Ransomware Could Lead to War | Ransomware Attacks Hit Record | Whole Towns Are Targeted, and more

Police Computer Systems Ill-Prepared to Cope with Ransomware Attack  (Phil Pennington, NZ Herald)
Police computer systems have been ill-prepared to cope with a disaster like a major hack. This has been at the same time they have been pushing for more powers to gather people’s data to keep in the systems. An audit shows police did not know how much data they could afford to lose if their IT systems were hit.

Ransomware Attacks: No Longer a Matter of “If,” but “When”  (Daniel Burns, Business 2 Community)
In a world where digital exponential change accelerates tremendously, cyber threats are no longer a frustrating obstacle that only individuals face. While the ease of large-scale connectivity is appealing, our vital systems in place are now more delicate than we realize.

How Data-Driven Patch Management Can Defeat Ransomware  (Louis Columbus, Venture Beat)
Patterns emerging from this year’s growing number of ransomware attacks show organizations rely on an inventory-based approach to patch management and aren’t systematic in managing cybersecurity hygiene. As a result, organizations often lack visibility into risks and cannot prioritize which endpoints, systems, cloud platforms, and networks have the greatest vulnerability. All ransomware attack victims share the common trait of having limited contextual intelligence of the multiple ransomware attempts completed before their companies are compromised. Lacking the basic cybersecurity hygiene of multi-factor authentication (MFA) across all accounts and increasing the frequency and depth of vulnerability scans are two of many actions organizations can take to improve cybersecurity hygiene.
The solution? Bots can identify which endpoints need updates and their probable risk levels, making the most current and historical data to identify the specific patch updates and sequence of builds a given endpoint device needs.
Instead of relying on a comprehensive, inventory-based approach to patch management that is rarely finished, IT and security teams need to fully automate patch management. Taking this approach offloads help desk volumes, saves valuable IT and security team time, and reduces vulnerability remediation service-level agreement (SLA) metrics. Using bots to automate patch management by identifying and prioritizing threats and risks is fascinating to track, with CrowdStrike, Ivanti, and Microsoft being the leading vendors in this area.

Inside a Ransomware Negotiation: This Is How ‘Asshole’ Russian Hackers Shake Down Companies  (Shannon Vavra, Daily Beast)
The Daily Beast obtained transcripts of a victim negotiating with a ransomware gang this summer, just as the Biden administration began to grapple with an onslaught of attacks.

Texas Ransomware Attack Shows What Can Happen When Whole Towns Are Targeted  (Jake Bleiberg and Eric Tucker, AP / USA Today)
In 2019, ransomware had yet to emerge as one of the top national security concerns confronting the United States, an issue that would become the focus of a presidential summit between Washington and Moscow this year. But the attacks in Texas were a harbinger of the now-exploding threat and offer a vivid case study in what happens behind the scenes when small-town America comes under attack.