Multiple Layers of Defense, Doesn’t Always Mean Better Security
On January 3, 2018, the ransomware variant, SamSam, infected the city offices of Farmington, New Mexico. The ransomware infection successfully encrypted multiple areas of the city office including the electronic bill pay and records processing. Although the infection did not impact utility operations and the city office has made it clear, there was not any interruption to public safety services such as emergency response teams.
In August, the PC Matic team reached out to the City of Farmington to employ their right to the Freedom of Information Act. It is because of this act, anyone is able to obtain public information from federal agencies or any entity that is publicly funded. This public information includes which security solution vendor the municipality is using at any given time. The City of Farmington responded to our request, stating at the time of the SamSam infection, they were using Symantec, Malwarebytes, and McAfee. However, since those three vendors were unable to block the threat, they have since moved to a single vendor solution. Below you may see an excerpt of the memorandum they sent to us:
Our team has reached out to other public entities that have suffered ransomware attacks to determine which security vendor they were using at the time of infection. Once we receive that information, we will keep our readers updated. Stay tuned!