今年2月,加州奥克兰市经历了一场备受瞩目的 ransomware攻击 这迫使他们采取了几个 系统离线 宣布当地进入紧急状态.
The City of Oakl和 was targeted by the PLAY ransomware gang 和 the attackers were able to steal 敏感数据 from the city’s systems which included personal information of city employees (birthdates, 地址, 社会安全号码, 等.)以及财务记录.
除了, highly confidential records including Internal Affair investigations of the Oakl和 Police department 和 civilian city employees, 还有揭露告密者身份的记录, 也参与了泄密吗. This type of data takes the risk a step further from identity theft 和 can very well put 人 in physical danger.
This week, the hackers made good on their ultimatum 和 released nearly 10 gb of data on their website, which has attracted more than 1,100 visitors as of this article.
Initial reports stated this data was mostly financial 和 personal information that is used for identity theft, as opposed to the confidential law enforcement 和 whistleblower records – but that may be intentional by the hackers, who are possibly saving the more dangerous data for the next wave to be released.
The PLAY ransomware gang has signaled this is the first of many data leaks until their dem和s are met. 具体这些要求是什么还没有得到证实, 但有报道称,该勒索软件团伙索要的赎金高达 900万美元 对于文件.
Ransomware attacks have become increasingly common in the government sector in recent years, due to the large-scale impact an attack can have on an entire city or municipality. In fact, 12% of all ransomware攻击s in 2022 were on municipalities, according to an 行业调查 ——而这仅仅是报告的勒索软件攻击数量的12%, 这个数字远低于实际情况.
The City of Oakl和 has confirmed they are working with law enforcement, 包括联邦调查局, 和 with a third-party organization to restore any impacted systems. 他们还为那些怀疑的人提供资源, 或者可能知道, that their information was part of the attack (or leak) including credit monitoring 和 freezes.
For more information on the City of Oakl和 attack, mitigation or victim resources, please visit www.oakl和ca.gov/news/2023/city-of-oakl和-targeted-by-ransomware-attack-core-services-not-affected.
如何避免勒索软件攻击
所有行业的勒索软件攻击都在增加. This is why it is more important than ever to take preventative steps to safeguard your organization, 人, 和数据, 包括:
- Keeping IT systems up to date with the latest patches 和 anti-virus software
- Protecting data with strong password policies 和 back up schedules
- 本地化和执行强大的数据保留策略
- 培训员工 保安意识培训 to recognize, avoid, 和 report potential phishing or malware attacks
- 开发一个彻底的 事件应变计划,同时还有 业务连续性计划 和 灾难恢复计划
预防措施,如 IT风险评估 和 第三方风险管理 can also assist in identifying high risk areas where Ransomware attacks are more likely to occur.
有了这些控制, organizations can better minimize 和 mitigate the damage 和 ensure an expedited recovery effort. It’s paramount to implement these controls early to minimize the potential risks.
A proactive approach to addressing cybersecurity risks can be the difference between identifying 和 preventing a malicious event such as a ransomware攻击.
关于施耐德唐斯网络安全
The bet9游戏平台 cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, 入侵防御/检测审查, ransomware安全, vulnerability assessments 和 a robust digital forensics 和 incident response team. 除了, our Digital 法医s 和 Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
想要了解情况? 订阅我们的双周通讯,关注网络安全,网址 z20y.comzuo.com/subscribe.
要了解更多信息,请访问我们专门的 网络安全 页面.