Unless you live in Atlanta, Georgia, you might have missed the news that a good part of the city’s administration was reduced to old-fashioned longhand reporting and take-a-number, stand-in-line customer service last week. The reason? A ransomware attack demanding $51,000 in bitcoin.
If it sounds crazy to have policeman and sewer department officials writing up arrests and requests using pen and paper, then consider this: Atlanta was far from alone. At the same time that the southern city was struggling, the city of Baltimore’s essential 9-1-1 system had to turn to manual dispatch for almost 24 hours and the tiny town of Leeds, Alabama (pop. 11,700) had to pay hackers $12,000 to get their computers up and operating again.
A 2017 survey conducted by the International City/County Management Association showed that, as well as private businesses, almost half of local governments admit to experiencing cyberattacks on a regular basis. Many have no idea how often they are attacked, and even more admit to having no idea whether their system has been breached or not. This level of vulnerability appears to be matched by a level of apathy: more than half of those who are attacked don’t even bother keeping track, and Atlanta officials admit that they were warned a year earlier of the weakness of their cyber defenses, yet they did little or nothing to protect themselves. An intelligence expert who previously directed Israel’s Mossad refers to cyberattacks as “soft nuclear weapons” that are aimed at organizations — public and private — around the world.
Whether the target is a government or a private entity, prevention of attack and mitigating damages starts with a recognition of the threat. Internal users need to be made aware of risk and trained on appropriate actions, and funding for cybersecurity as well as persistent data capture and storage need to be increased. Though storage costs will grow, failure to store clean backups on a regular basis will mean long periods of blackouts. One week after Atlanta was attacked, only a few employees had been given permission to even turn their computers back on, and a spokesperson for the city said, “It will take some time to work through and rebuild our systems and infrastructure.” That means that almost half a million citizens have been impacted, and the city’s government will bear the financial brunt.
Ransomware attacks demand payment in cryptocurrencies specifically because they are considered virtually untrackable while remaining easily traded. Interestingly, the blockchain technology that enables cryptocurrencies may also hold the answer to prevention, as using the technology within an organization renders it “virtually impenetrable.”
Whether your organization is able to enact the appropriate safeguards and technologies to protect itself before a major attack is a matter of finances and motivation, as well as a bit of luck.
Having a comprehensive insurance policy that anticipates and mitigates the impact of cybercrime should be an essential element of your risk planning. For more information on how we can help safegaurd your organization from the financial impact of ransomware, contact us today. Email us here, or call us on 646-665-7737.