JUNE 19, 2020, KEIZERTIMES, PAGE A5
TREND: 22 cities in Texas How ransomware works
were struck simultaneously
(Continued from Page A1)
companies have begun offer-
ing cyberinsurance that cov-
ers some of the ransom costs
incurred by the victims. One
expert told the New York Times
that such packages could in-
crease the targeting of enti-
ties with cyberinsurance since
those purchases become part
of the public record.
In the wake of such attacks,
every device – from tablets
issued to city councilors to
the laptops installed in police
vehicles – must be examined
for existing vulnerabilities and
hardened against future attacks.
The strain of ransomware
that was used in many of the
most recent attacks is named
Sodinokibi (see related arti-
cle., How ransomware works, this
page.)
However, the ransom de-
manded by hackers from a city
are only a portion of the costs
they incur. In addition to the
ransom, Keizer had to contract
with a cybersecurity fi rm to
negotiate with the hackers and
now it will have to spend even
more on security in the future
data back-ups and, likely, ad-
ditional consultants to oversee
bringing the system back on-
line.
When Atlanta was held
hostage in 2018, the attackers
requested $51,000 in Bitcoin –
a cryptocurrency – but bring-
ing the city back online was
estimated at an additional $17
million. Whatever costs Keizer
is forced to absorb as a result
of the attack is likely to result
in cost cutting in other places.
The largest portion of Keiz-
er’s budget goes toward police
personnel.
Those behind the attacks
are only rarely prosecuted be-
cause of the untraceable mech-
anisms used to make ransom
payments.
In a report published by the
World Economic Forum, cities
of all sizes are urged to prepare
for future digital strikes in the
same way they would for an
earthquake.
“Digital security is not
only about hardware and soft-
ware. It is about adopting a
comprehensive whole-of-city
approach. Security must be
conceived as an essential prior-
ity, something that is designed
into every element of the ur-
ban infrastructure, not merely
introduced as an afterthought.
It requires developing the
rules, regulations, procedures
and budgets for city authori-
ties, businesses and residents to
prepare and respond to digital
threats when and after they
inevitably occur,” the report
states.
The report cites human er-
ror and a failure to implement
best practices as the leading
causes of such attacks succeed-
ing.
Many attacks could be pre-
vented with relatively sim-
ple actions such as “software
patching, correct fi rewall con-
fi guration, frequent and re-
dundant backups, and use of
multi-factor authentication for
logons,” the report concludes.
CASINO,
continued from Page A1
The state’s current gam-
ing policy remains one casino
per tribe on reservation land.
A potential Salem casino has
long been a part of local con-
versations, the original pro-
posal was put forward in the
crossword
By ERIC A. HOWALD
Of the Keizertimes
It will likely take days or
weeks to fully understand
how Keizer’s data systems
were held for ransom, but dig-
ital strikes on other cities and
counties provide some insight
into how it all works.
Ransomware is different
than what the average user
envisions when being hacked.
Rather than destroying or
downloading data, ransom-
ware makes data inaccessible
through encryption that can
only be unlocked with a nu-
meric key held by the hackers.
Hackers
are
typical-
ly known to charge ransom
based on the number of serv-
ers it was able to lock up and
payments are made through
a web of untraceable digital
transactions. Meanwhile in
cities with libraries, the hacks
meant checking out books
with pen and paper logs. For
many police departments,
hacks resulted in hand-written
citations. Emails sent to Keizer
city employees bounced back
for several days.
According to a malware
Wikipedia site, comprised
of knowledge gleaned from
those who have dealt with
ransomware, a strain known
as Sodinokibi is the current
scourge of cities near and far.
Sodinokibi doesn’t de-
stroy data and many of the
users don’t appear to down-
load much unless the victim
refuses to pay ransom. Sudi-
nokibi, also known as REvil,
is believed to have originated
in Russia and has already re-
sulted in roughly $7 million in
known ransoms paid.
Ransoms are paid to affi li-
ates of the hacker or group of
hackers. The affi liates report-
edly keep 60 percent of the
ransom paid and that amount
increases to 70 percent after
three successful transactions.
The remainder goes to the ac-
tor or actors behind the hack.
As of early 2020, there were
roughly 40 known affi liates
accepting ransom payments
for successful Sodinokibi at-
1990s and Oregon’s governor
was given veto power over
any potential off-reservation
casinos in a 1997 9th Circuit
U.S. Court of Appeals deci-
sion.
The Siletz Tribe would
need approval from the Sec-
retary of the Department of
the Interior and Oregon Gov.
Kate Brown before proceed-
ing.
The Siletz proposed split-
ting any potential revenues
with 25 percent going to the
state, 25 percent to the Con-
federated Tribes of the Siletz,
and 50 percent divvied up be-
tween eight federally recog-
nized tribes in Oregon.
tacks.
While many cases are re-
solved with the payment of
a ransom, some Sodinokibi
hackers raised the stakes ear-
lier this month, according to
Brian Krebs, a cybersecurity
reporter with The Washington
Post.
One of the hackers behind
the Sudinokibi ransomware
began auctioning off data it
stole from a Canadian ag-
ricultural production com-
pany. The starting price was
$50,000 for 22,000 stolen fi les.
The Krebs report suggests that
auctioning data is one way
hackers are diversifying their
portfolios given the decreased
ability of some agencies to
pay ransoms as a result of the
COVID-19 pandemic and the
resulting economic crisis.
On a fi nal note, Sudinokibi
unleashes its economic hav-
oc with a program so small it
could fi t on a 3.5-inch fl oppy
disk produced in 1986.
maze
COVID-19
has created a
greater need for
donations to the
Keizer Community
Food Bank
Please consider
donating food or
fi nancial help.
Maze by Jonathan Graf of Keizer
sudoku
Enter digits
from 1-9 into
the blank spac-
es. Every row
must
contain one
of each digit.
So must every
column, as
must every
3x3 square.
BRIAN & APRIL McVAY
503.510.6827 - Call or Text anytime
As lifelong residents, we are your
Keizer neighbor. We know this
market and we are here to help!
Enjoying real estate since 1998
3975 River Rd N • Suite 3 • Keizer
Oregon Licensed
Real Estate Brokers