Montreal’s Société De Transport De Montréal (STM) Public Transport System Hit With A RansomExx Attack

By   ISBuzz Team
Writer , Information Security Buzz | Oct 22, 2020 02:30 am PST

It was reported today that Montreal’s STM public transport system is the latest victim of a ransomware attack that has affected its services and online systems.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Tim Helming
Tim Helming , Security Advocate
October 22, 2020 11:52 am

Unfortunately for Montreal\’s STM public transport system, RansomExx ransomware actors are amongst the threat groups that have upgraded their attacks to both encrypt and steal victims\’ data. This evolution of ransomware attacks is known as \’double-extortion\’ because criminals are effectively able to ask for a double payment – one to decrypt the files, and the other to stop the stolen data from being made public.

The advice for organisations is to put in place defenses that will allow them to spot the traffic generated by the data being redirected to threat actors\’ servers – this can be done with DNS firewalling.

It is also worth remembering that phishing remains the main vector through which ransomware groups are able to make their way into their targets\’ systems. For this reason, there is really no excuse not to have an effective email filtering system in place and a cybersecurity awareness program for all employees – up to and including incentives and rewards for successfully identifying a phishing email and flagging it to your security teams. Your staff are often viewed as your biggest risk factor from a security perspective, but sensible policy can turn them into your greatest asset.

Last edited 3 years ago by Tim Helming

Recent Posts

Would love your thoughts, please comment.x