people are," Lawson said. "It's not because we do not just say that it does not mean we may not expect that they're traveling somewhere where we can get them."

[ad_2]

Source link