« 6TH POPE Home | Email msg. | Reply to msg. | Post new | Board info. Previous | Home | Next

Re: How One Texas Town Dealt with an Early Ransomware Attack 

By: Zimbler0 in 6TH POPE | Recommend this post (1)
Tue, 27 Jul 21 1:14 AM | 39 view(s)
Boardmark this board | 6th Edition Pope Board
Msg. 20635 of 60008
(This msg. is a reply to 20632 by Beldin)

Jump:
Jump to board:
Jump to msg. #

Well, yeah.
The shop where I used to work had a PC in it - connected
to various Servers etc. etc.

I got one of those 'ransomware' thingies which locked
up the machine.

Fortunately for me, the Guru had set things up such
that the C Drive was auto-magically backed up to a
second much larger internal hard drive. All I had
to do was boot off the magic USB stick and tell it
to restore yesterdays backup. Right back where it
had left off - minus the ransomware hack.

(Anything important was supposed to be stored on the
Company servers - which were also backed up once a day.)

Zim.




Avatar

Mad Poet Strikes Again.




» You can also:
- - - - -
The above is a reply to the following message:
How One Texas Town Dealt with an Early Ransomware Attack
By: Beldin
in 6TH POPE
Mon, 26 Jul 21 10:30 PM
Msg. 20632 of 60008

http://www.breitbart.com/politics/2021/07/26/how-one-texas-town-dealt-with-an-early-ransomware-attack/

By Lucas Nolan
Breitbart
July 26, 2021

In 2019 the city of Borger, Texas, dealt with one of the earliest ransomware attacks in a recent series of Russia-based hacks. Although some services were disrupted, the town had most of its files backed up and essential services remained up. The town did not pay the $2.5 million ransom demanded by the hackers.

TechXplore reports that in 2019, the city of Borger, Texas, was targeted in a ransomware attack conducted by affiliates of the Russia-based crime syndicate REvil in one of the earliest examples of a major ransomware attack on a U.S. city government.

In 2019, ransomware attacks had taken place but had yet to become one of the biggest national security concerns in the United States; now ransomware attacks have become a major concern in the U.S., gaining publicity following the hack of Colonial Pipeline.

Borger, Texas, saw its city’s digital infrastructure fall apart within a matter of days following the ransomware attack; workers were frozen out of files completely, printers printed demands for money, residents were unable to pay water bills, the government couldn’t process its payroll, and police officers couldn’t gain access to certain records.

“It was just a scary feeling,” said Jason Whisler, Borger’s emergency management coordinator. The afternoon that the attack took place, the city manager of Vernon emailed colleagues about a “ransom type” virus affecting the police department, stating that the city was instructed it could get back online by paying the $2.5 million that hackers were demanding. “Holy moly!!!!!” replied city commissioner Pam Gosline, now the mayor.

The hackers gained access to the city’s systems by targeting a Texas firm called TSM Consulitng Serivces Inc. that provides technology services to local governments. At 2:00 a.m., the firms’ president Richard Myers received a phone call where he was informed that one of his client’s servers was unresponsive.

After inspecting the server, Myers noticed that someone who wasn’t supposed to have access to the system was attempting to install something remotely. He rebooted the server and the issue seemed to be fixed, but the next day the department called back to inform Myers that one of its laptops had a ransom note on it.

“I don’t think you can begin to express the terror that goes through your mind when something like that starts to unfold,” he said.

Because the city had paid for offsite remote backup, Borger was able to reformat servers, reinstall the operating system, and restore much of the now encrypted ransomware data. A newly purchased server was used to host much of the restored data. A combination of appropriate backups and the ability to manually control critical infrastructure like the town’s water treatment plant made the attack much less successful than more recent ransomware attacks.

Read more about efforts to restore the city’s infrastructure at TechXplore here.


« 6TH POPE Home | Email msg. | Reply to msg. | Post new | Board info. Previous | Home | Next