The email-borne attack locked the city ’ s servers and many of the daily business functions , officials said . ( TNS ) -- SPRING HILL , Tenn. — The city was the victim of a recent cyber-attack Attack.Ransom , which caused its computer system to lock with a ransom Attack.Ransom of $ 250,000 . Spring Hill was one of several other local government agencies who were victim to the attack Attack.Ransom , and city officials say they do not believe any citizen or customer account information was stolen Attack.Databreach or compromised Attack.Databreach . It did , however , temporarily halt any online credit or debit card payments . `` We received a ransomware attack Attack.Ransom Friday evening that ended up going in and locking our servers . It affected all of our departments , and we have been in recovery mode ever since [ Sunday ] , '' City Administrator Victor Lay said . `` We 've now been able to , at least minimally , conduct business , although the manual system of paper and pencil seems to work pretty well against those kinds of things . '' Lay added that the `` appropriate government authorities '' have been contacted about the incident , which will meet later this week to discuss an investigation into the incident . He said it was not a `` hack '' per se , but a virus created from a downloadable email attachment , locking the system using an encryption key . `` We 're working through it . Obviously , we chose not to pay the ransom Attack.Ransom . We 're working through the system and it 's going to take us a few days to get things all back to normal , but we 're getting there . ''

A new form of ransomware has emerged which is , unusually , being distributed by two separate exploit kits -- one of which was thought to have disappeared -- and demands payment Attack.Ransom in a lesser-known form of cryptocurrency . First seen on January 26 , GandCrab has been spotted being distributed by two exploit kits , RIG EK and GrandSoft EK . According to researchers at security company Malwarebytes , it 's unusual in itself for ransomware to be pushed using an exploit kit , with such tactics usually reserved for trojans and coin-miners . An exploit kit is used by cybercriminals to take advantage of vulnerabilities in systems in order to distribute malware and perform other malicious activities . In contrast , ransomware is usually delivered by spam email . The only other form of ransomware known to be consistently distributed with an exploit kit is Magniber . GandCrab is distributed via the RIG exploit kit , which uses vulnerabilities in Internet Explorer and Flash Player to launch JavaScript , Flash , and VBscript-based attacks to distribute malware to users . It 's possible that RIG spreads GandCrab to victims using malvertising on compromised websites , in an attack method similar to that used by Princess ransomware . GandCrab is also distributed using GrandSoft , an exploit kit which first appeared in 2012 , but was thought to have disappeared . The GrandSoft EK takes advantage of a vulnerability in the Java Runtime Environment which allows attackers to remotely execute code , and in this case is used to distribute GandCrab . Once the payload has been dropped and run on a compromised system , GandCrab , for the most part , acts like any other form of ransomware , encrypting Windows files using an RSA algorithm and demanding payment Attack.Ransom for the 'GandCrab Decryptor ' required to unlock the files . The encrypted files gain a .GDCB extension , with the encryption loop designed in such a way it will eventually affect every file on the drive . However , unlike many forms of ransomware , GandCrab does n't demand payment Attack.Ransom in bitcoin , but rather in a form of cryptocurrency called Dash . Those behind the ransomware demand Attack.Ransom 1.5 Dash ( listed on the note as $ 1,200 , although the fluctuating prices mean it 's ever changing ) as a ransom Attack.Ransom , a price which doubles to three Dash ( $ 2,400 ) if the price is n't paid Attack.Ransom within a few days . The demand Attack.Ransom for payment in Dash represents the latest example of ransomware distributors attempting to move away from bitcoin and onto other cryptocurrency , for reasons ranging from increased privacy and security to other forms of blockchain-based virtual currency being less popular than bitcoin and therefore quicker to process . There 's currently no means of decrypting GandCrab ransomware files for free at this time , meaning the best way to avoid falling victim is to ensure all software updates and patches have been applied Vulnerability-related.PatchVulnerability to ensure the vulnerabilities exploited Vulnerability-related.DiscoverVulnerability by the exploit kits ca n't be used to distribute ransomware from infected sites .

An attack called Mongo Lock is targeting remotely accessible and unprotected MongoDB databases , wiping them , and then demanding a ransom Attack.Ransom in order to get the contents back . While this new campaign is using a name to identify itself , these types of attacks are not new and MongoDB databases have been targeted for a while now . These hijacks work by attackers scanning the Internet or using services such as Shodan.io to search for unprotected MongoDB servers . Once connected , the attackers may export the databases , delete them , and then create a ransom note explaining how to get the databases back . According to security researcher Bob Diachenko who discovered the new Mongo Lock campaign Attack.Ransom , the attackers will connect to an unprotected database and delete it . In its place , the attackers will leave a new database called `` Warning '' with a collection inside it named `` Readme '' . The Readme collection will contain a ransom note that explains that the database has been encrypted and that the victims need to pay Attack.Ransom them a ransom Attack.Ransom to get it back . In the Mongo Lock campaign Attack.Ransom , as shown below , the attackers do not leave a bitcoin address , but rather direct the victim 's to contact them via email . While the ransom note claims that the attackers are exporting Attack.Databreach the database first before deleting it , it is not known if they are doing that in ever case . Victims are paying ransoms Attack.Ransom When looking up some of the bitcoin addresses used in recent MongoDB attacks , victims have been paying the ransoms Attack.Ransom . For example , the bitcoin address 3FAVraz3ovC1pz4frGRH6XXCuqPSWeh3UH , which has been used often , has had 3 ransom payments Attack.Ransom for a total of 1.8 bitcoins . This is equivalent to a little over $ 11,000 USD at the current value of bitcoins .

