Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Two months have passed since the city of Baltimore was hit by the latest in a string of ransomware attacks targeting municipalities, and things still aren’t completely back to normal. The attack, perpetrated by an unknown cyber criminal, impacted over 10,000 municipal government-owned computers, and disrupted tax collection and city employees’ access to their email and voicemail accounts. In addition, more than 1,500 pending home sales were delayed, though officials were able to resume processing real estate transactions some days later.
The attackers used a fairly new strain of ransomware called RobbinHood to encrypt all user files on the affected computers. The algorithm they employed is said to be unbreakable with today’s cryptographic technologies. City officials refused to pay the ransom of 13 bitcoins—worth between $80,000 and $100,000—the attackers have demanded. Instead, Baltimore’s leaders have struggled to rebuild applications, user accounts, and portions of their network from the ground up, a process that’s laborious, slow, and expensive. Estimates of lost revenue and recovery costs are currently in the neighborhood of $18 million.
City residents have been frustrated and disappointed with the slow pace of recovery, especially since the temporary manual processes Baltimore has put in place for some administrative components are tedious and inefficient. Other residents are incredulous that the city wasn’t better prepared for this sort of attack since this is the second time within a year its systems have fallen victim to ransomware.
It’s tempting to believe the strain of ransomware involved was highly and technically sophisticated and was able to bypass security controls that the city’s IT team had established in the wake of last year’s incident. But analysis of the RobbinHood malware indicates that can only be distributed through methods requiring extended access to network-level controls—and it most probably was distributed via the compromise of a user account with privileged credentials.
Other experts have claimed the affected systems were vulnerable because Baltimore failed to install a Windows patch that Microsoft had issued in 2017.
Credentialed account compromise can often be prevented with good password hygiene, and by training employees to avoid social engineering or phishing attacks. The vulnerabilities that come from failing to apply software patches in a timely manner can be reduced by turning on automatic updating, or by running periodic vulnerability scans to identify such security weaknesses within the environment.
But keeping software up-to-date and keeping employees well trained in cybersecurity best practices is a process requiring time and effort. The city must be able and willing to invest enough resources in maintaining secure systems and cultivating a cyber-resilient culture. When funds are lacking, it’s all too easy to put off routine security tasks until “later,” only to learn the delay has had devastating consequences.
Even as they continue to work through the strenuous recovery process, city officials in Baltimore are taking this latest ransomware attack as an opportunity to upgrade their network security architecture. They’re bringing in outside experts in security services to advise and guide them, and they’re looking to move vital segments of their infrastructure to the cloud.
Such improvements are vital first steps toward building a more cyber resilient municipal government, of course. Officials will need to make the right investments in cost-effective security solutions, including advanced endpoint protection platforms, virtual web application firewall technology, secure DNS filtering and comprehensive, integrated network-level solutions. But they will also need to cultivate an organizational mindset that values and prioritizes information security, and understands the importance of collaborating with IT teams to ensure threats like RobbinHood never gain a foothold in their city again.
To do so, city government leaders will need to abandon old ways of thinking about cybersecurity and adopt a more proactive approach, instead. Rather than assuming they can establish zones “inside” the network where users–and the data packets they create–are assumed safe, in today’s most effective information security architectures, no one inside or outside the network perimeter is automatically trusted. With this mindset, known as the “Zero Trust” approach, every user’s identity is to be verified, every host name or IP address is to be confirmed non-malicious, and every unknown file is to be analyzed before any of them are deemed safe to execute on or access the network.
To learn more about Zero Trust security architectures and the key steps to implementing Zero Trust in your own environment, download our eBook, today.
Reading Time: 2 minutes Cyber breaches are quite common in the medical industry. In 2019 alone, over 40 million patient records were breached, an almost 50% increase in cases from the previous year. With COVID-19 increasing the need for healthcare and forcing more interactions between providers and patients to take place online, the risk of cyber breaches has increased….
Reading Time: 2 minutes Ransomware is a dilemma that we have been facing for quite some time now. However, in 2020, we have seen a significant rise in the total number and variety of ransomware attacks. This latest ransomware boom is most probably the outcome of organized cyber-criminal networks recognizing the revenue-generating potential of this ‘business model’—amounting to over…
Reading Time: 3 minutes Overview One of thefirst times the public witnessedfirsthandand realized the power of ransomware was when WannaCry broke out in 2017. The government, education, hospitals, energy, communications, manufacturing and many other key information infrastructure sectors suffered unprecedented losses.Looking back, thatwas just the beginning, as there have since been many versions, such asSimpleLocker, SamSam and WannaDecryptor for…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats