Once again, cyber attackers are proving no one is safe from a ransomware attack. This time, it’s the City of Atlanta that has fallen victim.
So, what do we know?
Experts suggest Atlanta may have been infected by a variant of SamSam ransomware; the same family deployed against governments and hospitals since 2015. In this particular case, the ransomware infection has encrypted key customer-facing applications, preventing Atlanta residents from accessing court information and paying their bills.
While this particular ransomware variant isn’t spreading like a NotPetya or WannaCry, it does have experts worried. This strain has demonstrated an exceptional ability to target critical systems and applications.
We now also know the cyber extortionist involved has demanded $6,800 to decrypt each City computer or $51,000 to deliver the decryption keys required to unlock all impacted City applications.
Atlanta is now working closely with the FBI, Department of Homeland Security, Microsoft, and Cisco to resolve the infection. Meanwhile, the City is also urging the public to monitor their bank accounts closely, as their personal data may have been accessed.
Protect against SamSam ransomware
Experts suggest ransomware attacks will increase by a factor of ten in the next year or two. Unfortunately, data security technologies simply can’t keep up with the rapid pace of ransomware evolution.
So, while data security is a critical element of your defense, it is imperfect; you can’t build an entirely impervious wall.
That’s why we highly recommend you implement data security measures in tandem with regular employee ransomware training and robust backup and recovery.
Furthermore, we recommend you adopt the backup and recovery best practices that will help ensure your data is not only recoverable—and rapidly recoverable:
- Employ a 3-2-1 backup strategy—this means keeping three copies of your data; two may be local, but one must be offline, and one must be off-site
- Ensure your backup data isn’t on a shared network
- Exercise the practice of least privilege to reduce points of vulnerability across your networks
- Leverage virtual standby and instant VM to quickly restore business operations
- Regularly perform disaster recovery testing to ensure vulnerabilities are identified and resolved before a cyber attacker exploits them
Subvert ransomware attackers
We’ve recently released our cloud-first DRaaS, a solution that delivers near-zero RTOs and near-zero RPOs.
What does that mean for the future of ransomware?
What was once a Level 10 crisis that sent the C-suite rushing to your office will only take a few moments to resolve. What’s more, you’ll eliminate the need for those painful “do we pay up” conversations, as decryption keys will be rendered irrelevant. Instead, you’ll groan at the mundane annoyance and, in a few clicks, get back to the rest of your day.
Will ransomware continue to evolve? Yes.
But as backup and recovery technologies get better and better, those who implement Disaster Avoidance solutions will no longer be forced to face what was once an existential threat to their businesses.
Ransomware attackers are the schoolyard bullies of cyberspace, and they’re unrelenting in their hunt for your “milk money.” Get caught unprepared, and you’ll be forced to choose between rewarding the cyber extortionist with bitcoins—or weathering the financial burden that naturally results from data loss and downtime. Well, we think that stinks. To that end, we’ve…
Cybercriminals are fueling near continuous news coverage of governments, universities, healthcare systems, and businesses brought to a screeching halt by ransomware. Caught unprepared, these organizations are then forced into an uncomfortable cost-benefit analysis: Cough up the ransomware payment or endure the damaging impacts of downtime and data loss. It’s not always an easy choice. But…
The art of the scam is nothing new. While ransomware attacks now fuel a continuous stream of breaking news, we only have to think back to the many distraught Nigerian princes—all who suffered the loss of their uncles and were desperate to find safe places to stash their unexpected inheritances—to remember how long these “spray…
If the ransomware threat wasn’t already keeping you up at night, surely the attack on Atlanta has left you questioning the strength of your cyber defenses and disaster recovery. Now, it should be abundantly clear to all who work in local government that you are under attack. And, it’s up to you to ensure critical…