The number of ransomware attacks reported each month around the world keeps growing and, according to network security specialists, this trend has a very simple explanation. Most victims of the encryption malware are unaware of the mitigation methods of such attacks, and sometimes they do not have a backup of the compromised information, so they have no choice but to pay the hackers to recover their data which only contributes to the financing of future malicious campaigns.
One of the worst possible scenarios is to
become a recurring victim of attackers, either because of the constant
development of malware or because we simply haven’t learned our lesson. This is
the case for officials from Lincoln County, North Carolina, who have reported
the second case of ransomware
infection in just two weeks.
According to the state network security
experts, the first incident was detected on July 26. According to the mayor’s
office report, threat actors infected county networks, encrypting access to
employees’ computers, as well as taking control of Lincoln’s website.
The second incident occurred last Tuesday night
and had a greater impact than the first attack, crippling communications
throughout the county, as well as some computer systems used by the North
Carolina Police. Authorities say the perpetrators have not contacted them to
demand a ransom so far.
“This couple of incidents has put a lot of
things in perspective for us, mainly on the measures we need to take to make
our IT systems as secure as possible,” said Roy Cooper, North Carolina
Governor.
Unfortunately, this is not the only incident
that the state’s team of network security experts has recently reported. A few
weeks ago, it was reported that the computer systems in Anson and Concrod
counties were under attack. “Becoming a victim of ransomware is so easy
that you just need to click on a pop-up window or interact with a malicious
email”, the experts added.
This was exactly what happened in the late 2017
ransomware incident in Mecklenburg County. A public employee received an email
with a malicious attachment that he downloaded to his computer, leaving the
door open for hackers to enter county networks. On that occasion, the
ransomware encrypted 48 servers, stopping multiple public systems.
The hackers demanded a ransom of more than $20k
USD to restore access to locked servers. “It has to be said that it will
take several days to address the inconveniences,” the then mayor of the
county said. Mecklenburg officials decided not to pay the hackers and implement
their own measures to regain access to the compromised information.
Network security experts from the International
Institute of Cyber Security (IICS) have reported multiple similar incidents
against other county IT systems in states such as Florida, Louisiana, New York,
among others. Hackers’ interest in attacking public organizations seems to grow
as new variants of encryption malware
are developed and, if that were not enough, attackers are not concerned about
attracting attention by infecting law enforcement networks in various U.S.
territories.
