The Difficult Truth: AV is Failing to Stop the Ransomware Threat

We at CryptoDrop have talked about a lot of issues relating to ransomware. Sometimes ransomware can be comically bad, as we saw in our analysis of the Halloware ransomware. Now is not the time for comedy, though. We need to deliver a hard truth to local and state governments: The time for complacency about ransomware is over, and antivirus software is not protecting your critical data from the ransomware threat.

We’ve seen attacks against city governments in the past, such as the Mecklenberg County attack by the LockCrypt ransomware, while Colorado’s Department of Transportation has been repeatedly attacked. What we’ve seen happen in Atlanta over the past few days, though, is an unprecedented attack against municipal infrastructure. As has been widely reported, the City of Atlanta’s 8,000 employees were locked out of their computers for five days because of infection by the SamSam ransomware. Normal activity ground to a halt, with Atlanta residents not being able to use online services and courts not being able to validate warrants. Even the WiFi at Hartsfield-Jackson International Airport, the world’s busiest airport, was completely shut down because of the attack. The mayor of Atlanta, Keisha Lance Bottoms, said in a statment that “We are dealing with a hostage situation.”

These attacks should be sobering but not unexpected. A 2016 survey of municipalities showed that ransomware attacks represented the greatest percentage of attributable attacks faced by local governments. Yet traditional antivirus have proven themselves incapable of defending against the threat. We have seen many, many examples of ransomware defeating running AV software or circumventing detection strategies. There can no longer be any doubt that traditional AV cannot handle the ransomware challenge.

Attacks against our government systems cross an important boundary. As Mayor Bottoms said of the ransomware attack, “This is really an attack on our government, which means it’s an attack on all of us”. If you are part of a local or state government, you should take this as a challenge to protect your constituents.

We are here to help.

SamSam is among the over 1,000 ransomware strains that we have tested and beaten without any issue. Moreover, with our Fast Recovery Edition, we can roll back any changes that ransomware might have made to your system in seconds. We have been independently tested and verified and the work comes out of peer-reviewed academic research, so you can trust your files to be safe with us.

If the Atlanta attack has been a wake-up call about the dangers of ransomware and you are trying to figure out the next steps forward, we are here to help. Drop us a line and we will be happy to help you plan a strategy to combat this growing threat. It’s what we as a company are committed to doing. At CryptoDrop, We Stop Ransomware.

Leave a Reply

Your email address will not be published. Required fields are marked *