Cities Ransomware Issue and cost to Taxpayers
Retired Marine
Last comment by icyman61 4 months ago.

Take Me To Post Comment Form


Ransomware has been in the news since 2005 hitting Microsoft Servers and work stations. Its no new threat to seasoned security experts. It has been in news lately in the USA with the newest strains hitting City systems since April 25th, 2017 Newark, NJ, July 6th 2017 Murfreesboro, Tn, Nov 9th 2017, Spring Hill ,Tn. Savannah, Ga and City of Hinesville, the list goes on and on. Why?

The ransomware took down the servers, online payment system, ect, Identical to the situation that occurred at the City of Hinesville in Feb.

Why?

I made a post on Patty Leon's article, but it was only partially complete. I was lambasted by someone named Brad, then I was prevented from responding and completing my post to the article or editing my previous post.

Brad pretends to know everything about me, and my knowledge. That's laughable, and ludicrous, are people Omnipotent?

Brad was however partially correct, because I oversimplified my response and wasn't allowed to complete it there. So now I complete the response here.

In order to prevent these attacks the city should have:

* Anti-virus software on each system, and it has to be updated daily. ( was the cities?)

* Malware software that is updated daily.

* Anti-Spyware software regularly updated

* Written procedures and policies concerning software and computer usage for each staff

* Regularly educate employees on software threats and proper usage of computers

* Endpoint protection on each system

* Segmented Networks-Virtual Lans

* Automatic Quarantine, and Sandbox setup for suspicious files

* regularly updated systems- especially Microsoft OS machines as they are most prone to attacks

They have administrative SOLAR WINDS which is a very expensive software to monitor their network and much more(Great Software if used properly).

They have anti-virus software, but were all of the systems being patched and updated?

All Servers must be patched and updated, have firewalls, and should be protected by virtual network, separated, and segmented.

One of the best ways to prevent attacks is by switching to Linux, and many of the server versions are free, open source or low cost solutions in comparison to Microsoft Products and licenses.

Daily backups which the city had. Odd thing is the vendors and city stated they had no data loss, yet they are delaying open records requests saying they had data loss?

Yet If the city migrated to Linux they could save Taxpayers hundreds of thousands of dollars YEARLY!
Every software they use, can be utilized in Linux.

The biggest problem there is, they don't have knowledgeable people to work with Linux.

As for the company that did their pen-testing, Its obvious they failed big time, because the flaws that were exploited by the malware should have been found by the company testing their network.

ANY Novice CCIE +, Network +, Network Security Specialist, knows that the weakest point in network security is the endpoints, and the users. You have to make the network dummy proof!

So next time the City wants to pay a specialists to test them, they can hire me, I will do it for less than the 7000 dollars they paid the company to pen-test their network and a more thorough Job.

Right now the IT department is spending in Operating cost, maintenance contracts, computer hardware, training, etc, and the external pen-testing in excess of 314,866 yet did not protect against malware that should have been prevented.

That's your tax dollars being spent and wasted.

As I said, they could save the City thousands yearly by migrating their system to a Linux based network and workstations.

In addition to saving the Taxpayers of Hinesville Money yearly, by eliminating expensive Microsoft licenses, it saves in over all computer replacement cost because Linux operates much better on slower old machines. They could set up terminal services networks etc, VPN all for free.

Me I use multiple systems to protect my network, Qubes OS, with Multiple OS inside sand-boxed VD. I don't have the same issues, if someone, somehow gets past my firewalls, Anti-Virus, and everything else I have snapshots to get back up and running asap.


But alas, I am a nobody, that knows nothing( according to Brad and many others), maybe they should pay someone else thousands of dollars which helps protect nothing.


Latest Activity: Mar 21, 2018 at 10:40 AM


Bookmark and Share
Forward This Blog
Print Blog
More Blogs by icyman61
Send icyman61 a Message
Report Abuse


Blog has been viewed (295) times.

LCarol commented on Wednesday, Mar 21, 2018 at 22:59 PM

Have you sent this to the mayor and city council as well as city manager? If not you probably should.

icyman61 commented on Thursday, Mar 22, 2018 at 03:19 AM

no, they are not happy with me, and even though what I am stating is factual.

They would not listen to me as evidenced by their past track record when I gave them facts!

icyman61 commented on Thursday, Mar 22, 2018 at 10:06 AM

Ok Brad, you gonna weigh in?

Tick-Tock

Any-DAaaayyyyy

Whatcha got to prove me wrong?

Crickets?

Cant can you, why?

Sheran commented on Thursday, Mar 22, 2018 at 20:12 PM

Atlanta has been hit with the same thing!

http://www.foxnews.com/tech/2018/03/2...

icyman61 commented on Thursday, Mar 22, 2018 at 20:24 PM

Honestly, its hard to believe!


Log In to post comments.

Previous blog entries by icyman61
 
Tribulations? We will endure them! Or rapture?
April 23, 2018
For all those folks out there thinking there will be a rapture. Are churches that are teaching rapture, teaching something not in the bible? let me ask questions for you to think about. Where does it say in the bible the faithful will be raptured? In the past when God ...
Read More »
 
Who Represents Us?
March 19, 2018
Why does no one talk about corruption locally? why are no reporters talking about ESG, their multi-million dollar contract, the problems they have caused homeowners here in Hinesville, me included? What about Blatant Violations of the Open Records Act by city officials, no one talks about it or does anything ...
Read More »
 
Name Games, someone is playing here
February 13, 2018
I started noticing new user names signing up Friday, very strange and reminiscing the silly word games military people do with Acronyms. a play on phonics or pronunciation. At first I thought oh its just a bot, its not, because the algorithm would be too complex. So someone is doing ...
Read More »
 
Harassment, by anonymous person?
February 12, 2018
Friday the police knock on the door of my house at 10 pm and scare the heck out of my tenants. They told the tenants my house was put on a list on February 5th by a person claiming they were me, saying the house should be empty, no one ...
Read More »
 
Keepem Honest! LOL, Good luck with that!
January 31, 2018
Every day I see blogs about the Federal Government, President Trump, and corruption, but why? Why does everyone give a pass to the corruption that is occurring closer to home? Why not look at whats going on here in Hinesville? Have any of you ever put in a Open Records ...
Read More »
 
[View More Blogs...]





 
Powered by
Morris Technology