Ransomware hits 23 local Texas governments.

On August 16, the state of Texas reported that 23 local governments had been hit with a ransomware attack. The Texas Department of Information Resources stated in their report that the attacks were performed by a single threat actor. 

The affected government systems remain offline three days later. 

These attacks are growing more common.

Hackers have been increasingly targeting state and local governments with ransomware and having great success doing so. A trio of Florida cities were affected by ransomware in June. Those attacks cost upwards of $1.1 million. The city of Baltimore refused to pay a May ransomware attack and the estimate to rebuild the city’s systems is upwards of $18 million.

As of July 2019, ransomware attacks have hit at least 170 county, city, or state government systems in the United States since 2013. Moreover, 22 of those attacks occurred in the first half of 2019, according to The U.S. Conference of Mayors.

“Threat Education is a more critical component of cybersecurity than most are willing to recognize,” said Steve Condit, Director of Partner Development at ITonDemand. “Every staff member is a potential vulnerability. Proper cybersecurity training is a necessity for all organizations in 2019.”

What are some security best practices? 

• It is everyone’s responsibility to remain cyber aware and practice information safety.
• Do not open suspicious or unexpected links or attachments in emails.
• Hover over hyperlinks in emails to verify they are going to the anticipated site.
• Be aware of malicious actors attempting to impersonate legitimate staff, and check the email sender name against the sender’s email address.
• Use unique strong passwords or pass-phrases for all accounts.
• Do not provide personal or organizational information unless you are certain of the requestor’s authority, identity, and legitimacy.
• Alert ITonDemand HelpDesk if you have any concerns about the legitimacy of any email, attachment, or link.

Other Articles You Might Be Interested In:

Zoom Vulnerability

A major security vulnerability was recently discovered that affects all Mac users who have used Zoom video conferencing.

This vulnerability also affects RingCentral users, as RingCentral white labels their video conferencing with Zoom.

This allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission.

A step further, the vulnerability allows any site to DOS (Denial-of-service) a Mac user by repeatedly joining them to an invalid call. 

On July 8th, Jonathan Leitschuh, a security researcher identified the vulnerability saying:

“Additionally, if you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.”

Zoom CEO, Eric Yuan has stated that a recent update fixes the issue and emphasized an increased focus on security to further protect users privacy.

Other Articles You Might Be Interested In: