Which is pretty easy to do. Employees open all kinds of chit. Corporations need a good IT Dept nowadays with all the Cyber risks so not surprising it happened to a municipality that probably is short on the budget and experienceAlmost all of those require a user on/in the system to open/execute a file.
.gov??It's 2019, how in the hell are organizations still being held hostage by ransomware?
Because sometimes their file backups are infected as well.I never understood why these folks dont back up and tell them to pound sand.
I didn't see it in this story, but a number of government offices have PAID the ransom to get their systems back. Not a good trend for others...I never understood why these folks dont back up and tell them to pound sand.
Then what’s the real scoop? PM if you’d rather, but as a guy responsible for systems that make it possible for hundreds of people to feed their families, I’m obviously very interested in knowing as much as possible about active threats.I spent the better part of last week dealing with the mess. Don’t beleive what you read.
It's reassuring to know that they are "...monitoring the situation..."https://www.kut.org/post/ransomware-attack-hits-local-governments-texas
I find this interesting along with Custom and Border Patrol computer system glitch.
Generally, don't believe in coincidences anymore.
^This is actually not something which is universally true.Almost all of those require a user on/in the system to open/execute a file.
Then what’s the real scoop? PM if you’d rather, but as a guy responsible for systems that make it possible for hundreds of people to feed their families, I’m obviously very interested in knowing as much as possible about active threats.
^This is actually not something which is universally true.
Depending on the specifics of any given scenario, there may possibly be any number of ways to remotely inject and execute malicious code without requiring any user interaction whatsoever, and we should never base what "could be" done on what "has been" done (publicly).
If it's still just the same ol' ransomware that encrypts every file the infected machine has access to, the question really is "why are people allowing access to such wide swaths of storage to low-trust workstations?"