Ransomware: Baltimore

Right now the City of Baltimore public offices are being held for ransom. Key files have been encrypted and city workers can not use their work email accounts or conduct many of their routine duties. The anonymous crooks are demanding ~$76,000 in bitcoin. As we all know by now, paying the ransom can’t guarantee the city will get all of its data back.

All four independent contractors hired to study the attack determined the ransomware variety to be EternalBlue. This exploit was developed by the NSA and leaked online in October 2017.

As Baltimore continues to endure it’s 5th week under siege, we need to continue to keep in mind the best practices that keep us safe online.

Here are 7 tips from Norton Antivirus

1. Do not pay the ransom. It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
2. Restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to regain access to your data.
3. Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
4. Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.
5. Do employ content scanning and filtering on your mail servers. Inbound e-mails should be scanned for known threats and should block any attachment types that could pose a threat.
6. Do make sure that all systems and software are up-to-date with relevant patches. Exploit kits hosted on compromised websites are commonly used to spread malware. Regular patching of vulnerable software is necessary to help prevent infection.
7. If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi like Norton Secure VPN.