A coordinated ransomware attack hit 23 local Texas governments encrypts files and adds a .JSE extension at the end. Here’s how to prevent an attack.

Ransomware: The new cost of doing business
Atlanta’s ransomware attack was just the beginning. Larry Dignan and Bill Detwiler explain why cyber-attacks are the new normal for business.
- 20180409ransomwaredan - How to avoid .JSE ransomware that hit the Texas government

On Friday, 23 local Texas government offices were hit with a coordinated ransomware attack, our sister site ZDNet reported. Evidence suggests that the attacks came from a single actor, according to the Texas Department of Information Resources (DIR). 

“Responders are actively working with these entities to bring their systems back online,” the DIR wrote in a press release. The state government network has not been impacted. The FBI, the Department of Homeland , and several other agencies are helping respond to the attack. 

SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)

The ransomware that infected the government networks encrypts files and adds a .JSE extension at the end, ZDNet reported. While this strain of ransomware does not have its own name, and is generally called “the .JSE ransomware,” some vendors detect it as Nemucod. 

This form of attack is different from others of the same nature in that it does not leave a ransom note behind, which confuses victims who are unsure of what happened, ZDNet noted. These attacks are becoming more common against US cities: A similarly coordinated ransomware attack hit several Louisiana school districts in July, prompting the governor to declare a state of emergency. 

To keep your business safe from ransomware, IT and cybersecurity leaders should do the following, TechRepublic reported

  1. Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  2. Keep all up to date, including operating systems and applications.
  3. Back up all information every day, including information on employee devices, so you can restore encrypted if attacked.
  4. Back up all information to a secure, offsite location.
  5. Segment your network: Don’t place all data on one file share accessed by everyone in the company.
  6. Train staff on cyber security practices, emphasizing not opening attachments or links from unknown sources.
  7. Develop a communication strategy to inform employees if a virus reaches the company network.
  8. Before an attack happens, work with your board to determine if your company will plan to pay a ransom or launch an investigation.
  9. Perform a threat analysis in communication with vendors to go over the cyber security throughout the lifecycle of a particular device or application.
  10. Instruct information security teams to perform penetration testing to find any vulnerabilities.

For more, check out Ransomware: A cheat sheet for professionals on TechRepublic. 

Also see 

Laptop in the dark  - istock 807546540 - How to avoid .JSE ransomware that hit the Texas government

Image: iStockphoto/Charnchai Guoy



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here