Johannesburg Suffers Yet Another Ransomware Attack
A second ransomware attack has left the town of Johannesburg, South Africa scrambling again.
The website and essential digital services have been suspended while the city deals with the breach. Hackers claimed, “We have dozens of backdoors inside your city. We have control of everything…” This includes personal population information, passwords, and even the ability to shut down essential functions.
Preventative care is surprisingly lax even with the increase in daily global ransomware attacks. Out-of-date blacklist technology is still used as the basis for most solutions while it’s becoming clear that application whitelisting is the most effective method for stopping ransomware. It makes sense. If your name isn’t on the list, you can’t get into the party.
We’ve mentioned application whitelisting plenty here. It’s the basis of PC Matic’s protection, and yet people aren’t switching over to the technology in droves, even when the National Institute of Standards and Technology is recommending it. It leaves you wondering why.
We frequently hear that the idea of a false positive is bothersome. A false positive, in case you weren’t sure, is a good application being blocked as bad. Sure, that can occasionally throw you for a few minutes of your day, but is it worse than being the first one to encounter a new piece of malware or a successful ransomware attack? Maybe someone should ask the officials in Johannesburg. Unfortunately, you won’t be able to email that question in for quite awhile. If you hadn’t heard, their systems are down.
