Ransomware hasn’t let up. It is important to
understand that any organization, of any kind, is a potential target of a
ransomware attack - and yes, this includes municipalities. In fact, since 2013,
over 170 government systems at the county, city, or state levels have been
attacked.
These numbers, by the way, come from a
cybersecurity firm, as neither the federal government nor the Federal Bureau of
Investigation track these kinds of attacks.
As of May 10, of this year, there were 22
known attacks on the public sector. Unfortunately, there are likely more that
we just don’t know about yet, as reports of these attacks usually crawl in
months or even years after the fact.
March Attacks
March saw a few ransomware attacks on
municipalities. The sheriff’s office in Fisher County, Texas, was infected and
couldn’t connect to a state law enforcement database as a result.
In Albany, New York, the capital city quietly
announced that it had been victimized by a Saturday ransomware attack - a
tactical choice on the part of the hackers, as there would be nobody there to
fight back on the weekend. While the city initially gave an understated account
of the attack’s effect, the real problems were much larger than a few belated
marriage licenses and birth certificates.
In addition to the clerical delays, the
ransomware attack had also impacted the Albany Police Department’s systems. As
these systems are effectively entirely digitized, the department was left without
their incident reports, crime reports, and even their schedules.
April Attacks
April saw the entirety of Genesee County,
Michigan’s tax department shut down by ransomware for most of the month. The
infection has since been removed.
May Attacks
May has been exemplified by the complete
shutdown of Baltimore, Maryland, due to an attack using a ransomware known as
RobinHood. As a result of this attack, government emails can’t be sent,
payments to city departments are on hold, and real estate transactions have
been paused.
While RobinHood leverages a notoriously
powerful algorithm - even the National Security Agency may not be able to break
it, according to cybersecurity expert Avi Rubin - it doesn’t help that
Baltimore was also using outdated hardware and software.
Baltimore City Mayor Jack Young has already
gone on record to state that the city will not be paying the ransom of 13
Bitcoins, or approximately $100,000. Instead, the FBI and Secret Service have
been called in, along with assorted cybersecurity experts. Despite these
resources, the city isn’t expected to recover for months.
Rubin provided some insight into why not
paying the ransom is the right call for Baltimore, pointing out that if nobody
paid the demanded ransoms, these kinds of attacks would quickly go out of
fashion. However, many companies struck by ransomware will quietly pay up.
Analysis has found that a full 45 percent of
affected organizations ultimately pay the ransom to try and get their data
back, while 17 percent of state and local governments will fork over the
demanded cash.
At Emerge, we have some experience in dealing with these kinds of things, which means we can confidently agree with the actions of Mayor Young and the statements made by Rubin - paid ransoms only encourage future ransomware attacks. What’s worse, what guarantee is there that any data will be restored even after payment is made?
No guarantee at all.
That’s why we’ve dedicated ourselves to assisting business users in protecting themselves against ransomware. Give us a call at 859-746-1030 to find out more.