Atlanta’s situation is grim.
What happens when your local government’s technology is crippled? Nothing good.
In the blink of an eye, it can happen to your business, association, or administration. A click on the wrong email, and you better get out the jelly, because you are toast.
City employees were told to turn off their computers; they were given notepads.
Currently, the courts cannot hear cases, residents cannot pay bills online; police officers cannot write reports or book inmates normally (all of which was done digitally).
How can this happen?
Usually, a hacker (or hackers) develop or buy software (ransomware tool kits are for sale on the dark web); they launch attacks usually by emails that contain what appears to be friendly links (from a bank or shipping company) — which actually contain malicious code.
Once a user clicks an infected email, their computer is locked (with all files encrypted), and unlike old-school cyber threats, most of these new variants of ransomware spread fast.
That is precisely what happened in Atlanta.
As they have not yet identified user zero, they will eventually — and that person will have a tough time shedding the reputation as the individual who brought Atlanta’s entire government to its knees.
Once infected, a clock starts to count down on your screen; the user has until the clock runs out to pay the ransom. In this case, the hackers asked for 6 bitcoins (as of today, the market value of one bitcoin is $6,705). The clock in Atlanta already ran out and no one seems sure they paid the ransom (or not).
In theory, if you pay the ransom you get encryption keys from the hackers, but sometimes they give them. Sometimes they don’t (after all, they are criminals).
My advice: Make sure to have redundant backups of all things and wipe everything clean if infected and reinstall it all. A thorough backup protocol is just as important as robust firewalls, complex passwords, anti-virus and anti-spam services.
It’s all part of your security bundle.
You should also think about intrusion testing and cyber training for everyone on your team. This is what the landscape demands.
Consequences of not taking these steps can be grim; here in Florida, Surfside Non-Surgical Orthopedics filed a lawsuit in January against medical software giant Allscripts related to a ransomware attack that shut down Allscripts and many of their clients.
And does anyone remember the Sarasota City Hall getting pummeled in 2016?
Last year, the Miami Herald had a nice wake-up call on the threat of ransomware; if you are not prepared, the time is now.
So, the good news: When visiting Atlanta, you can park wherever you want — as their parking ticket system is fried, too.
Be safe out there; if you read this far, thank you so much for taking an interest in my writing. It is an honor and a privilege to humbly share my ramblings with you.
Happy Easter.
___
Blake Dowling is CEO of Aegis Business Technologies. He can be reached at [email protected].