Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Flyslinger2
Community Champion
‎06-20-2019 09:58 AM
‎06-20-2019 09:58 AM

Baltimore vs Riviera Beach or No Ransom vs Ransom

Some really good conversation has taken place on here regarding the handling of the demands hackers place on individuals or organizations, specifically for ransomware.  I'm not entirely opposed to paying a ransom especially if the payment can be tracked! And what can't be tracked these days?

 

I've posted several articles about the woes of Baltimore.  I sure hope the voters of BaltoCity hold their elected officials feet to the fire regarding that fiasco.  They can dump a ton of money into programs that ultimately reap no benefits other then to buy votes instead of supporting their police and IT infrastructure.

 

Now another city is in the news. This time they are going the route of meeting the hackers demands.  It will be interesting to see if this plan will work any better then what BaltoCity did. I've not seen new estimates of the cost to them since the last article I shared here.

Reply
3 Replies
AppDefects
Community Champion
‎06-20-2019 02:24 PM
‎06-20-2019 02:24 PM

Settle ransomware fast! That motto is beginning to resonated throughout local government in America. Middleman payments are becoming very popular and we are seeing lots of new tracking tools like this one.

Reply
0 Kudos
emb021
Advocate I
‎06-20-2019 02:30 PM
‎06-20-2019 02:30 PM

You do have to wonder about how this happened and what could the IT folks done to either prevent or minimize this, and to what degree were they hampered by city government.

 

For instance, how did the ransomware get it such that someone could click on a link.  No email filtering or the like to prevent this?  

If this was due to someone in the policy department clicking a link, how was it that other city departments were affected, such as 911, HR/finance, etc.  We hear that 911 was affected, policy couldn't enter tickets, and paychecks weren't being issued.  Why wasn't the network segregated to prevent lateral moves like this.

 

Also, what about backups?  Couldn't they wipe and restore, or where those affected as well.

 

I would really like to see a detailed technical postmortem with lessons learned that others can use.  But am sure that won't happen.  Which is frustrating because this sort of information can help others ensure that issues they see in their environment are addressed ("hey, if we don't fix X, we could be affected just like these guys were, as they had the same situation")

 

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Reply
0 Kudos
Leoh
Newcomer I
‎06-20-2019 03:08 PM
‎06-20-2019 03:08 PM

My best guess is that there is not enough money to implement best practices at every single level of government. Our military still uses Win Xp. I have veterans going to college with me and they were pretty open about that. Also, it does not help when employees are not educated or choose to be lazy or careless. 

Reply
0 Kudos