The cities of Albuquerque, Los Ranchos, and Tijeras were shut down Wednesday by a ransomware attack. In a press release on Wednesday, officials in Bernalillo County disclosed the attack, saying they had taken affected systems offline and severed network connections. Most county buildings had to shut down and employees are working remotely to attempt to maintain services during the system outage. However, as employees cannot access the public databases, there is little they can do for now. The name and type of the ransomware used in the attack is unknown. The disruption is thought to have occurred between Midnight and 5:30 a.m. on Jan. 5.

Experts Comments

January 07, 2022
Nasser Fattah
Executive Advisor
Shared Assessments

It is unfortunate, but cities will continue to be a big target for ransomware. Many available statistics show that municipalities have a high hit of ransomware. As for the root cause, I would think that a contributing factor is the lack of resources and the use of stale technologies, which collectively make municipalities an attractive target. This is exacerbated with work from home when an already weak security infrastructure needs to support remote work, which now makes the attack surface

.....Read More

It is unfortunate, but cities will continue to be a big target for ransomware. Many available statistics show that municipalities have a high hit of ransomware. As for the root cause, I would think that a contributing factor is the lack of resources and the use of stale technologies, which collectively make municipalities an attractive target. This is exacerbated with work from home when an already weak security infrastructure needs to support remote work, which now makes the attack surface even bigger.

  Read Less
January 07, 2022
Saryu Nayyar
CEO
Gurucul

Despite widespread deployment of traditional SIEM, endpoint solutions and now Endpoint-based XDR, what has been lacking within most organizations that are victims of successful ransomware attacks is true behavioral-based modeling and detection within the infrastructure. The ability to characterize proper behaviors and user and application access with the right modeling and machine learning can lead to high-fidelity detection of deviations in "normal" behaviors and unusual access to systems

.....Read More

Despite widespread deployment of traditional SIEM, endpoint solutions and now Endpoint-based XDR, what has been lacking within most organizations that are victims of successful ransomware attacks is true behavioral-based modeling and detection within the infrastructure. The ability to characterize proper behaviors and user and application access with the right modeling and machine learning can lead to high-fidelity detection of deviations in "normal" behaviors and unusual access to systems that are often tell-tale signs of ransomware infections. The ability to bubble these types of alerts as high-priority when appropriate empowers security teams to investigate and detect ransomware much earlier to then respond and thwart a successful attack.

  Read Less
January 07, 2022
Garret F. Grajek
CEO
YouAttest

No company, county or organization is too obscure or too off-the-beaten path for the attackers. To the hackers - the sites are simply targets of opportunity. The automatic scanning they are doing is looking for vulnerabilities - regardless where the target will eventually end up. The Palo Alto Networks Cortex Xpanse team has researched the scanning and has showed the hackers are scanning withing 15 minutes of a known vulnerability - where most companies are not patching and updating for 12

.....Read More

No company, county or organization is too obscure or too off-the-beaten path for the attackers. To the hackers - the sites are simply targets of opportunity. The automatic scanning they are doing is looking for vulnerabilities - regardless where the target will eventually end up. The Palo Alto Networks Cortex Xpanse team has researched the scanning and has showed the hackers are scanning withing 15 minutes of a known vulnerability - where most companies are not patching and updating for 12 hours.  

The solution is a proactive approach to security such as zero trust networks and active identity governance - knowing who has what and triggering on identity changes.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.