Atlanta Still In the Grip of Ransomware; Universities Prime Target for Cryptojacking
Following up on a previously reported story: the city of Atlanta, Georgia is still fighting against a ransomware attack that shut down many of their municipal court and bill payment sites. Mayor Keisha Bottoms officially stated the city is “dealing with a hostage situation.”
As a result of the ransomware, municipal courts remain closed, and traffic and water bills cannot be paid online. Although city employees were allowed to access their work computers yesterday for the first time since the attack, many are still filling out reports and forms via pen-and-paper.
The hackers, who have not yet been conclusively identified, are demanding $51,000 in Bitcoin to decrypt the computers. It is not clear if any civilian’s or employee’s personal identity data has been compromised in the attack.
In a separate story, Dark Reading reports that automated threat management solution provider Vectra discovered in a study that 60% of cryptojacking (illicit cryptocurrency mining malware) attacks occurred on university networks. Higher education servers offer high-bandwidths and a high volume of unprotected endpoints via student devices—both of which make universities an appealing target. Further, higher education institutions don’t have nearly the same cryptojacking security protocols as corporate enterprises.
In comparison, Vectra’s study determined that entertainment and leisure sites only accounted for 6% of all detected cryptojacking attacks. Yet this was the second highest detections for cryptojacking attacks by industry.
According Vectra’s Head of Security Analytics Chris Morales, “[Cryptojacking]… is very expensive to accomplish without a free source of power and a lot of computing resources with minimal security controls that are exposed to the Internet. Even at the current value of $9,000 per bitcoin, it remains a lucrative temptation for both attackers and students with free electricity they can convert into monetary value.” He also asserted that students as much as external hackers can be responsible for cryptojacking attacks—representing a very different kind of insider threat.
Better detection methods and, yes, better education on digital security for students are advised.