McAfee, Symantec and Malwarebytes Failed City Office

Multiple Layers of Defense, Doesn’t Always Mean Better Security

On January 3, 2018, the ransomware variant, SamSam, infected the city offices of Farmington, New Mexico.  The ransomware infection successfully encrypted multiple areas of the city office including the electronic bill pay and records processing.  Although the infection did not impact utility operations and the city office has made it clear, there was not any interruption to public safety services such as emergency response teams.

In August, the PC Matic team reached out to the City of Farmington to employ their right to the Freedom of Information Act.  It is because of this act, anyone is able to obtain public information from federal agencies or any entity that is publicly funded.  This public information includes which security solution vendor the municipality is using at any given time.  The City of Farmington responded to our request, stating at the time of the SamSam infection, they were using Symantec, Malwarebytes, and McAfee.  However, since those three vendors were unable to block the threat, they have since moved to a single vendor solution.  Below you may see an excerpt of the memorandum they sent to us:

Our team has reached out to other public entities that have suffered ransomware attacks to determine which security vendor they were using at the time of infection.  Once we receive that information, we will keep our readers updated.  Stay tuned!

 7,525 total views,  1 views today

(Visited 1 times, 1 visits today)
Related Reading  FBI Warns of PYSA Ransomware Attacks on Education

11 thoughts on “McAfee, Symantec and Malwarebytes Failed City Office

  1. Thanks for the info. Making the PC world a safer place should be the responsibility of each state in the US.

    I have been a user for years now and since our company switched to the product we have had zero problems!

  2. Why not work back along the hackers roadmap and attack their hardware operating system and maybe cause a runaway battery situation or some other mechanical failure that would severely damage their systems.
    I think it’s time to do more than just defend within the cyber world. We need to also become physically aggressive. It seems that the hackers are identifiable, but, untouchable through law enforcement, therefore, a cyber attack coupled with a physical destruction, offensive strategy is what is necessary.

  3. Why not work back on a hackers roadmap and attach the hardware operations, causing hardware destruction or even a power source fire in the bad actors computer.
    In other words, instead of exhausting ourselves defending against millions of threats daily why not go on the offensive and destroy the bad guys computers.
    It seems that all the bad guys are identified without any action taken against them. Getting aggressive in the physical world seems like the only positive answer to the problem.

  4. So I have been using PCMatic for several months now , and am to date very happy with the service . I was not ” scared ” of their advertising / marketing , or any other aspect of their promotions . It has been a very simple system that other products cannot match for effectiveness . Simple to install , use and update . I particularly like the clean up part of their programs . For years I had used Avast and was generally satisfied with it , but they did not provide the specific information of what their product had done . I would recommend their product since I can protect all my computers for one price . Not so with any other company I’ve heard advertised . Protection , customer service and affordability is refreshing in the nickel and dime you industry they excel in . : )

  5. More than one anti-virus program running at the same time can cause them to cancel each other, at least that used to be true. Has that changed? It sounds to me that Farmington tried to over protect.

  6. I am duly impressed, BUT has PC Matic ever recorded a “failure to protect” by PC Matic on a real-life computer? If so, when?, using which version of which PC Matic program? What happened? or How did it happen? What was the situation? Has the fault been corrected?

  7. As a user of PCMatic, I desire for you to publish the entire response you received regarding the incident. As above, I also want to know what the Senior Cybefr-security Specialist recommended. It would be helpful to know who the person was and whom they wotrk for or commonly recommend.
    Like most professionals, they have opinions based upon their experiences and doctrinal training. It helps all of us to make best / better decisions when we see the entire data and can check out the background of advisor.

    I am so far satisfied with PC Matic and not looking to change. I am still using AVG on another system and have had a few minor issues with it on XP machines (Yes they are still in use !). Also use Avast on another network. I use Malwarebytes occasionally on all systems to feel comfortable.

  8. Hi I’m technician and the best solution so far is comodo antivirus, is not easy to set up, installation time is long but once is running can stop almost any ransomware, unless you tell him not to do… You can find some videos on youtube of comodo vs ramsonware. 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.