Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Two months have passed since the city of Baltimore was hit by the latest in a string of ransomware attacks targeting municipalities, and things still aren’t completely back to normal. The attack, perpetrated by an unknown cyber criminal, impacted over 10,000 municipal government-owned computers, and disrupted tax collection and city employees’ access to their email and voicemail accounts. In addition, more than 1,500 pending home sales were delayed, though officials were able to resume processing real estate transactions some days later.
The attackers used a fairly new strain of ransomware called RobbinHood to encrypt all user files on the affected computers. The algorithm they employed is said to be unbreakable with today’s cryptographic technologies. City officials refused to pay the ransom of 13 bitcoins—worth between $80,000 and $100,000—the attackers have demanded. Instead, Baltimore’s leaders have struggled to rebuild applications, user accounts, and portions of their network from the ground up, a process that’s laborious, slow, and expensive. Estimates of lost revenue and recovery costs are currently in the neighborhood of $18 million.
City residents have been frustrated and disappointed with the slow pace of recovery, especially since the temporary manual processes Baltimore has put in place for some administrative components are tedious and inefficient. Other residents are incredulous that the city wasn’t better prepared for this sort of attack since this is the second time within a year its systems have fallen victim to ransomware.
It’s tempting to believe the strain of ransomware involved was highly and technically sophisticated and was able to bypass security controls that the city’s IT team had established in the wake of last year’s incident. But analysis of the RobbinHood malware indicates that can only be distributed through methods requiring extended access to network-level controls—and it most probably was distributed via the compromise of a user account with privileged credentials.
Other experts have claimed the affected systems were vulnerable because Baltimore failed to install a Windows patch that Microsoft had issued in 2017.
Credentialed account compromise can often be prevented with good password hygiene, and by training employees to avoid social engineering or phishing attacks. The vulnerabilities that come from failing to apply software patches in a timely manner can be reduced by turning on automatic updating, or by running periodic vulnerability scans to identify such security weaknesses within the environment.
But keeping software up-to-date and keeping employees well trained in cybersecurity best practices is a process requiring time and effort. The city must be able and willing to invest enough resources in maintaining secure systems and cultivating a cyber-resilient culture. When funds are lacking, it’s all too easy to put off routine security tasks until “later,” only to learn the delay has had devastating consequences.
Even as they continue to work through the strenuous recovery process, city officials in Baltimore are taking this latest ransomware attack as an opportunity to upgrade their network security architecture. They’re bringing in outside experts in security services to advise and guide them, and they’re looking to move vital segments of their infrastructure to the cloud.
Such improvements are vital first steps toward building a more cyber resilient municipal government, of course. Officials will need to make the right investments in cost-effective security solutions, including advanced endpoint protection platforms, virtual web application firewall technology, secure DNS filtering and comprehensive, integrated network-level solutions. But they will also need to cultivate an organizational mindset that values and prioritizes information security, and understands the importance of collaborating with IT teams to ensure threats like RobbinHood never gain a foothold in their city again.
To do so, city government leaders will need to abandon old ways of thinking about cybersecurity and adopt a more proactive approach, instead. Rather than assuming they can establish zones “inside” the network where users–and the data packets they create–are assumed safe, in today’s most effective information security architectures, no one inside or outside the network perimeter is automatically trusted. With this mindset, known as the “Zero Trust” approach, every user’s identity is to be verified, every host name or IP address is to be confirmed non-malicious, and every unknown file is to be analyzed before any of them are deemed safe to execute on or access the network.
To learn more about Zero Trust security architectures and the key steps to implementing Zero Trust in your own environment, download our eBook, today.
ITIL
Tags: cybersecurity,ransomware
Reading Time: 4 minutes Increased dependency on computers and access to data makes an organization more vulnerable to cybersecurity threats. With the increase in cyber-criminals and cyber-attacks, many companies today are looking for greater protection of their decentralized computing work environments from their Managed Service Providers (MSPs). As a result, MSPs need to deliver firewall solutions that are designed…
Reading Time: 3 minutes Rapid technological growth and increasing digitalization in all aspects of life around the world have increased the value of ensuring cyber-security at all levels. This is increasingly true for EU member states and the organizations that are based in or operate from these countries. The number of cyber-attacks targeting EU member states has risen. The…
Reading Time: 3 minutes Disruptions are often unforeseen. This could be a catastrophic event like a hurricane, a fire, or an earthquake. Disruptions, however, can also come in other forms such as that of a pandemic. This means that a building doesn’t necessarily have to be demolished or lives have to be lost for an unforeseen event to completely…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP