City of Atlanta Shuts Down Due to Ransomware
-
The City of Atanta, Georgia has just posted an outage alert that they are offline and working with Microsoft to deal with ransomware. City employees have been instructed to unplug their computers. Payroll is one of the systems affected.
-
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
-
Owch.
-
And then they call Microsoft to bail them out, LMAO.
-
And it appears to be a variant of SAMSAM malware.... dammit, @scottalanmiller !!!
-
MS support... when the lowest cost bidder calls on the highest cost bidder and absolutely no one anywhere cares if anyone can do the jobs that they are paid to do.
-
@rojoloco said in City of Atlanta Shuts Down Due to Ransomware:
And it appears to be a variant of SAMSAM malware.... dammit, @scottalanmiller !!!
Tee hee
-
Hey this is fine, if the US Government gets to shutdown, certainly Atlanta deserves to do the same. . .
-
@dustinb3403 said in City of Atlanta Shuts Down Due to Ransomware:
Hey this is fine, if the US Government gets to shutdown, certainly Atlanta deserves to do the same. . .
Good point, this is how people get a vacation.
-
@rojoloco said in City of Atlanta Shuts Down Due to Ransomware:
And it appears to be a variant of SAMSAM malware.... dammit, @scottalanmiller !!!
Samsam = no joke
-
@eddiejennings said in City of Atlanta Shuts Down Due to Ransomware:
@rojoloco said in City of Atlanta Shuts Down Due to Ransomware:
And it appears to be a variant of SAMSAM malware.... dammit, @scottalanmiller !!!
Samsam = no joke
It's a bit of a joke at this point, it targets unpatched servers. There is no way that the City of Atlanta can not have been patching servers without knowing that they were creating this risk. Someone had to have accepted this risk and thought that it was just fine to get SamSam. This isn't a new ransomware and that systems must be patches absolutely immediately is beyond common knowledge. Unless this is a completely new variant targeting some totally new attack vector, there is zero excuse for this to have happened.
https://threatpost.com/new-server-side-ransomware-hitting-hospitals/117059/
-
Yeah. The method of entry is a joke. The havoc it and others can wreck isnโt.
-
@eddiejennings said in City of Atlanta Shuts Down Due to Ransomware:
Yeah. The method of entry is a joke. The havoc it and others can wreck isnโt.
All havoc that the city CIO must have accepted as "worth not patching" for whatever reason. Why Atlanta thought that this wasn't a big deal, we will never know. But that they felt that way must be known... or we have to assume a level of incompetence that's not reasonable to accept at any level of Atlanta's organization.
-
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unpatched and outdated Linux systems, too!
But those are less likely to be targeted...
-
@tim_g said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unmatched and outdated Linux systems, too!
But those are less likely to be targeted...
Microsoft products, even patched, put you at far greater risk both of getting infected and of being unable to get skilled staff to deal with the issue once it has happened.
-
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
@tim_g said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unmatched and outdated Linux systems, too!
But those are less likely to be targeted...
Microsoft products, even patched, put you at far greater risk both of getting infected and of being unable to get skilled staff to deal with the issue once it has happened.
Microsoft products are more highly targeted because more people use Windows on their PCs.
If it was reversed and more people ran Linux on their PCs, then that would be the target, and you'd see people with Linux machines getting infected who never update.
I agree on the skilled staff part.
-
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
@tim_g said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unmatched and outdated Linux systems, too!
But those are less likely to be targeted...
Microsoft products, even patched, put you at far greater risk both of getting infected and of being unable to get skilled staff to deal with the issue once it has happened.
This can happen to Linux as well, check this one out:
https://www.scmagazine.com/erebus-ransomware-attack-demanded-162-million-from-south-korean-firm/article/669604/ -
@dbeato said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
@tim_g said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unmatched and outdated Linux systems, too!
But those are less likely to be targeted...
Microsoft products, even patched, put you at far greater risk both of getting infected and of being unable to get skilled staff to deal with the issue once it has happened.
This can happen to Linux as well, check this one out:
https://www.scmagazine.com/erebus-ransomware-attack-demanded-162-million-from-south-korean-firm/article/669604/And this was for lack of patching...too
-
@dbeato said in City of Atlanta Shuts Down Due to Ransomware:
@dbeato said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
@tim_g said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unmatched and outdated Linux systems, too!
But those are less likely to be targeted...
Microsoft products, even patched, put you at far greater risk both of getting infected and of being unable to get skilled staff to deal with the issue once it has happened.
This can happen to Linux as well, check this one out:
https://www.scmagazine.com/erebus-ransomware-attack-demanded-162-million-from-south-korean-firm/article/669604/And this was for lack of patching...too
Exactly.
-
@dbeato said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
@tim_g said in City of Atlanta Shuts Down Due to Ransomware:
@scottalanmiller said in City of Atlanta Shuts Down Due to Ransomware:
Mistakes include... using Microsoft products for critical systems, LAN based security.... the usual
It's not Microsoft's software. It's the fact they aren't patching. There's some nasty shit that can happen to unmatched and outdated Linux systems, too!
But those are less likely to be targeted...
Microsoft products, even patched, put you at far greater risk both of getting infected and of being unable to get skilled staff to deal with the issue once it has happened.
This can happen to Linux as well, check this one out:
https://www.scmagazine.com/erebus-ransomware-attack-demanded-162-million-from-south-korean-firm/article/669604/Can happen, but much easier to patch Linux. Many fewer people thinking that patching is bad on Linux. Not patching Windows has become some kind of badge of pride in Windows circles.