“We Have Your Data And If You Ever Want To See Them Again…”
As reported on Jan-30 in the The Register, and in earlier reporting, Ransomware killed nearly 70% of Washington DC’s closed-circuit TV (CCTV) ahead of the inauguration
Criminals infected nearly 70 percent of storage devices tied to closed-circuit TVs in Washington DC eight days before the inauguration of President Donald Trump. If the storage devices go down, there is no video to review in the event of a crime. No video of pre-crime staging and planning. This essentially renders the system blind to the things we want to be able too monitor. Nice timing!
What was the impact of the ransomware? The Register reports that “the ransomware infection downed 123 of its 187 network video recorders, each controlling up to four CCTVs, and forced the city to wipe its affected IT systems which it says did not include deeper componentry of the Washington DC network." That means a full 65-percent of the DC Police cameras were completely down and no one knew for quite awhile. Wow!
"Public space cameras were out of action between 12 and 15 January.” Three-days of no video recording?! And something that has been underreported and is an oddity in itself, DC "police eventually noticed four were not recording", The Washington Post reports. Eventually noticed?? What, no one is monitoring or managing these systems on an on-going basis, at least once-daily? Holy cow! This is awful and this was no accident. Nor was it the work of script-kiddies. This was the work of real hackers. It was deliberate, timed, and malicious.
How did the DC Police IT department respond?? Technicians wiped and rebooted the devices across the city and did not pay ransom demands. Oh thank heaven they didn’t pay ransom! LOL.
You’re asking now: “What about the data?”
Not surprisingly, no one has reported if valuable data was lost, or "if the encrypted data was decrypted for free, or if the ransomware merely crippled the affected network devices.” So, under that lack of a response, go ahead and assume a lot of valuable data was lost. That would be a bad mark on someone’s record and performance evaluation and we’ll just sweep it under the rug. You know, the type for which people get fired in the private sector.
What can you do to keep from losing your data or getting fired if you are ever hit with a Ransomware demand? A team of White Hat Hackers may be able to help. These are folks who know all the tricks the bad guys use but have not crossed over to the Dark Side. The Register suggests that "victims unable to restore encrypted data with clean back-ups need not always pay ransoms; many malware variants have been undone by white hack hackers working under the No More Ransom Alliance, a recent outfit focused on finding and exploiting holes in ransomware that allows free file decryption."
Be vigilant in protecting your systems. Use smart-passwords wherever possible and don’t open unsolicited e-mails or click on web-links wily-nily. Think first and then proceed. Unless, of course, you don’t mind losing all of your personal files and photos. Listen to our friends at The Register: “The exploding number of ransomware forms hitting end users and enterprises is stunning.”
Safe computing my friends.