A recent NYTimes article explored the rise of ransomware attacks in cities across the US. The article noted that this summer has had a debilitating effect on many cities in the US due to cyber attacks, specifically ransomware attacks, where data is held with the assumption that a ransom will be paid.
This year, more than 40 cities or municipalities across the country, such as Baltimore, Albany and smaller towns, like Lake City, Fla., have been victims of attacks. Lake City actually paid the ransom of $460,000 in the cryptocurrency, Bitcoin. Most of the perpetrators seem to be originating from Eastern Europe and Iran. Most have targeted small American towns, who are more vulnerable, because they do not have the finances or where-with-all to ensure they are cyber safe.
Even when a ransom is not paid, the cost of recovery due to a cyber attack can be astronomical. It can also be time consuming and lead to a negative financial impact. The FBI warns not to pay a ransom, because it can only encourage the attacks and behavior. It is critical to stay updated on security software. Baltimore had not done so and was severely impacted. The NYT article also pointed out that many attackers are using some of the ransom money to fund research into new forms of attack.
Here is an example of how such attacks can occur. Last year, the town of Allentown, PA was hit by malware based in the Ukraine. The city’s computers were shut down for weeks. The reason? A city employee took his laptop on a trip and the software on the laptop had not been updated. He unknowingly clicked a phishing email that resulting in infecting the city’s computer system.
Small companies, like small towns and municipalities, are especially vulnerable, because hackers know they are easier to invade. See our previous blog post on ransomware and read here for what to do to prevent an attack. Above all, seek professional advice to ensure your security.
