{"id":20475,"date":"2017-12-14T09:00:26","date_gmt":"2017-12-14T14:00:26","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=20475"},"modified":"2019-11-15T06:43:00","modified_gmt":"2019-11-15T11:43:00","slug":"north-carolina-ransomware","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/north-carolina-ransomware\/20475\/","title":{"rendered":"The case of the county-killing ransomware"},"content":{"rendered":"<p>Ransomware has been a plague on networks the world over for several years now, infecting businesses, hospitals, municipalities \u2014 essentially, any organizations large enough to pay the hefty ransoms that crooks require of victims to retrieve their stolen files are potential targets. At Kaspersky Lab, we\u2019ve seen the threat evolve from one that focused on individuals to one that increasingly targets businesses and larger organizations. In fact, a <a target=\"_blank\" href=\"https:\/\/securelist.com\/ksb-story-of-the-year-2017\/83290\/\" rel=\"noopener noreferrer\">recent report<\/a> on ransomware found that 26% of businesses had been hit with ransomware in 2017 alone.<\/p>\n<p>But this week\u2019s cybernews included reports of a particularly remarkable ransomware infection \u2014 one that effectively <a target=\"_blank\" href=\"https:\/\/www.washingtonpost.com\/national\/north-carolina-countys-servers-hacked-23k-ransom-sought\/2017\/12\/05\/130630fa-da1b-11e7-a241-0848315642d0_story.html?utm_term=.76969de784cf\" rel=\"noopener noreferrer nofollow\">took down an entire county in North Carolina<\/a>. The ransomware attack has forced officials in Mecklenburg County to quarantine 48 of the 500 servers the municipality relies on for daily government operations. The hackers have asked for a $23,000 ransom, which the county manager says will not be paid.<\/p>\n<p>The attack has left county workers using paper and pen to handle tax payments, jail services, child support, and the myriad other municipal services they manage \u2014 fallout that may continue for many days or even weeks. And despite the county presumably having backups of its data, it is difficult to know what personal and confidential information from the county\u2019s million-plus inhabitants has been compromised and could be used for malicious purposes.<\/p>\n<p>The infection started with just one click, an employee opening a malicious e-mail attachment. Then everything spun out of control.<\/p>\n<p>So, what can organizations do to better prepare for and prevent ransomware attacks? Here are five great points of advice to prepare for and respond to ransomware.<\/p>\n<ul>\n<li><strong><b>Stop phishing letters before they get to users.<\/b> <\/strong>Most phishing letters can be detected on your mail server \u2014 you just need to use the right technology. For example, <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/advert\/small-to-medium-business-security\/mail-server?redef=1&amp;THRU&amp;reseller=gl_kdailypost_acq_ona_smm__onl_b2b_kasperskydaily_lnk____ksms___\" rel=\"noopener noreferrer nofollow\">Kaspersky Security for Mail Server<\/a> uses cloud technologies to block malicious attachments and phishing links.<\/li>\n<li><strong><b>Train your employees<\/b><\/strong>. Regardless of age or experience level, all of your organization\u2019s employees need cybersecurity awareness training that provides them not only with a baseline understanding of threats, but with some practical protection skills. We have our own approach to this problem that can you can <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/cybersecurity-awareness\/5845\/\" rel=\"noopener noreferrer nofollow\">learn about in this post<\/a>.<\/li>\n<li><strong><b>Enable updates<\/b><\/strong>. Make a habit of always updating operating systems, browsers, and other software. Most malware that is delivered in phishing letters relies on vulnerabilities in the software you are using. Regular updates will minimize chances of infection. Also, do not forget to update antimalware solutions as well \u2014 the best AV vendors release updates in real time to ensure their customers and partners are always protected from the latest online threats.<\/li>\n<li><strong><b>Use a robust security solution.<\/b> <\/strong>Kaspersky Lab offers a range of antiransomware tools for business. First, our B2B endpoint protection solutions have an antiransomware subsystem that can detect the act of encryption and roll back changes made by malware. Secondly, we have a free tool that can work along with other antivirus products and provide the same level of protection to our clients even if their main protective solution fails to detect the threat.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kart\">\n<ul>\n<li><strong><b>Know your options<\/b><\/strong>. Even if your computers somehow get infected with ransomware that encrypts the files on them, all is not necessarily lost. For some species of ransomware, free decryption tools can help you restore the data without having to pay any ransom. To check whether it\u2019s possible in your case, visit Kaspersky Lab\u2019s\u00a0<a target=\"_blank\" href=\"https:\/\/noransom.kaspersky.com\/\" rel=\"noopener noreferrer\">No Ransom site<\/a>.<\/li>\n<\/ul>\n<p>How ready is your organization for a possible ransomware attack? If you\u2019re feeling confident (or just want to see how much help you need in preparation for a possible malicious intrusion into your network), take our <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/ransomware-quiz\/14067\/\" rel=\"noopener noreferrer nofollow\">Ransomware Quiz<\/a>.<\/p>\n<p>To read more about ransomware, you can also download <a target=\"_blank\" href=\"https:\/\/go.kaspersky.com\/Ransomware-eBookSOC.html\" rel=\"noopener noreferrer nofollow\">this antiransomware e-book<\/a>, which will tell you all you need to know.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware just took down an entire county in North Carolina. How did it happen, and what can your organization do to stay safe?<\/p>\n","protected":false},"author":2453,"featured_media":20476,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[2507,282,2691,420,131],"class_list":{"0":"post-20475","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-awareness","10":"tag-cybersecurity","11":"tag-north-america","12":"tag-ransomware","13":"tag-tips"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/north-carolina-ransomware\/20475\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/north-carolina-ransomware\/12011\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/north-carolina-ransomware\/14233\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/north-carolina-ransomware\/4540\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/north-carolina-ransomware\/8698\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/north-carolina-ransomware\/9004\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/ransomware\/","name":"Ransomware"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/20475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2453"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=20475"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/20475\/revisions"}],"predecessor-version":[{"id":29850,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/20475\/revisions\/29850"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/20476"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=20475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=20475"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=20475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}