Ransomware Shuts Down Lincolnshire Council IT Systems for Days

A ransomware attack last week forced a temporary IT shut down at Lincolnshire council.

Council employees were forced to return to pen and paper for several days after the unnamed malware began encrypting files, forcing CIO Judith Hetherington-Smith to order admins to pull the plug.

“It happened very quickly. Once we identified it we shut the network down, but some damage is always done before you get to that point – and some files have been locked by the software,” she told the BBC.

“A lot of the files will be available for us to restore from the back-up.”

Some reports suggested that the ransomwarers were initially demanding “a million pounds,” but it appears as if the actual ransom was $500 worth of virtual currency Bitcoin – which is more in line with the amount normally demanded by cybercriminals in this kind of attack.

It is believed the infection began after an employee was socially engineered into opening a malicious email attachment.

Ransomware is certainly becoming one of the biggest cyber menaces out there – for individuals and businesses alike.

In fact, over half (54%) of all malware targeting UK users in 2015 contained some form of ransomware, security firm Bitdefender claimed in December.

David Flowers, EMEA managing director at endpoint security firm Carbon Black, argued that a more sophisticated approach is needed to stop this kind of malware.

“Whitelisting, whereby a threat is assessed against a set of policies and common characteristics to see if there is a likely issue, can help to spot this type of malware even if it has never appeared before,” he explained.

“This should then we combined with broader threat intelligence, where you can see if a particular file has ever been seen before; if it hasn’t, then it is likely to be zero day and hazardous. This allows organisations to get smarter about security and avoid falling into these sort of traps.”

SOURCE: Phil Muncaster | Infosecurity Magazine


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s