The city of New Orleans was the latest major U.S. city hit by a cyberattack this past Friday, December 13, 2019. It follows attacks on Atlanta in 2018 and Baltimore earlier this year. The malware was discovered in the morning. The IT staff ordered all computers to power off to avoid the malware from spreading. The outage caused the city to declare a state of emergency. Luckily no data was held for ransom, but the recovery process will be costly and lengthy.
No request for ransom has been received thanks to the attack being stopped in the early stages.
"But there were still headaches and disruptions as city employees arrived at work Monday, and New Orleans police were forced to use paper and pens to conduct basic tasks like writing arrest reports."
According to NOLA.com:
"Mayor LaToya Cantrell said about 4,000 computers will need to be scrubbed. She added that 400 servers were affected. The exact nature and extent of the attack were unclear, but it appears to have started about 5 a.m. Friday, when city officials first noticed suspicious activity on their network. Reports of suspicious activity picked up as employees got to work around 8 a.m., and officials decided to shut down the system after 11 a.m."
The police department, 911 and 311 were unaffected, and the fire department is operating off old-fashioned hard copies. Sounds like NOLA had functioning backups, unlike many other cities that have recently fallen victim to ransomware.
To read more follow the link to Nola.com
https://www.nola.com/news/politics/article_0a132564-2061-11ea-8d52-53848745f381.html
VISA warns of POS malware incidents at gas pumps across North America
VISA says it's aware of POS malware being deployed on the networks of five North American fuel dispenser merchants.
The payments processor said that gas station operators are under attack by cybercrime groups who want to deploy point of sale malware on fuel dispenser networks.
"POS malware works by continuously scraping a computer's RAM for what looks like unencrypted payment card data, which it collects, and then uploads to a remote server.
The VISA Payment Fraud Disruption (PFD) team says cybercrime groups appear to have found a weak spot in how gas stations and gas pump operators work."
The problem basically is out of date readers that do not accept cards with chips but rely on the magnetic strip. When a card is swiped the data is sent unencrypted and that is when the crooks intercept the data.
"VISA said the easiest ways for fuel dispenser merchants to safeguard customers is to either encrypt card data while it's being transferred across a network or stored in memory or shift to a chip card acceptance policy."
The entire article can be found at the following link;
https://www.zdnet.com/article/visa-warns-of-pos-malware-incidents-at-gas-pumps-across-north-america/?ftag=TRE-03-10aaa6b&bhid=27630927001468733386426006914379
Take your cybersecurity seriously. Make sure your computer OS and anti-virus are up to date. Apply firmware patches to your routers and beware when opening emails, even if it purports to be from someone you know. A lot of phishing attacks use spoofing to gain the confidence of the target.
Support for Windows 7 ends 01/14/2020.
After January 14, 2020, Microsoft will no longer provide security updates or support for PCs with Windows 7. Upgrade to Windows 10 now to keep your employees productive and secure.
https://support.microsoft.com/en-us/help/4057281/windows-7-support-will-end-on-january-14-2020
DForce Intel Gen 8 & 9 Workstations
