Back to Ransomware

Ransomware

City of North Bend falls victim to a ransomware attack

On December 11, 2018, North Bend, a city in Oregon, reported that a ransomware attack rendered its computer systems and databases temporarily inaccessible to city workers. The cyberattack originally targeted the North Bend Police Department, but with many of the city’s servers interconnected, the virus quickly spread throughout the city's computer network.

Aftermath of the attack

As soon as the attack was identified, city officials reported the incident to the Federal Bureau of Investigation (FBI). Fortunately, the most recent backups of the City of North Bend’s files were not impacted by the attack. City officials were able to work with the FBI to restore the city’s systems using these latest backups.

So far, security experts can’t confirm whether any sensitive information was accessed during the attack. Although the investigation did not reveal the perpetrators, the attack was traced back to Romania. The FBI also found that the virus entered the network sometime in October. Even though the city had insured itself against such attacks, it didn't have to pay the ransom due to its good practice of maintaining frequent backups. To prevent similar attacks in the future, the city has reportedly strengthened its firewall security.

Don't want to make the news for the wrong reasons? Download ManageEngine DataSecurity Plus, a tool that can detect, classify , and secure personal data , and mitigate ransomware attacks.

How can ManageEngine help with such situations?

ransomware-attack-screenshot-show

Firewalls and other traditional security systems no longer provide adequate protection against sophisticated cyberattacks. What you need is an advanced solution that is capable of connecting the dots to detect, and respond to ransomware attacks. DataSecurity Plus is an automated ransomware threat identification and mitigation solution which:

  • Sends real-time alerts when a ransomware attack attempt is detected:The main indicator for any ransomware attack is an unusual amount of operations on files and folders in the network. This solution helps monitor the frequency of file modifications by each user, and issue alerts whenever the number of modifications crosses a specified threshold within a particular period of time. Alerts also indicate the username, source, date, and time of the incident, as well as other parameters that pave the way for further investigation.
  • Offers a customizable and automated response system to quarantine ransomware attacks:
  • DataSecurity Plus uses a built-in ransomware detection and response mechanism to lock down infected devices and prevent further damage caused by ransomware spreading to storage devices or network systems. You can also set up your own automated responses, including the execution of a batch file, to quickly respond to ransomware attack alerts.

  • Simplifies forensic analysis:DataSecurity Plus generates customizable, audit-ready reports on all in-depth file-related changes, access attempts, events, and share permissions.

Follow these eight best practices to avoid cyberattacks and protect your organization. Try out all these features by downloading the free, 30-day trial version of DataSecurity Plus today.

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.