Cyber breaches are destructive, costly and horrific incidents. Government agencies, hospitals and big retailers are primary targets because of the massive data they hold. They are especially attractive to cyber sleuths because that data is critical to ongoing operations.
Last month, Atlanta was the victim of such a cyberattack. SamSam, a targeted ransomware virus, breached the city’s network and it literally forced the city back into the Dark Ages where people had only paper and pens to do business. There was no access whatsoever to critical electronic records.
Even now, weeks after the attack, many systems are still encrypted. While Atlanta’s story is making headlines, it is not the only entity with cybersecurity framework that is attractive to attackers deploying SamSam. Other targets are local government agencies, hospitals and universities. These are organizations which not only have cyber vulnerabilities but can also be forced to pay a ransom rather than deal with a network infection or forced downtime.
The Atlanta attack came without warning. The malicious SamSam ransomware began spreading throughout the city’s computer systems without any indication of how it entered the system. It quickly hit at least five of the city’s 13 departments – locking them out of their network completely, and others were forced to shut down and move to paper records to prevent the virus from spreading.
Today, some of Atlanta’s departments are attempting to function without access to 16 years’ worth of records, but much of the city is still in significant chaos. The attackers have demanded a $51,000 ransom payment. Officials are unwilling to discuss details, which is understandable. Some employees have been allowed to turn computers back on, but even now, many systems remain unusable.
In January, an audit warned that the city’s IT department lacked some basic security features and there was no adequate plan for dealing with an attack. However, officials say the city was beginning to implement many of the suggested security advancements. Unfortunately, that’s the case in most cities. Very few cities in the U.S. are adequately protected from a cyberattack.
Unlike a data breach in which hackers steal data such as credit card or social security numbers and sell the data on the deep web (the black market of the internet), a ransomware attack performs a digital hostage takeover. It renders the networks unusable. Then, it demands a ransom payment.
Usually, the ransom, or fee, is to be paid in a cryptocurrency which cannot be traced. Even that is not something that most public entities are prepared to do. Most ransomware attacks occur when an employee clicks on an email attachment or link, which allows a worm or Trojan horse (the malicious software) to enter the network. In fact, 90 percent of all cyber breaches are due to human error.
In the past year, data breaches and ransomware have become the most prevalent attacks on government organizations, with espionage being the top motive (64 percent) followed by financial gain (20 percent). In 2017, the average time to detect a data breach was 191 days, and the average time to contain a breach was 66 days. Improvements are being made but the cost of a cyberattack, no matter what type, is always extremely expensive.
In 2017, 92 public sector organizations confirmed 239 data breaches. Also in 2017, ransomware attacks moved from the 22nd most common threat to the 5th, with government agencies as the most prominent target.
Almost every governmental entity is now taking significant steps to defend its systems against cyberattacks. And, interestingly enough, the most basic immediate step is to train all employees about what not to do when working on a computer. That advice should transfer to every individual who does anything with a computer. Ransomware viruses are unfortunately becoming common on even the smallest types of businesses.
DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation for writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.
CrowdFundMe starts the placement of minibonds and prepares its first emissions
The Italian equity crowdfunding portal Crowdfundme, listed on Aim, announced that it is preparing the minibond issues of Hal Service...
Bitcoin volume has increased massively
On June 2nd, the Bitcoin price surprised with a jump above the $10,000 mark. The most recent study published by...
Hyloris will be listed on Euronext Brussels
The Liège-based biotech company, Hyloris created by Stijn Van Rompay has just unveiled its intention to be listed on Euronext...
Naturgy redoubles its efforts in ESG and sets environmental objectives for 2020
Naturgy plans to reduce the CO2 intensity of its electricity generation by 22%. 34% of its generation capacity will be...
Bitcoin miners sell more cryptocurrencies than they generate
According to the on-chain analysis portal ByteTree, Bitcoin miners sold 11% more BTC last week than they generated in the...
Featured7 days ago
Why the Fintech sector in Italy has to be further developed
Crypto7 days ago
The Monero software update is ready to be used by miners
Africa7 days ago
Crowdfunding seen as an innovative post-crisis financing mechanism in Tunisia
Business7 days ago
Beyond gaming: how real-life applications put virtual reality and Zadar Ventures Ltd. into the spotlight