Over the past weekend, the city of Durham, North Carolina was the victim of a ransomware attack and had to shut down a significant portion of its network. According to a statement from officials, Durham “temporarily disabled all access into the DCI Network for the Durham Police Department, the Durham Sheriff’s Office and their communications center,” but 911 calls are still being answered. The ransomware, identified as Ryuk, is often installed by the Trickbot malware, which is in turn often installed by Emotet but has also been delivered directly to victims. Both Trickbot and Emotet are most often delivered by malware in Microsoft Word or Excel files sent by phishing email messages that attempt to trick employees into opening them. The attack on the city of Durham is reported to have possibly been going on for weeks prior deployment of the ransomware.
With all the news around COVID-19/Coronavirus, the average person is turning to the internet for