Join TexasGunTalk

Ransomware Attack Hits Local Governments In Texas

Discussion in 'News Articles' started by Bobk, Aug 17, 2019.

  1. Brains

    Brains IQ: 47

    3,926
    1,932
    113
    Apr 9, 2013
    Cypress
    Then what’s the real scoop? PM if you’d rather, but as a guy responsible for systems that make it possible for hundreds of people to feed their families, I’m obviously very interested in knowing as much as possible about active threats.
     


    studenygreg and Darkpriest667 like this.
  2. WAYnorthTX

    WAYnorthTX Active Member

    373
    385
    63
    Aug 6, 2019
    Way Up North
    What ? You mean that someone is telling the government what to do or face some unpleasant consequences ? Kind of like what the government does to US every day ? Interesting !
     
    TheMailMan and Inspector43 like this.
  3. Inspector43

    Inspector43 Everything I Own Is Paid For

    710
    774
    93
    Jul 12, 2017
    Colorado County, Texas
  4. CyberWolf

    CyberWolf Active Member

    251
    309
    63
    Aug 22, 2018
    US
    ^This is actually not something which is universally true.

    Depending on the specifics of any given scenario, there may possibly be any number of ways to remotely inject and execute malicious code without requiring any user interaction whatsoever, and we should never base what "could be" done on what "has been" done (publicly).
     
    birddog and Tcruse like this.
  5. Bozz10mm

    Bozz10mm TGT Addict TGT Supporter

    5,396
    1,952
    113
    Oct 5, 2013
    Georgetown
    I always wondered about these ransomware attacks. Windows has system recovery. You can set it back to the way it was at certain points in time. Does that not work for ransomware?
     
  6. ZX9RCAM

    ZX9RCAM Over the Rainbow bridge... TGT Supporter

    36,805
    10,864
    113
    May 14, 2008
    The Woodlands, Tx.
    It's the personal/business files which get locked up.
    Any pics, info, etc....
     
    vmax likes this.
  7. Darkpriest667

    Darkpriest667 Actually Attends


    No need to PM Baltimore wanted my department (at Dell) to send 2 guys to replace 10 thousand hard drives, we told them there was no need to replace the drives if they just planned to wipe the data.

    These attacks are really simple to get. Some dumbass on your domain downloads a file they aren't supposed to and either the GPO or firewall doesn't catch it and boom you're done. By the time you get the message depending on how big your file system is (and on government domains I have to believe we're dealing with massive amounts of data) It could have been weeks or months before the ransomware notifies you all of your files are encrypted.

    We've also had requests from at least 8 other metropolitan governments and a few states. Can't really talk about that, but the Baltimore thing is public knowledge.
     
    majormadmax likes this.
  8. Brains

    Brains IQ: 47

    3,926
    1,932
    113
    Apr 9, 2013
    Cypress
    If it's still just the same ol' ransomware that encrypts every file the infected machine has access to, the question really is "why are people allowing access to such wide swaths of storage to low-trust workstations?"

    Speaking of Dell, got any buddy deals for an older filer? I'd like to check out something like an Equallogic PS6xxx series.
     
    TheDan and toddnjoyce like this.
  9. birddog

    birddog bullshit meter

    3,600
    5,427
    113
    Mar 4, 2008
    nunya
    An example would be websites or applications with a browser based user schema that uses third party code repositories and may not know it, or if they do, what it does or have any control over it.
     
    Last edited: Aug 19, 2019
  10. cdb

    cdb New Member TGT Supporter

    45
    29
    18
    Feb 22, 2018
    Livingston, TX
    I expect it's more a case of the malicious code starting on a workstation then jumping to a higher-level administrative system via privilege escalation or service exploit or some-such where it can run amok on the full network and it's attached storage.
     


    Darkpriest667 and SQLGeek like this.

Share This Page