An article from NPR caught our eye as it places the ransomware attack on the City of Atlanta in a larger context – a growing context of determined attacks, larger ransoms, and higher sophistication.
Reporter Vanessa Romo points out in her story on NPR that not everyone is paying the ransom, instead choosing to revert to pen and paper recordkeeping while rebuilding files – or in the case of Erie County Medical Center in Buffalo – replacing entire computer systems. (They had 6,000 PC’s locked out.)
Before we go any further, if you are a business with important sensitive data, and you wish to innoculate yourself against such an assault on your business operations (or viability), you should consult with someone who can help defend you. We, or someone like us, will provide an important first consult free – along with a few DIY tips that will cost you nothing.
In another instance, one firm paid the ransom, which was followed by another ransom demand…. then the delivery of 900 separate unlock codes. They were lucky, they actually got their data back. In many cases, the ‘ransom’ demand is a ruse – the criminals actually wipe the disk, collect your money, and laugh all the way to the bank (if they use one.)
The new outbreak seeks to penetrate businesses and institutions likely to part with serious cash to recover their data.
The City of Pittsburgh, WESA reports, is better defended. The city is the home of Carnegie-Mellon University with its elite engineering school, whose computer science majors test the defenses of the city’s network by trying to hack into the system. Even then, they don’t regard themselves as unbreachable. “It’s not prudent to poke the bull on this one.”
In some cases, the virus is a zero-day planted earlier, sometimes much earlier, in order to avoid detection of either the virus or its vector (how it got there). And phishing is not the only vector – there is more sophistication on offer.
The trend is to attack enterprises and institutions likely to have vital records, and enough potential cash on hand to satisfy the much larger ransoms these attackers demand.
A good defense is one that makes recovery cost much less than either the ransom or the expense of rebuilding from scratch.
Suggestion: you should start now. As we noted, starting now is free.