Ransomware hits 4 US cities in less than a month

Avast Security News Team, 20 December 2019

Plus more news bytes from the week, including new tech that allows you to just think your passwords and legal action that may require digging up the body of a cryptocurrency CEO who died in 2018

Four ransomware cyberattacks have struck U.S. municipalities this December, and the month is not over yet. The Avast Blog reported on the Dec. 7 attack against Pensacola, Fla., but since then, ransomware has also hit New Orleans (Dec. 13), the Sacramento suburb of Galt, Calif. (Dec. 16), and the St. Lucie County Sheriff’s Department in Florida (Dec. 17). It is unknown if these attacks are related, but they occur as the trend of taking small government systems hostage continues to increase. 

While a group called Maze claimed responsibility for the attack on Pensacola, it’s unclear who is behind the other attacks. The news site nola.com reported that cyber-sleuths suspect an organized crime syndicate launched the New Orleans attack due to the type of ransomware used. Following the attack, New Orleans declared a state of emergency and was forced to move many of its operations to pen and paper. “One positive about being a city that has been touched by disasters,” stated one city rep, “we can operate without the internet and without a city network.” Galt, Calif., city services and the St. Lucie Country Sheriff’s Department are still offline, but they are in the process of recovering from the costly attacks. 

“This is a worldwide trend, affecting not just cities but different industries, with special emphasis on healthcare and education,” said Avast Security Evangelist Luis Corrons. “A number of cybercriminal gangs are behind these attacks, and we will see them increase during 2020.”

This week’s stat 

CBS News reported that in 2019 ransomware hit 103 government agencies, 759 healthcare providers, and 86 schools and universities. 

Malware spam targets German officials

Attackers are sending malicious emails – fabricated to look like they come from German authorities – to German government officials, infecting their systems with the notorious Emotet banking trojan. Emotet was designed to steal banking data, but it can also be used to drop other malware, such as ransomware. The email scam aims to trick German officials by appearing as replies to email threads in progress. Read more on Bleeping Computer

Will passwords become passthoughts? 

Researchers are developing brain-computer interfaces (BCIs) primarily for medical uses, but consumer adoptions could forever change how users interact with their devices, including the replacement of typing passwords with simply thinking them. BCIs are advanced tech devices that communicate with the brain’s neural activity, which is basically an electrical current. Medical applications of the tech include helping injured people recover abilities they’ve lost while consumer uses include games that react in real time to the thoughts and moods of the player. Read more on ZDNet

This week’s quote 

“This is heartbreaking. This family bought a device to feel more secure, and ended up traumatized. What this points out is the vulnerability that the Internet of Things has brought into our homes.” – Avast family security expert Leena Elias on the latest security-related incident involving a smart home camera. 

FBI travel safety tech tips

This week, the FBI published a list of holiday travel tips. The main focus of the warnings concerns the dangers of connecting to free Wi-Fi spots. During high-volume travel seasons, fraudsters set up free Wi-Fi hubs around public areas like airports, hoping travelers will blindly hook into their service, allowing them in turn to infiltrate the travelers’ devices. The FBI advises all travelers to confirm the official name of the Wi-Fi service they’re trying to use, adding that travelers should never conduct online banking over public Wi-Fi and, wherever possible, they should use their own personal hotspots. 

Amazon, Apple, Google, team up on IoT standard

The big three in smart home tech are partnering with the IoT-focused ZigBee Alliance to create a new standard for the Internet of Things that will lead to stronger security, smoother integration, and easier interactivity between devices. The group has named their work group project Connected Home over IP, and they are focusing their efforts on an open-source approach to a new IoT connectivity protocol that all developers can adopt. This will allow consumers to buy devices from different companies with the peace of mind that they will work harmoniously.

cryptoLegal action seeks to exhume crypto CEO’s body 

Victims who lost their cryptocurrency savings when Gerald Cotten died last year are now taking legal action to have his body exhumed and identified. Cotten was 30 and CEO of Vancouver-based cryptocurrency exchange QuadrigaCX when he died of complications with Crohn’s disease in an India hospital. QuadrigaCX stored $137 million in crypto holdings for  115,000 customers, but no passwords were found after Cotten’s death, leaving his customers with no access to their funds. Records show Cotten funneled customers’ money to his own accounts. QuadrigaCX customers want proof that he died and did not abscond with their money. Read more on Futurism

This week’s ‘must-read’ on The Avast Blog

The exploding Bring Your Own Device (BYOD) market — expected to reach $366 billion by 2022 — is even more evidence of digital transformation at work for managed service providers.

Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN. Get advertisers off your back and disguise your online identity for greater privacy with Avast AntiTrack.

Related articles