Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

interestrateripoff

Lincolnshire County Council Shut Down All It Systems Due To Ransomware

Recommended Posts

http://www.theregister.co.uk/2016/01/28/lincolnshire_council/

Exclusive The Register has learned that Lincolnshire County Council has been hit by ransomware, leading it to turn off all of its networks' computers yesterday.

As reported yesterday, Lincolnshire County Council shut down all of its computers after an alleged 0-day attack began to spread throughout its systems.

The Register has now learned that the malware infecting the council's systems was ransomware, a malicious program which takes hold of a computer and encrypts its contents rendering them inaccessible to the user.

This form of malware then demands a ransom from the user - often to be paid in virtual currency Bitcoin - in order to decrypt and make accessible the computer's files.

The Register was informed that the council had been hit by the Crypto Locker ransomware, which does not use 0-day vulnerabilities (previously undisclosed vulnerabilities in software which the software's authors have "0 days" to patch), as it first reared its head in September 2013.

Similar malware has been spotted since then, however, with newer vulnerabilities exploited. Many of these have utilised a insecure encryption algorithm. Security companies have often provided decryption utilities for those affected by such malicious software.

It is understood that the ransomware took root in Lincolnshire's systems after a staff member opened a dodgy email attachment - the most common attack vector for cybercriminals.

http://www.lincs-chamber.co.uk/7-simple-rules-to-stop-ransomware

7 simple rules to stop Ransomware

Rule # 1. Make sure your computer system is protected at all times - use a reputable and up-to-date anti-virus system and run periodic scans with a trusted anti-malware product. Without a protection your system is vulnerable to online threat.

Rule # 2. Stay vigilant and do not open any .zip or .pdf attachment on an email, from an unexpected or unknown sender.

Rule # 3. If you receive an unexpected email from someone you know get in touch with that person to confirm the source of this email first – the sender’s system may itself have been infected with something nasty.

Rule # 4. Surf smart - try to only visit sites you know and trust.

Rule # 5. If you visit a new site, be vigilant to any type of warning signs in your browser, this may be a first signal that you are on a malicious site.

Rule # 6. Be careful when inserting media into your computer or anywhere on the network – this is a way ransomware and other malware is transmitted and spread.

Rule # 7. Importantly, have a backup in place with a retention policy. Data backup needs to be an integrated part of your business. The best backup systems are automated, managed and monitored and are fast to recover if the worst happens.

Easy to get this stuff into a large network and then it wreaks havoc.

Share this post


Link to post
Share on other sites

They should employ me! There are both administrative, and technical resolutions to this, but idiocy accounts for most "problems".

Share this post


Link to post
Share on other sites

They should employ me! There are both administrative, and technical resolutions to this, but idiocy accounts for most "problems".

Not sure if its idiocy, but rather people dont really care that much as its not 'their' computer or files. I've known a couple of tech savvy people who are quite meticulous when it comes to their home computers security, never opening unknown emails and so forth, but opening any old email at their workplace, and infecting the companies computers more than once.

Share this post


Link to post
Share on other sites

Not surprising when "corporate spam" is the biggest email nuisance in my inbox. I have no interest in "Claudio" now being head of marketing in the Turin office, but thanks for the PowerPoint presentation of his "vision".8-(

Share this post


Link to post
Share on other sites

I got a call from a call centre asking me to open up windows so they can access my computer. A bit like this - but this guy trolled them back lol

Share this post


Link to post
Share on other sites
7 simple rules to stop Ransomware

Rule # 1. Make sure your computer system is protected at all times - use a reputable and up-to-date anti-virus system and run periodic scans with a trusted anti-malware product. Without a protection your system is vulnerable to online threat.

Rule # 2. Stay vigilant and do not open any .zip or .pdf attachment on an email, from an unexpected or unknown sender.

Rule # 3. If you receive an unexpected email from someone you know get in touch with that person to confirm the source of this email first – the sender’s system may itself have been infected with something nasty.

Rule # 4. Surf smart - try to only visit sites you know and trust.

Rule # 5. If you visit a new site, be vigilant to any type of warning signs in your browser, this may be a first signal that you are on a malicious site.

Rule # 6. Be careful when inserting media into your computer or anywhere on the network – this is a way ransomware and other malware is transmitted and spread.

Rule # 7. Importantly, have a backup in place with a retention policy. Data backup needs to be an integrated part of your business. The best backup systems are automated, managed and monitored and are fast to recover if the worst happens.

Rule # 8: Don't run windows

Share this post


Link to post
Share on other sites

Not sure if its idiocy, but rather people dont really care that much as its not 'their' computer or files. I've known a couple of tech savvy people who are quite meticulous when it comes to their home computers security, never opening unknown emails and so forth, but opening any old email at their workplace, and infecting the companies computers more than once.

Partly this but also Councils employing a lot of cheap temporary staff for data entry and suchlike; they have a vast number of people accessing their network and it only needs one to be careless.

Also in my direct experience in order to save money Councils sit on old versions of Windows and Office as long as they can because each upgrade costs money both internally and externally; they plan their upgrades to coincide with the withdrawal of support on their current version. I think this would make them more vulnerable but maybe it's an advantage. I'll let the IT experts on here advise.

Share this post


Link to post
Share on other sites

They should employ me! There are both administrative, and technical resolutions to this, but idiocy accounts for most "problems".

I work for a really big IT company. Even so, when one my (developer) co-worker's PC started showing obvious symptoms of ransomware-infection, it still took over an hour for the off-shored desktop support team to tell him to disconnect it from the corporate network. Their support scripts only work when they can remotely connect to the PC. Fortunately in that case the ransomware wasn't quick-spreading.

Share this post


Link to post
Share on other sites

I work for a really big IT company. Even so, when one my (developer) co-worker's PC started showing obvious symptoms of ransomware-infection, it still took over an hour for the off-shored desktop support team to tell him to disconnect it from the corporate network. Their support scripts only work when they can remotely connect to the PC. Fortunately in that case the ransomware wasn't quick-spreading.

Tell me about offshore support. I have experienced it. My current support is only in Southampton. Eventually our local person has to do something. Still that's the way big companies work.

Share this post


Link to post
Share on other sites

Same thing happened at 2 councils I work at.

Zero day attacks and very convincing phising emails e.g plausible email sent to accounts officers computer with attached invoice.

One was shut down and isolated immediately, no problems other than on the PC and a few hours of work on a spreadsheet lost.

Other ran for half an hour and encrypted an entire network directory. Had to restore from day before so half a days work for 300 people lost.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   24 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.