Blogs

Ryuk Ransomware Attacks and What You Need to Know

How To Handle Ransomware

Law Enforcement and other Governmental Agencies all over Georgia recently received a shocking warning in regards to what is being characterized as a targeted and organized series of Malware attacks. Shortly after this warning was released, over 20 Texas agencies were crippled.

Ryuk Ransomware attacks are targeting Law Enforcement and Government Agencies in an attempt to gain monetarily. The attacks will cripple operations within these agencies and in order to access encrypted data and files, attackers will insist on a very expensive ransom, likely hundreds of thousands of dollars. According to the Georgia Bureau of Investigation, these attacks are suspected to have originated from North Korea, bringing an entirely new complexion to the ongoing “war” against Malware.

Ryuk can get in two ways; email phishing attacks and unprotected remote desktop ports (RDP). What makes Ryuk so dangerous is that it can be difficult to prevent because it is “bespoke” meaning that it is modified and can be tailor made for a specific target. It spreads slowly and strategically as it is manually spread from within the network by the hackers once they have entered. It is crucial for the health and protection of your agency that preventative actions are taken and that staff and personnel are aware of and educated on Ryuk Malware Attacks. Two major risks that come with Ryuk Malware attacks are the potential disabling of 911 dispatch as well as the crippling of law enforcement missions. Both of these scenarios have played out in previous ransomware attacks in Georgia.

We want to be sure you are best suited in your defense plans to protect against Ryuk. Liberty is using a layered approach to act defensively against Ryuk Malware. Our approach consists of DNS/Cloud Security, Network Security, Endpoint Security, and leveraging tools that learn machines allowing for detection of abnormal network behavior. In addition to these steps, we take it a step further to train our client’s users. It is important that users know how to spot abnormal or suspicious activity and what best practices to use so that they, themselves, can become, as we like to call it, human malware detectors. For example, just by itself, control over incoming email can minimize the success of those attacks. Without putting those best practices in place, all the malware protection tools in the world will not hold up against careless end-user mistakes.

Below we have listed some additional steps that you should take now in your efforts to prevent against Ryuk:

  • Disable Remote Desktop on every computer on your network.
  • Where you can’t remove RDP, replace it with a third-party version that is secure and that can provide two-factor authentication.
  • Require two-factor authentication for any changes to your network devices, including your servers and to your clients. The second factor should be a physical smart card or USB key, not an SMS text message.
  • Impose a password management policy on your network, including a requirement that all passwords be changed immediately. At this point, any passwords that have been in use for a while will have been compromised, so implement a policy that requires new passwords immediately, sets requirements for password age and doesn’t allow password reuse.
  • Make sure your backups don’t use disk letters or any other method that allows access through the operating system. Backups must be managed by backup software that creates protected backups that cannot be otherwise accessed from the network.
  • Make sure you test the ability to recover your files to confirm that you really have a backup you can use. Then store those backups off-site in a cloud location or potentially in a physical vault.

These proper steps were recommended by an article from eWeek that you can find here.

We want you to be as prepared as possible in your security plans to defend against Ryuk. Contact us at sales@libertytech.net for more info on Ryuk Ransomware and how to protect your organization against it.

Back Next

Recent Blogs

How To Handle Ransomware

Cloud Backup vs. Local Backup: Which Offers Better Data Security?

In the rapidly evolving data management landscape, choosing between cloud backup and local backup is a critical decision businesses must make. Both options have their merits, and the decision often boils down to factors like accessibility, cost, and, perhaps most importantly, data security. We’ll cover key considerations in the eternal debate of cloud vs local […]
Mar 1st, 2024
How To Handle Ransomware

Unlocking Efficiency: The Benefits of Cisco Unified Communications for Your Business

Effective communication is the cornerstone of success in the dynamic realm of modern business. As companies strive to enhance collaboration and streamline communication processes, adopting Cisco Unified Communications Solutions is a strategic move. Today, we’re exploring the myriad advantages businesses can reap by harnessing the power of Cisco collaboration products, emphasizing how Liberty Technology’s IT […]
Feb 1st, 2024
How To Handle Ransomware

Looking Ahead: IT Trends for 2024

Navigating the Future: IT Trends for 2024 In the ever-evolving landscape of technology, staying ahead of the curve is not just an advantage; it’s a necessity. As we stand at the threshold of 2024, businesses must anticipate the upcoming trends that will shape the IT landscape. Let’s explore the critical IT trends for 2024 and […]
Jan 1st, 2024
How To Handle Ransomware

2023: A Year of Collective Strength, Community Commitment, and Forward Thinking at Liberty Technology

Hello everyone, As we eagerly anticipate the arrival of 2024, we at Liberty Technology want to take a moment to reflect on 2023. It’s been a year of significant challenges, but also one of immense growth and community spirit. Our Community: Coming Together in Times of Need The year began on a challenging note with […]
Dec 11th, 2023
How To Handle Ransomware

What Can a VCIO Do for You?

In an ever-evolving digital world, businesses are constantly looking for ways to stay on top of technological advancements and stay competitive. Often, the responsibility falls on the shoulders of a Chief Information Officer (CIO). But for many small and medium-sized businesses, hiring a full-time CIO might not be feasible. Enter the VCIO – Virtual Chief […]
Nov 1st, 2023
How To Handle Ransomware

Cybersecurity for 2023

Every day, tech continues to amaze (and frighten) us with increasingly impressive products, AI, and speed. While these developments increase productivity and our overall good, some individuals will inevitably twist new tech for their nefarious purposes. Among the many worries that circle our safety online, one of the most concerning is being hacked, especially in […]
Oct 2nd, 2023
How To Handle Ransomware

Advantages of the Verkada Cloud-Based Physical Security System

Today, physical security is more important than ever. There are many options available to protect your business and commercial property, but selecting a high-quality security system is the most important way to guarantee maximum security. The brand that stands out from the rest is Verkada. Keep reading to learn about the advantages of choosing Verkada […]
Sep 1st, 2023
How To Handle Ransomware

What Are the Benefits of Managed IT Services?

Nearly every business requires IT services. Without them, technology could be hard to manage, rendering a company’s process less efficient and rough. In short, IT services in Macon, GA, are essential to keeping your local business running smoothly. They also change with the times and adapt to the constant improvements in technology. Ideal IT services […]
Aug 1st, 2023
How To Handle Ransomware

The Risks of a Non-Secure Server

In a business, servers could be called the “heart” of the building. Depending on the type, servers hold most or all of a company’s data, down to the most secure information such as documents, executables (a file used to perform operations or functions on a computer), and even photos or videos. Needless to say, when […]
Jul 3rd, 2023
How To Handle Ransomware

Are You Ready for the Post-COVID Hybrid Work Model?

Covid forever changed the way we work. Is your office capable of handling the demands the hybrid office places on it? Is your network set up for success? Is your data and hardware secure? If not, you’re going to fall behind your competition. The new workspace is changing, mostly for the better. Below you’ll find […]
Jun 1st, 2023
How To Handle Ransomware

Common Cloud Security Mistakes

A common practice for storing data is using the “cloud,” the system of internet-accessed storage, networking, software, and more. There are many services now offering space for all our files, programs, and applications, and this option has become critical to many individuals and businesses. This type of storage has plenty of advantages, such as remote […]
May 2nd, 2023
How To Handle Ransomware

Understanding the Risks of Outdated Tech

We all want our electronic devices to serve us well. We want to get our work done efficiently, without hiccups, viruses, software or hardware issues, and without any problems, period. But since there aren’t any perfect machines (not yet, anyway), devices will always have their limits. Technology problems are so frustrating and common because we […]
Apr 10th, 2023