Alabama ransomware attack is painful reminder to think before clicking on email
With few resources to stay on top of security, local governments especially vulnerable
By Bob Sullivan, ThirdCertainty
Last week, if you wanted a vehicle tag or a license in Montgomery County, Alabama, you were out of luck.
Hackers knocked many county computers offline with a ransomware attack, local officials say. The probate office took the worst of the attack, which hit late Monday, so business licenses, marriage licenses, and vehicle tags were all unavailable. (Driver’s license systems were not impacted.) So was the county sheriff’s website.
Hackers request bitcoins
“We noticed the system was acting up at about 4:55 p.m. Monday, and this morning we were locked out. That’s when we were given a ransom. They said they wanted ‘bitcoins,’” Hannah Hawk, manager of public affairs for Montgomery County, told the Montgomery Advertiser. “Due to the attack, the county’s system has been locked up, and services the county provides will be impacted.”
Related article: Smaller organizations, agencies must defend new digital risks
In what may or may not be a related incident, security firm Barracuda Networks said it was monitoring widespread ransomware attacks that began last Monday. The firm says it detected some 20 million booby-trapped emails laced with ransomware during a single 24-hour period; an update says a total of 27 million emails have been captured.
“These attacks are wrapped in either an Herbalife-branded email or a generic email that impersonates a ‘copier’ file delivery,” Barracuda said.
Emails come from around the world
A majority of the emails originate in Vietnam, the firm says, but some also are sent from computers in India, Colombia, Turkey and Greece.
As is typical in a ransomware attack, victims who are tricked into opening the attached file can have their files encrypted and must pay the attackers to restore those files.
Consumers should never open unexpected attachments, even if they appear to come from friends or trusted companies.
Small government agencies in cross-hairs
Local government computer systems are a favorite target for hackers; many smaller agencies have fewer resources to keep security systems up to date. There were several similar incidents in Ohio last year. One county’s court systems were locked, and the agency ended up paying $2,500 to restore them, for example. The problem got so bad that Ohio Auditor of State Dave Yost actually held a news conference urging local governments to stop falling for the scams.
“We’re not the first entity to go through this. We are working diligently to get things restored,” said Lou Lalacci, Montgomery County’s chief information and technology officer, to MontgomeryAdvertiser.com. “No personal information has been compromised.”
More stories related to ransomware:
Steps to avoid being infected by the ransomware pandemic
Ransomware attacks are a fact of life, so real-time detection, response is critical
Evolution of a threat: Expect ransomware targets, methods to broaden