2019 has been the “year of ransomware attacks on municipalities” according to Kaspersky security experts. This comes after the company’s researchers observed that at least 174 municipal institutions, with more than 3,000 subset organizations, have been targeted by ransomware during the last year. This represents a 60% increase at least, from the figure in 2018. While threat actors’ demands would sometimes reach up to $5,000,000, actual costs and damages sustained during attacks are estimated to be larger. These are among the main findings of Kaspersky’s Security Bulletin: Story of the Year 2019.

 

Ransomware is a notorious headache for the corporate sector, affecting businesses around the world for a number of years. As if that wasn’t enough, 2019 has seen the rapid development of an earlier trend, where malware distributors have targeted municipal organizations. Researchers note that while these targets might be less capable of paying a large ransom, they are more likely to agree to cybercriminals’ demands. Blocking any municipal services directly affects the welfare of citizens and results, not only in financial losses but other socially significant and sensitive consequences.

 

Judging by publicly available information, the ransom amounts varied greatly, reaching up to $5,300,000 and $1,032,460 on average. The researchers noted that these figures do not accurately represent the final costs of an attack, as the long-term consequences are far more devastating.

 

“One must always keep in mind that paying extortionists is a short-term solution which only encourages criminals and keeps them funded to quite possibly return. In addition, once the city has been attacked, the whole infrastructure is compromised and requires an incident investigation and a thorough audit. This inevitably results in costs that are additional to ransom. At the same time, based on our observations cities might be sometimes inclined to pay because they usually cover the cyber risks with the help of insurance and allocating budgets for incident response. However, the better approach would be also investing in proactive measures like proven security and backup solutions as well as regular security audit,“ comments Fedor Sinitsyn, a security researcher at Kaspersky.

 

“While the trend of attacks on municipalities is only growing, it can be stifled and nipped in the bud by adjusting the approach to cybersecurity and what is more important by the refusal to pay ransoms and broadcasting this decision as an official statement,” adds Fedor.

 

he malware that was most often cited as a culprit varies too, yet three families were named as the most notorious, by Kaspersky researchers: Ryuk, Purga and Stop. Ryuk appeared on the threat landscape for more than a year ago and has since been active all over the world, both in public and in the private sector. Its distribution model usually involves delivery via backdoor malware which in turn spreads by means of phishing with a malicious attachment disguised as a financial document. Purga malware has been known since 2016, yet only recently municipalities have been discovered to fall victims to this trojan, having various attack vectors – from phishing to brute force attacks. Stop cryptor is a relative novice as it is only one year old. It propagates by hiding inside software installers. This malware has been popular, number seven in the top 10 most popular cryptors ranking of Q3 2019.

 

To avoid such malware infiltrating organizations, Kaspersky has the following recommendations:

 

  • It is essential to install all security updates as soon as they appear. Most cyberattacks are possible by exploiting vulnerabilities that have already been reported and addressed, so installing the latest security updates lowers the chances of an attack

  • Protect remote access to corporate networks by VPN and use secure passwords for domain accounts.

  • Always update your operating system to eliminate recent vulnerabilities and use a robust security solution with updated databases

  • Always have fresh back-up copies of your files so you can replace them in case they are lost (e.g. due to malware or a broken device) and store them not only on the physical object but also in cloud storage for greater reliability

  • Remember that ransomware is a criminal offense. You shouldn’t pay a ransom. If you become a victim, report it to your local law enforcement agency. Try to find a decryptor on the internet first – some of them are available for free here: https://noransom.kaspersky.com

  • Educating the staff in cybersecurity hygiene is necessary to prevent attacks from happening. Kaspersky Interactive Protection Simulation Games offer a special scenario for local public administration that is focused on threats relevant for them.

  • Use a security solution for organization to protect business data from ransomware such as Kaspersky Endpoint Security for Business. The product has behavior detection, anomaly control and exploit prevention capabilities that detect known and unknown threats and prevent malicious activity.

  • One can enhance their preferred third-party security solution with free Kaspersky Anti-Ransomware Tool

 

Read the whole story of the year at Securelist.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 30 September 2017 9:58 AM | 495 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.. See More
 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 9:58 AM | 495 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.See More

 
Kaspersky Lab Challenges Whitehats to Find Flaws of IoT Devices in Global Competition
Techworld Date Posted: 25 October 2018 1:49 PM | 385 Views
Kaspersky Lab is inviting ethical hackers, known as whitehats, from across the world to test the security of smart devices and industrial systems as it launches its fourth international industrial Capture the Flag (CTF).... See More
 
Kaspersky Lab Challenges Whitehats to Find Flaws of IoT Devices in Global Competition
Techworld Date Posted: 1:49 PM | 385 Views
Kaspersky Lab is inviting ethical hackers, known as whitehats, from across the world to test the security of smart devices and industrial systems as it launches its fourth international industrial Capture the Flag (CTF)...See More

 
Fight for the Future: Kaspersky Partners with 20th Century Fox for Terminator Dark Fate
Techworld Date Posted: 4 October 2019 2:49 PM | 36 Views
Fight for the Future: Kaspersky Partners with 20th Century Fox for Terminator Dark Fate. See More
 
