Cyber breaches are destructive, costly and horrific incidents. Government agencies, hospitals and big retailers are primary targets because of the massive data they hold. They are especially attractive to cyber sleuths because that data is critical to ongoing operations.
Last month, Atlanta was the victim of such a cyberattack. SamSam, a targeted ransomware virus, breached the city’s network and it literally forced the city back into the Dark Ages where people had only paper and pens to do business. There was no access whatsoever to critical electronic records.
Even now, weeks after the attack, many systems are still encrypted. While Atlanta’s story is making headlines, it is not the only entity with cybersecurity framework that is attractive to attackers deploying SamSam. Other targets are local government agencies, hospitals and universities. These are organizations which not only have cyber vulnerabilities but can also be forced to pay a ransom rather than deal with a network infection or forced downtime.
The Atlanta attack came without warning. The malicious SamSam ransomware began spreading throughout the city’s computer systems without any indication of how it entered the system. It quickly hit at least five of the city’s 13 departments – locking them out of their network completely, and others were forced to shut down and move to paper records to prevent the virus from spreading.
Today, some of Atlanta’s departments are attempting to function without access to 16 years’ worth of records, but much of the city is still in significant chaos. The attackers have demanded a $51,000 ransom payment. Officials are unwilling to discuss details, which is understandable. Some employees have been allowed to turn computers back on, but even now, many systems remain unusable.
In January, an audit warned that the city’s IT department lacked some basic security features and there was no adequate plan for dealing with an attack. However, officials say the city was beginning to implement many of the suggested security advancements. Unfortunately, that’s the case in most cities. Very few cities in the U.S. are adequately protected from a cyberattack.
Unlike a data breach in which hackers steal data such as credit card or social security numbers and sell the data on the deep web (the black market of the internet), a ransomware attack performs a digital hostage takeover. It renders the networks unusable. Then, it demands a ransom payment.
Usually, the ransom, or fee, is to be paid in a cryptocurrency which cannot be traced. Even that is not something that most public entities are prepared to do. Most ransomware attacks occur when an employee clicks on an email attachment or link, which allows a worm or Trojan horse (the malicious software) to enter the network. In fact, 90 percent of all cyber breaches are due to human error.
In the past year, data breaches and ransomware have become the most prevalent attacks on government organizations, with espionage being the top motive (64 percent) followed by financial gain (20 percent). In 2017, the average time to detect a data breach was 191 days, and the average time to contain a breach was 66 days. Improvements are being made but the cost of a cyberattack, no matter what type, is always extremely expensive.
In 2017, 92 public sector organizations confirmed 239 data breaches. Also in 2017, ransomware attacks moved from the 22nd most common threat to the 5th, with government agencies as the most prominent target.
Almost every governmental entity is now taking significant steps to defend its systems against cyberattacks. And, interestingly enough, the most basic immediate step is to train all employees about what not to do when working on a computer. That advice should transfer to every individual who does anything with a computer. Ransomware viruses are unfortunately becoming common on even the smallest types of businesses.
DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation for writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.
Coinbase Wallet Has a New Feature: Send Crypto via Web Link
The exciting part is actually in the small print: This is because Coinbase covers the fees for transactions via stablecoin...
Sanofi Reaches an Agreement with Aqemia for $140 Million in Generative AI
Paris-based Aqemia will receive upfront and milestone payments under the deal that will be used to deepen R&D. In addition,...
Burkina Faso and the United Nations Review the Achievements of the Peacebuilding Fund
Eligible since 2017, Burkina Faso has already benefited from the fund's support through the financing of various projects to the...
Malta Approves Three New Cannabis Clubs and Holds First Harm Reduction Training Sessions
According to Malta's rules on cannabis clubs, only the societies listed on the ARUC website can grow and distribute cannabis...
Of the 346 Fintech Companies in Colombia, 35.6% Focus on the Digital Credit Market
Most of the fintech companies in Colombia, 35.6% of the total, are dedicated to granting digital loans. There are also...
Fintech2 weeks ago
Private Credit and Tokenization: a Market Worth Over $1 Trillion
Biotech1 week ago
ALA Diagnostics Opens a New Laboratory in Madrid After Joining BeAble Capital
Crowdfunding2 weeks ago
Innexta and Assofintech Event Gathers 200 Investors to Meet Live Crowdinvesting Portals
Business3 days ago
Groupon Is Overhyped and Overexposed — Here’s Why RDE, Inc. Is a Better Alternative