Over the last couple of years, I have reported in my blog about ransomware attacks and offered solutions to prevent them. In one blog I highlighted a local health care provider in the Elk River, MN (read blog) that fell victim to ransomware and paid it. I also predicted ransomware was not going away, but I couldn’t imagine the scale of ransomware attacks on state and local governments in 2019. If you are new to ransomware, own a business, manage a network at a state or local government or for a health care provider, you should take action today to implement a plan to help prevent a ransomware attack and learn how to manage one.
Before I share what happened in 2019 with state and local governments, let’s take a look at what Ransomware is.
Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files unless a ransom is paid (Trend Micro, https://www.trendmicro.com/vinfo/us/security/definition/ransomware). The main delivery mechanism for Ransomware is spam email. The spam email most often looks “legit” to the viewer. In some cases, all you need to do it open it and the malware is released into your system. About 40 percent of all spam emails in 2016 contained ransomware, according to a recent IBM Security study (Stephanie Condon, Between the Lines, Ransomware: Should you pay up?, February 13, 2017, https://www.zdnet.com/article/ransomware-should-you-pay-up).
State and Local Governments Attacked in 2019
Of the 70 reported cities hit by ransomware this summer, the City of Atlanta, New Bedford, Massachusetts, and two Florida cities faced different amounts for ransom, and ultimately paid much more than the ransom to restore their networks. The Atlanta ransom was $52,000, but city officials decided instead to invest $2.6 million to rebuild their system. New Bedford, on the other hand, ended up paying an undisclosed amount of money to restore their network. Hackers demanded a $5.3 million ransom, the city bargained for $400,000 to have it restored, and the hackers rejected it. And two Florida cities paid a combined $1.6 million to hackers. (C|NET, Alfred Ng, Ransomware froze more cities in 2019. Next year is a toss-up, December 5, 2019, https://www.cnet.com/news/ransomware-devastated-cities-in-2019-officials-hope-to-stop-a-repeat-in-2020/).
Solutions to Help Prevent a Ransomware Hack
There is no 100% full proof thing you can do to prevent a ransomware attack. However, like protecting your home you can take steps to prevent a break-in. You can help eliminate your network as a soft target. RB’s Computer Service is an expert in implementing and managing ransomware protecting plans. We have blogged extensively about implementing procedures to safeguard against malicious software, conducting a risk analysis, hardware firewalls, managed backups, VPN’s, and our managed service agreements. In addition to these solutions, employee training is equally critical. It is often an employee that first notices something is awry. In these situations time is not your friend. A rapid response could help prevent would-be hackers from taking complete control of your network. RB’s Computer Service can help with this too.