A Warwick company ’ s managing director is warning other businesses to protect themselves from cyber criminals after being held to ransom Attack.Ransom . Kettell Video Productions was targeted by tech scammers who infected its IT systems with viruses before demanding Attack.Ransom £1,000 in online currency Bitcoins or the files would be permanently deleted . Luckily , owner Stuart Kettell routinely backs up all his company ’ s systems so nothing was lost but he warned others to do the same to avoid disaster . “ It was scary : I had no idea about cyber-attacks before and really didn ’ t know what to do , ” he said . “ Critical files , including images and videos for clients , were wiped out along with a lifetime of personal memories . “ The affected files were lost for good – the only way to recover them was with the key code held by the blackmailer – but luckily I back-up everything to an external data cartridge . “ In the end it was more an inconvenience…but it could have threatened the business . “ I would strongly urge all business owners to back-up their essential files. ” Mr Kettell acted quickly when he realised the audio-visual specialists in Arlescote Close were under attack by the web sharks in December , 2015 . “ I noticed all my photos , videos and pdf files ghosting to white with a new filename… it attacked my desktop first then it wormed its way into folders one file at a time every few seconds , ” he said . “ I ’ ve no idea how the malware was introduced as we use software that ’ s designed to prevent against such attacks . “ And the demand for payment Attack.Ransom seemed very professional : I was given links where I could buy Bitcoins and even offered the chance to decrypt one file for free . “ I unplugged my computer , isolated it from the internet , and ran some anti-malware software to stop the virus spreading further. ” Latest figures from the Crime Survey for England & Wales estimated there were 1.3m computer virus offences and 667,000 hacking related offences committed in the year ending September 2016 . Sergeant Gary Sirrell from the cybercrime team at West Midlands Regional Organised Crime Unit said commercial web attacks are increasingly being committed against smaller firms and not big multi-nationals . “ Small and medium sized companies are easier targets : they often don ’ t have the resources or expertise to protect against cyberattacks , ” he said . “ And if they are targeted , the impact can be devastating . “ But there are steps business owners can take to mitigate the risk . “ A really effective tactic involves ‘ layering ’ defences to include a firewall , anti-malware software , staff training and regular re-training ) around phishing email awareness , and finally to plug Vulnerability-related.PatchVulnerability any holes in your defences by updating Vulnerability-related.PatchVulnerability software patches and updates Vulnerability-related.PatchVulnerability in a timely manner . “ By exercising good cyber hygiene , and having a strong backup policy , Stuart avoided the dilemma of whether to see his business significantly damaged , or to have to hand over a ransom Attack.Ransom to organised crime gangs to get his data unlocked . “ If more businesses in the West Midlands proactively took such steps there would be significantly fewer crimes victims . ”

Remember when all you had to worry about with your car is getting an oil change every 3,000 miles . Today ’ s connected cars are miles ahead technologically speaking of those “ dumb ” vehicles , but drivers could see a bumpy ride if thieves get a hold of the data the car possesses . The Internet of Things ( IoT ) has created an entirely new market in the automotive industry with connected car services that are driving new recurring revenue growth and transforming the industry . And that trajectory is expected to continue , growing from $ 13.6 to top $ 42 billion by 2022 . Vehicles contain critical personal information such as personal contacts , registration and insurance details , financial information and even the address to the owner 's home – making entry , theft and further damage even more of a possibility . Vehicles have become an extension of one ’ s connected self and the technology associated with them offers substantial benefits . With the emergence of sophisticated technology , the nature of vehicle theft has changed . A major adversary of today ’ s vehicle owner is a smarter , connected and more targeted network of criminals , known as ‘ Connected Vehicle Thieves ’ . LoJack , provider of vehicle theft recovery and advanced fleet management solutions , shows how these New Age thieves can take advantage of the technology in vehicles . Vehicle-enabled ransom Attack.Ransom : One growing and increasingly lucrative type of cybercrime is the use of ransomware , where inserted malware encrypts digital data and instructs a victim to pay Attack.Ransom the criminal a ransom Attack.Ransom to restore the decrypted information . With the emergence of the connected car and vehicles being used as WiFi hot spots , vehicle-enabled ransomware is a predictable next step for hackers , exploiting this new avenue to commit digital “kidnapping” Attack.Ransom . For example , in the near future , they could easily break into a vehicle , disable the engine and brakes , and demand bitcoin Attack.Ransom to restore the car to its functional state . Scanner boxes as smart keys : Thieves have begun carrying scanner boxes , or devices that can exploit the electronic system utilized by key fobs . These criminals can then unlock , and even start , a vehicle without even touching the key . Once the key comes in close enough range to the scanner box and is compromised . Data leading to identity theft : These days , connected cars carry more information and personal data than ever before , making identity theft a more serious threat . Thieves are targeting your vehicle , but also the data within it , which could lead to credit card details , location information , Social Security numbers , and personal IDs like drivers ’ licenses . Once this information is obtained Attack.Databreach , it ’ s possible for a hacker to access any of your online accounts .