The new year is only a week old and already ransomware gangs have hit a number of organizations.
They include Finalsite, a cloud-based provider of website solutions to over 8,000 schools and universities in 115 countries, and Bernalillo County, which includes Albuquerque, New Mexico.
According to the Bleeping Computer news service, the attack on Finalsite disrupted access to websites for thousands of schools worldwide.
Finalsite said in a statement on its website that it found ransomware on its system on Tuesday. “We immediately took steps to secure our systems and to contain the activity. We quickly launched an investigation into the event with the assistance of third-party forensic specialists, and began proactively taking certain systems offline.”
“We have full access to our files and data. The forensic investigation is ongoing and at this time, we have no evidence that our data or client data has been taken. If we determine otherwise through the course of the investigation, we’ll act swiftly to notify you and will take all appropriate actions.
In an update issued Thursday the company said it continues to make progress bringing more websites back up. “While we still have work to do, the vast majority of front-facing websites are online. Some sites may still lack proper styling, admin log-in functionality, calendar events, or constituent directories, but the team is currently working to restore these elements.”
Bernalillo County said most of its buildings will remain closed Friday because of the ransomware attack detected earlier in the week. County employees continue to work from home to offer services as much as possible. Emergency and public safety are in full operation. 911 is operational, with the Sheriff’s Office and Fire and Rescue responding to calls. But the Clerk’s Office has no access to systems and no legal filings are possible, including marriage licenses, real estate transactions and voter registrations.
In addition, this week network-attached storage maker QNAP warned users to take precautions against ransomware.
In its statement QNAP said ransomware and brute-force attacks have been widely targeting all networking devices. The most vulnerable devices, it adds, will be those exposed to the Internet without any protection. A QNAP NAS is exposed to the Internet and at high risk if the Security Counsellor tab in the QNAP administrator console shows “The System Administration service can be directly accessible from an external IP address.”