Cyber breaches are destructive, costly and horrific incidents. Government agencies, hospitals and big retailers are primary targets because of the massive data they hold. They are especially attractive to cyber sleuths because that data is critical to ongoing operations.
Last month, Atlanta was the victim of such a cyberattack. SamSam, a targeted ransomware virus, breached the city’s network and it literally forced the city back into the Dark Ages where people had only paper and pens to do business. There was no access whatsoever to critical electronic records.
Even now, weeks after the attack, many systems are still encrypted. While Atlanta’s story is making headlines, it is not the only entity with cybersecurity framework that is attractive to attackers deploying SamSam. Other targets are local government agencies, hospitals and universities. These are organizations which not only have cyber vulnerabilities but can also be forced to pay a ransom rather than deal with a network infection or forced downtime.
The Atlanta attack came without warning. The malicious SamSam ransomware began spreading throughout the city’s computer systems without any indication of how it entered the system. It quickly hit at least five of the city’s 13 departments – locking them out of their network completely, and others were forced to shut down and move to paper records to prevent the virus from spreading.
Today, some of Atlanta’s departments are attempting to function without access to 16 years’ worth of records, but much of the city is still in significant chaos. The attackers have demanded a $51,000 ransom payment. Officials are unwilling to discuss details, which is understandable. Some employees have been allowed to turn computers back on, but even now, many systems remain unusable.
In January, an audit warned that the city’s IT department lacked some basic security features and there was no adequate plan for dealing with an attack. However, officials say the city was beginning to implement many of the suggested security advancements. Unfortunately, that’s the case in most cities. Very few cities in the U.S. are adequately protected from a cyberattack.
Unlike a data breach in which hackers steal data such as credit card or social security numbers and sell the data on the deep web (the black market of the internet), a ransomware attack performs a digital hostage takeover. It renders the networks unusable. Then, it demands a ransom payment.
Usually, the ransom, or fee, is to be paid in a cryptocurrency which cannot be traced. Even that is not something that most public entities are prepared to do. Most ransomware attacks occur when an employee clicks on an email attachment or link, which allows a worm or Trojan horse (the malicious software) to enter the network. In fact, 90 percent of all cyber breaches are due to human error.
In the past year, data breaches and ransomware have become the most prevalent attacks on government organizations, with espionage being the top motive (64 percent) followed by financial gain (20 percent). In 2017, the average time to detect a data breach was 191 days, and the average time to contain a breach was 66 days. Improvements are being made but the cost of a cyberattack, no matter what type, is always extremely expensive.
In 2017, 92 public sector organizations confirmed 239 data breaches. Also in 2017, ransomware attacks moved from the 22nd most common threat to the 5th, with government agencies as the most prominent target.
Almost every governmental entity is now taking significant steps to defend its systems against cyberattacks. And, interestingly enough, the most basic immediate step is to train all employees about what not to do when working on a computer. That advice should transfer to every individual who does anything with a computer. Ransomware viruses are unfortunately becoming common on even the smallest types of businesses.
DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation for writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.
Automation is happening—at a glacial pace
Everyone is talking about automation taking over jobs, but only a few people are talking about the fact that it's...
Renewable energy: A multi-trillion-dollar marketplace is emerging
The U.S. energy grid is ageing and it’s the perfect opportunity for energy contractors to up their game and help...
The current state of crypto gambling
Crypto gambling is rising in popularity but there are many things you need to know before you decide to dip...
This Wall Street outcast is giving everyone access to insider deals
Pre-IPO opportunities are no longer reserved for just the wealthiest one percent—thanks to a new equity investment platform.
Zoom and Pinterest surprise some with highly successful IPOs
Two unicorns, Pinterest and Zoom, made their stock debuts on the public market on the same day. Pinterest did well...
- Featured4 days ago
3 highly innovative restaurant stocks: Texas Roadhouse (TXRH), The Cheesecake Factory (CAKE), West Coast Ventures Group Corp. (WCVC)
- Economy5 days ago
Garden State vs Sunshine State: When will the retirement migration end?
- Featured4 days ago
How the credit market is evolving with technology
- Entrepreneurship4 days ago
4 questions to ask before investing in a mobile app