It mostly affects schools, but fixes are thankfully on the way.
Image credit: Patrick T. Fallon/Bloomberg via Getty Images
Patrick T. Fallon/Bloomberg via Getty Images
Criminals are relying on some particularly insidious ways to spread ransomware. Cisco's Talos group has discoveredthat intruders are taking advantage of vulnerabilities in old versions of Follett library management software (specifically, the associated JBoss web servers) to install backdoors and slip in ransom code. The attack has 'only' put 2,100 backdoors in place, but about 3.2 million systems are known to be at risk -- many of them at grade schools. Suffice it to say that many educators don't want to pay a hefty sum just to regain access to their library data.
The good news? Follett appears to be on top of things. It has a patching system that should fix flaws in software up to a few versions back and can catch unofficial files that might be used to compromise the servers. The firm is also working with Talos to notify customers about the security risk. This doesn't guarantee smooth sailing from here on out (what about those with software too old to get those patches?), but there's a real chance that the issue will be contained before it gets completely out of hand.