Ransomware Can Just Be Devastating
Ransomware is still going strong, and now more than ever it’s important to emphasize the danger that it poses for your organization. Even municipalities and other high-profile targets are at risk of being taken down by ransomware. Since 2013, over 170 government systems at the county, city, or state levels have been attacked.
Keep in mind that these numbers don’t come from the federal government or the Federal Bureau of Investigation, as they don’t track these attacks. As of May 10th, of this year, there have been 22 known attacks on the public sector, and there are likely even more than we don’t know about.
March 2019 Attacks
March saw a few ransomware attacks on municipalities, including the one on the sheriff’s office in Fisher County, Texas, which was infected and couldn’t connect to a state law enforcement database.
Albany, New York announced that it also has become victimized by a Saturday ransomware attack. This was a tactical choice by the hackers, as there was nobody around to actually fight back against the attack on a weekend. The city gave an understated account of the attack’s effect, but the real issues were considerable in nature--much worse than delayed marriage licenses and birth certificates.
Ransomware also hit the Albany Police Department’s systems, resulting in the entirely digitized systems being inaccessible. Officers were unable to access incident reports, crime reports, and schedules.
April 2019 Attacks
In April, Genesee County, Michigan’s tax department was completely shut down by ransomware for more of the month. The infection has been removed since.
May 2019 Attacks
The complete shutdown of Baltimore, Maryland was the highlight (if you can call it that) May attack. Caused by a ransomware called RobinHood, various issues kept the government from working as intended. Emails couldn’t be sent, payments couldn’t be processed, and real estate transactions had to be placed on hold. According to cybersecurity expert Avi Rubin, RobinHood utilized a notoriously powerful algorithm that even the National Security Agency couldn’t break. Furthermore, Baltimore was utilizing outdated hardware and software, which further exacerbated the problem.
Baltimore City Mayor Jack Young has gone on the record stating that the city will not be paying the ransom of 13 Bitcoins (approximately $100,000). The FBI and Secret Service have been called in to investigate, but the city is expecting a lengthy recovery time of at least a few months.
Rubin has provided some insight into why not paying the ransom was the right call, stating that if nobody ever paid these ransoms, then the attacks wouldn’t be as popular as they are in the first place. Unfortunately, companies often pay the ransom due to several factors, one of which is almost certainly the embarrassment factor that comes with falling victim to a threat like this. 45 percent of affected organizations pay the ransom to try to get their data back, while 17 percent of state and local governments pay up.
Nexela has some experience dealing with these attacks, and we agree with the decision made by organizations that refuse to pay the ransom. There’s no guarantee that you will save your data, even by paying the ransom, so why should you do so? After all, you’re only funding future ransomware attacks. It’s no different from investing in the hacking campaign.
We instead recommend implementing preventative measures to keep attacks like this at bay in the first place. To learn more, reach out to us at (215) 525-3223.