City of Atlanta has been hit by a ransomware attack, causing outages across internal and customer-facing applications. The cybercriminals are requesting a payment of $6,800 to unlock each computer or $51,000 for all of the needed keys. As of now, the city hasn’t paid and has assured citizens the systems will be restored soon. The FBI is currently investigating to find out who is responsible. You can view the tweet from the city here. IT security experts commented below.
Gijsbert Janssen Van Doorn, Technology Evangelist at Zerto:
“Without a data hostage, there is no ransom – that’s the technology mindset organizations, and city authorities such as Atlanta, need to adopt to protect themselves from ransomware. Prevention plans aren’t enough as attacks build in frequency and strength and are irreparable causing damage to brand reputation and increasing risk. Instead, organizations need to invest and create full IT resilience plans, including a disaster recovery infrastructure. Being able to easily and quickly recover data from mere seconds before it was lost or disrupted can save an organization time, money and many other types of damage.”
Rob Tate, Security Researcher at WhiteHat Security:
“Ransomware is the new phishing attack. It’s a quick and easy win for bad guys that more than likely haven’t even breached your network. But the threat of bad press, reputation damage and fleeing customers is enough to incentivize companies to pay the ransom. This has caused a huge spike in ransomware threats. The bad guys aren’t dumb. They realize that there is this paranoia and fear, so it’s really easy to send an email saying ‘Send me 10 bitcoins/dollars or else,’ and inevitably, a few will actually cough up.
“Ransomware is just one specific attack scenario, and companies need to protect against ALL threats, not simply focus on a single issue. By performing a full vulnerability assessment and fixing the issues, you can protect your company from a far larger threat landscape. If 90 percent of your fence has already fallen over, what’s the use in trying to fix a hole in the 10 percent that’s left up? You need to protect against all threats, not one specific one.
“For the companies that are truly concerned about ransomware, in addition to vulnerability assessments, they can follow some easy industry best practices. Simply backing up your data and using up-to-date encryption will negate a lot of the risk of ransomware.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.