Leonardtown, North Beach recovering from Kaseya ransomware

L

LtownTaxpayer

Active Member
Backups are some of your best friends - assuming you know when ransomware was downloaded and you have backups that predate it.
157980
 
  • Like
Reactions: Erk
Editor

Editor

somd.com Editor
Staff member
PREMO Member
Patron
Yep, the story even made the WashPo and Drudge Report:


158114


It was just after 12:30 p.m. on the Friday before the Fourth of July holiday when a warning popped up on Laschelle McKay’s computer screen.

McKay, the town administrator for Leonardtown, Md., didn’t even have time to read the whole message before it disappeared and her computer froze.

“Everything shut down,” she said in an interview. “You couldn’t open any document, you’re completely locked from all your files.”
Click to expand...


The town government's computers were being managed by a regional company called JustTech, according to the WashPo story. They installed the Kaseya software on the town's computers to facilitate remote management.:

justtech.com

Managed Tech Solutions Company - Just·Tech

We are a trusted Managed Tech Solutions Company. The IT and print partner for the office, virtual and hybrid workforce..
justtech.com justtech.com

Kaseya announced the compromise of their software on Friday, 02-JUL, the same day Leonardtown's and North Beach's computers were encrypted.

www.zdnet.com

Updated Kaseya ransomware attack FAQ: What we know now

Here is everything you need to know.
www.zdnet.com www.zdnet.com
 
Last edited:
A

Ashnm

New Member
Editor said:
Yep, Even hit the WashPo and Drudge Report:





The town government's computers were being managed by a local company called JustTech, owned by one Joshua Justice:

justtech.com

Managed Tech Solutions Company - Just·Tech

We are a trusted Managed Tech Solutions Company. The IT and print partner for the office, virtual and hybrid workforce..
justtech.com justtech.com
Click to expand...

Yes they utilize Kaseya software, which was attacked. They’ve been very open and transparent about it.
 
Editor

Editor

somd.com Editor
Staff member
PREMO Member
Patron
North Beach also hit:

Another town in Maryland, North Beach, issued a news release confirming that it, too, had been a victim of the attack. The town’s water and phone systems were still working, it said.
Click to expand...

158116
 
Last edited:
Editor

Editor

somd.com Editor
Staff member
PREMO Member
Patron
LtownTaxpayer said:
Backups are some of your best friends - assuming you know when ransomware was downloaded and you have backups that predate it.
Click to expand...
The problem is that as of Windows 10, the backup was switched from a system image to a file history mechanism. So, instead of writing an image/archive to an external device and then disconnecting it, Win10 File history requires a mounted drive at all times. If you get encrypted, presumably the backup drive will get it too.

I guess there are other solutions available.
 
spr1975wshs

spr1975wshs

Mostly settled in...
Ad Free Experience
Patron
Editor said:
The problem is that as of Windows 10, the backup was switched from a system image to a file history mechanism. So, instead of writing an image/archive to an external device and then disconnecting it, Win10 File history requires a mounted drive at all times. If you get encrypted, presumably the backup drive will get it too.

I guess there are other solutions available.
Click to expand...
Part of the reason why I have started learning and switching to Linux.
 
spr1975wshs

spr1975wshs

Mostly settled in...
Ad Free Experience
Patron
Editor said:
I would assume that Microsoft could fix the problem by only allowing File Write operations to the File History drive by trusted applications.
Click to expand...
It seems that Micro$loth is less and less interested in the effects their OS holes have on the end user over the decades since I first used MS DOS.
 
You must log in or register to reply here.
Top