Las Vegas With Rubrik Versus Ransomware: 1-0

/in

On January 7, at 4:30 a.m., the website and several city services were taken offline by a ransomware attack, which local press have speculated came from an phishing attack over email. A little over 24 hours later, the City of Las Vegas has returned to normal, almost like the attack never took place. The City of Las Vegas tweeted: “Following yesterday’s cyber compromise, we have resumed full operations with all data systems functioning as normal.  Thanks to our software security systems and fast action by our IT staff, we were fortunate to avoid what had the potential to be a devastating situation.” A follow-up tweet reassured followers that no data was lost and no personal data taken.

With more than 45 million visitors a year and over 2.1 million residents, the City of Las Vegas moved to Rubrik because it met their needs for flexibility, price, and speed. Lester Lewis, Deputy IT Director, said about their decision to use Rubrik over other services: “Rubrik is a very important partner in how we do business now because we made the decision to be a smart city and collect all this data, so we had to make a decision to protect all the data.”

The decision that they made to protect their data paid off. Because they switched to Rubrik, the City of Las Vegas was able to restore quickly and prevent any down time of critical services.

Ransomware has become the plague of the last decade, and is looking like it will be continuing to be an issue into the next. Each year, ransomware attacks cost businesses $75 billion (source: Datto). Ransomware is a type of malware that encrypts the users data on the computer that it has infected and holds the data hostage until the users pays whoever is responsible for the malware in exchange for the encryption key. Ransomware can be close to impossible to decrypt without the key and even if the user pays the ransom demand, it is not guaranteed that they will get all of their data back. If the user does not pay the ransom demand, the encryption key is deleted, and if the user doesn’t have any other technology in place, the data is lost forever. 

A month earlier, the Pittsburg Unified School District was also subject to a ransomware attack. However, they were not prepared, and consequently were unable to get services back in time for school to start weeks after the attack. The school district welcomed their students back without any laptops or internet. School emails were not accessible, so the school resulted to only using phones. 

Pittsburgs Unified School District is not the only organization to be affected. Baltimore City government was hit with a ransomware attack in 2019, with estimated losses at $18 million. Other cities like New Orleans, New York City, Riviera Beach, and at least 85 others were also subject to ransomware attacks and suffered losses in 2019.

Microsoft Releases Critical Security Vulnerability For Microsoft 10 and Microsoft Server 2016/2019

/in ,

Windows administrators around the world are working overtime to update their Windows equipment after Microsoft released a patch on January 14 for critical security vulnerabilities in Microsoft 10 and Microsoft Server 2016, 2019, and more. Now, more than 900 million devices that run on these programs are in need of an update!

One of the critical vulnerabilities in Windows CryptoAPI (which allows organizations to “sign” their applications and validate the app’s authenticity) would allow malware to be disguised as trustworthy, effectively fooling users and antivirus software. Read about all the vulnerabilities here.

Let’s Recap: Where Have We Seen This Before?

The National Security Agency (NSA) discovered another vulnerability in Microsoft systems years ago and weaponized the vulnerability, calling it Eternal Blue. In 2017, the NSA disclosed the weakness to Microsoft, who then patched the bug and released the software fix to the public…. Is this starting to sound familiar?

Here’s where it went wrong: after Microsoft released the patches, Eternal Blue was leaked by a hacker group called the Shadow Brokers to the web. One month later, the worldwide WannaCry ransomware attack unfolded, exploiting unpatched computers.

The NSA seems to be trying to turn things around this time by disclosing the bugs to Microsoft. Imagine that day at Microsoft.

So How Can We Prevent WannaCry Part Two?

1. Update! Update all your computers using Microsoft 10 and your Windows Servers. Don’t make the mistake of holding off the updates for a more convenient time. Hackers are going to find that pretty convenient for them, too! Not updating your computer is like sitting in the road, seeing a car speeding towards you, and saying, “I’ll move later.” Later just might be too late.

2. Backup your data. Whether you are responsible for an IT infrastructure supporting 10,000 employees or you are managing your home computer, BACKUP YOUR DATA. If you have an existing backup system, check your backups. Ask yourself, Could my organization survive if we lost all of our data and had to restore our backups? Are our backups current and working? How long would it take us to restore from backups? If you are not satisfied with any of the answers to those questions, do something about it.

How We Can Help

As the industry-leading backup solution, Rubrik is quick to install, backup, and recover, so what otherwise would be a catastrophe is now just a quick restoration. Rubrik’s interface is also incredibly easy to use, having been built to be easy for users to manage all their data in one place. Also, with services like Rubrik Polaris, Trinsio clients get brand-new insight into data across their entire IT infrastructure, including ransomware and malware detection.

Try Rubrik for free on us! Learn how to start your free trial here.