BreachExchange mailing list archives
Plymouth officials work to get system back online after cyber attack
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 11 Mar 2019 09:08:20 -0500
http://www.bristolpress.com/BP-General+News/346296/cyber-attack-takes-down-plymouths-town-and-police-servers A ransomware cyber-attack that hit the town Wednesday has resulted in municipal and police computer servers being shut down and data being encrypted. Plymouth town officials are working to get the system back online, but could not say Thursday whether a criminal investigation was underway. Jeff Ziplow, a cyber-security risk assessor with Blum Shapiro working with the town to solve the issue, said that municipal and police computer servers were infected with “decrypt.txt” ransomware, which came through email. The ransomware has encrypted town files and made them inaccessible. Municipal and police severs were shut down to prevent the malware from spreading further. “We are currently in the process of determining which variant of this particular ransomware we are dealing with,” said Ziplow. “It has had a dramatic impact on a number of servers in the police department and municipal servers. We will be working with the IT director and going through each server to determine if they are infected and the best way to clean them. Depending on the variant we are dealing with, there may be tools out there to get rid of it. Or, we may have to restore the servers to a previous backup point.” Ziplow said that Plymouth’s town computers run on Microsoft Office 360 and they may be implementing a two-factor authentication system for better protection in the future. Ziplow explained that the ransomware has generated a text file with instructions for how the town could visit certain websites and the steps the town would need to take to pay a ransom in “bitcoin,” an untraceable online currency, to regain access to their files. However, the town does not intend to pay the ransom. “This is happening to many municipalities in Connecticut,” said Ziplow. “Plymouth is not the first. We are trying to figure out how it came in so we can be better protected in the future.” Sergeant John D’Aniello of the Plymouth Police Department said that police still have access to their radios but they are now hand-writing all of their reports or using typewriters. “The police department is still in operation but we have no electronic capabilities,” said D’Aniello. Ann Marie Rheault, Plymouth Finance Director, said that the town would also be notifying the various contractors or members of boards that they have been emailing. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Plymouth officials work to get system back online after cyber attack Destry Winant (Mar 12)