Fight for the Future: Kaspersky Partners with 20th Century Fox for Terminator Dark Fate
Techworld Date Posted: 2:49 PM | 36 Views
Fight for the Future: Kaspersky Partners with 20th Century Fox for Terminator Dark FateSee More

 
Philips Monitors Signs Partnership with Sony Pictures’ Spider-Man™: Far From Home
Techworld Date Posted: 1 July 2019 3:53 PM | 934 Views
Philips Monitors Signs Partnership with Sony Pictures’ Spider-Man™: Far From Home. See More
 
Philips Monitors Signs Partnership with Sony Pictures’ Spider-Man™: Far From Home
Techworld Date Posted: 3:53 PM | 934 Views
Philips Monitors Signs Partnership with Sony Pictures’ Spider-Man™: Far From HomeSee More

 
NVIDIA Supersizes PC Gaming with New Breed of Big Format Gaming Displays
Techworld Date Posted: 8 January 2018 4:42 PM | 520 Views
Created in conjunction with NVIDIA hardware partners Acer, ASUS and HP, BFGDs integrate a high-end 65-inch, 4K 120Hz HDR display with NVIDIA® G-SYNC® technology together with NVIDIA SHIELDTM, the world’s most advanced streaming device.. See More
 
NVIDIA Supersizes PC Gaming with New Breed of Big Format Gaming Displays
Techworld Date Posted: 4:42 PM | 520 Views
Created in conjunction with NVIDIA hardware partners Acer, ASUS and HP, BFGDs integrate a high-end 65-inch, 4K 120Hz HDR display with NVIDIA® G-SYNC® technology together with NVIDIA SHIELDTM, the world’s most advanced streaming device.See More

 
2018 Cyber Security Predictions
Techworld Date Posted: 16 December 2017 12:00 PM | 822 Views
This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. See More
 
2018 Cyber Security Predictions
Techworld Date Posted: 12:00 PM | 822 Views
This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defensesSee More

Frank Emmanuel Trazo
The Great White Mystery in Kona
Techworld • By: Frank Emmanuel Trazo | Date Posted: 6 September 2017 9:52 AM | 529 Views
Every hometown has its own tall tales. Such tales makes every community unique, interesting and historically significant. When these tales are translated into video games, gamers will get to know better about a hometown's.... See More
Frank Emmanuel Trazo
The Great White Mystery in Kona
Techworld • By: Frank Emmanuel Trazo | Date Posted: 9:52 AM | 529 Views
Every hometown has its own tall tales. Such tales makes every community unique, interesting and historically significant. When these tales are translated into video games, gamers will get to know better about a hometown's...See More

 
Realme Philippines to Reveal 3 Big Surprises at Realme 3 Launch
Techworld Date Posted: 14 March 2019 11:15 AM | 172 Views
Realme Philippines is all set to launch its newest offering in the Philippine market, the realme 3, on March 19. Delivering the best value in its price segments, realme Philippines further intensifies the game.... See More
 
Realme Philippines to Reveal 3 Big Surprises at Realme 3 Launch
Techworld Date Posted: 11:15 AM | 172 Views
Realme Philippines is all set to launch its newest offering in the Philippine market, the realme 3, on March 19. Delivering the best value in its price segments, realme Philippines further intensifies the game...See More

 
Transcend Announces New MSA450T mSATA 3D TLC SSD for Embedded Applications
Techworld Date Posted: 28 April 2018 4:47 PM | 178 Views
Transcend Information, Inc. (Transcend), a leading manufacturer of storage and multimedia products, is proud to announce the release of the MSA450T industrial solid-state drive equipped with 3D TLC NAND flash memory. The MSA450T comes.... See More
 
Transcend Announces New MSA450T mSATA 3D TLC SSD for Embedded Applications
Techworld Date Posted: 4:47 PM | 178 Views
Transcend Information, Inc. (Transcend), a leading manufacturer of storage and multimedia products, is proud to announce the release of the MSA450T industrial solid-state drive equipped with 3D TLC NAND flash memory. The MSA450T comes...See More

 
D-Link Covr-2202 Shines in HWM+HardwareZone.com Tech Awards 2019
Techworld Date Posted: 5 April 2019 10:24 AM | 51 Views
D-Link International Pte. Ltd., leading global provider of networking products, bagged the Editor’s Choice award at the 10th HWM + HardwareZone.com Tech Awards 2019. The company’s D-Link Covr-2202 was named Best Mesh Networking System.... See More
 
D-Link Covr-2202 Shines in HWM+HardwareZone.com Tech Awards 2019
Techworld Date Posted: 10:24 AM | 51 Views
D-Link International Pte. Ltd., leading global provider of networking products, bagged the Editor’s Choice award at the 10th HWM + HardwareZone.com Tech Awards 2019. The company’s D-Link Covr-2202 was named Best Mesh Networking System...See More


Power by

Download Free AZ | Free Wordpress Themes