Ransomware news of the day

    1.) Computers in the city of Greenville are said to be still reigning under the cyber attack which took place last Wednesday. And Greenville city’s spokesperson Brock Letchworth said that the IT staff are now not in a position to assure a timeline for the recovery of servers.

    FBI personnel have been pressed into service to investigate the incident. Meanwhile, a third party security firm has assured that it has several possibilities to recover the entire encrypted database.
    Details of the ransomware variant which has encrypted the data and the ransom demand are yet to be known.

    2.) The Stone Mountain Memorial Association (SMMA) has made it official that it has partially recovered from the ransomware which it suffered last week.

    John Bankhead, the spokesperson from the association based in Stone Mountain Park assured that the data related to public and sensitive info was not compromised in the incident. He stated that it could take several days to recover the entire encrypted database of SMMA through backups.

    However, paying to hackers is ruled out as the entire database is being backed up on a regular note.

    3.) Coming to the third news related to ransomware, Cybersecurity Insiders has learned that a new kind of ransomware variant called NamPoHyu Virus, also called as MegaLocker Virus is said to be targeting its victims in a different way. The hackers who are spreading this malware is said to be running the ransomware on a local computer and are seen encrypting the databases of Samba Servers which are accessible on a remote basis.

    Technically speaking, this is possible by launching brute force password attacks on Samba Servers and then remotely encrypting the files and creating ransom notes.

    Shodan reports that they are almost 500,000 Samba Servers operating across the world. And if NamPoHyu aka Megalocker Virus hits at least half of them, then the attack can emerge as the second biggest ransomware attack after Wannacry of 2017.

    Conclusion

    The only way to keep your device or network isolated from such ransomware attacks is to back up your data on a regular note, never open attachments when sent from unknown senders, use anti-malware scanning tools to detect attacks on time, and never connect your Remote Desktop Services directly to the web. Also make sure that all the security updates are installed on your personal computer and programs such as Java, Adobe, and Flash are of the latest version. Never use the same password on multiple sites and always craft a strong alpha-numeric password while accessing online services.

    Ad
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display