Cloud-Based School Website Provider, U.S. County Ransomware Affected

The New Year is only a week away and ransomware gangs have already hit a number of organizations.

These include Finalsite, a cloud provider of website solutions for more than 8,000 schools and universities in 115 countries, and Bernalillo County., which includes Albuquerque, New Mexico.

According to the news service Bleeping Computer, the attack on Finalsite disrupted access to the websites of thousands of schools around the world.

Finalsite said in a statement posted on its website that it found ransomware on its system on Tuesday. “We took immediate action to secure our systems and contain activity. We quickly launched an investigation into the event with the help of third-party forensic specialists and began to proactively take some systems offline.

“We have full access to our files and data. The forensic investigation is ongoing and at this time we have no evidence that our data or our clients’ data was taken. If we determine otherwise during the investigation, we will act promptly to notify you and take all appropriate action.

In an update released on Thursday, the company said it continues to make progress in bringing more websites back up and running. “While we still have work to do, the vast majority of front-end websites are live. Some sites may still lack style, admin login functionality, calendar events, or home directories, but the team is currently working to restore those items.

Bernalillo County said most of its buildings will remain closed on Friday due to the ransomware attack detected earlier in the week. County employees continue to work from home to provide as many services as possible. Emergencies and public security are fully operational. 911 is operational, with the sheriff’s office and fire and rescue services responding to calls. But the clerk’s office has no access to the systems and no legal deposit is possible, including marriage licenses, real estate transactions, and voter registration.

Additionally, this week, network storage maker QNAP warned users to take precautions against ransomware.

In its statement, QNAP said ransomware and brute force attacks broadly target all network devices. The most vulnerable devices, he adds, will be those exposed to the Internet without any protection. A QNAP NAS is exposed to the Internet and at high risk if the Security Advisor tab of the QNAP Administration Console displays “The System Administration Service can be directly accessed from an external IP address”.


Source link