Cyber breaches are destructive, costly and horrific incidents. Government agencies, hospitals and big retailers are primary targets because of the massive data they hold. They are especially attractive to cyber sleuths because that data is critical to ongoing operations.
Last month, Atlanta was the victim of such a cyberattack. SamSam, a targeted ransomware virus, breached the city’s network and it literally forced the city back into the Dark Ages where people had only paper and pens to do business. There was no access whatsoever to critical electronic records.
Even now, weeks after the attack, many systems are still encrypted. While Atlanta’s story is making headlines, it is not the only entity with cybersecurity framework that is attractive to attackers deploying SamSam. Other targets are local government agencies, hospitals and universities. These are organizations which not only have cyber vulnerabilities but can also be forced to pay a ransom rather than deal with a network infection or forced downtime.
The Atlanta attack came without warning. The malicious SamSam ransomware began spreading throughout the city’s computer systems without any indication of how it entered the system. It quickly hit at least five of the city’s 13 departments – locking them out of their network completely, and others were forced to shut down and move to paper records to prevent the virus from spreading.
Today, some of Atlanta’s departments are attempting to function without access to 16 years’ worth of records, but much of the city is still in significant chaos. The attackers have demanded a $51,000 ransom payment. Officials are unwilling to discuss details, which is understandable. Some employees have been allowed to turn computers back on, but even now, many systems remain unusable.
In January, an audit warned that the city’s IT department lacked some basic security features and there was no adequate plan for dealing with an attack. However, officials say the city was beginning to implement many of the suggested security advancements. Unfortunately, that’s the case in most cities. Very few cities in the U.S. are adequately protected from a cyberattack.
Unlike a data breach in which hackers steal data such as credit card or social security numbers and sell the data on the deep web (the black market of the internet), a ransomware attack performs a digital hostage takeover. It renders the networks unusable. Then, it demands a ransom payment.
Usually, the ransom, or fee, is to be paid in a cryptocurrency which cannot be traced. Even that is not something that most public entities are prepared to do. Most ransomware attacks occur when an employee clicks on an email attachment or link, which allows a worm or Trojan horse (the malicious software) to enter the network. In fact, 90 percent of all cyber breaches are due to human error.
In the past year, data breaches and ransomware have become the most prevalent attacks on government organizations, with espionage being the top motive (64 percent) followed by financial gain (20 percent). In 2017, the average time to detect a data breach was 191 days, and the average time to contain a breach was 66 days. Improvements are being made but the cost of a cyberattack, no matter what type, is always extremely expensive.
In 2017, 92 public sector organizations confirmed 239 data breaches. Also in 2017, ransomware attacks moved from the 22nd most common threat to the 5th, with government agencies as the most prominent target.
Almost every governmental entity is now taking significant steps to defend its systems against cyberattacks. And, interestingly enough, the most basic immediate step is to train all employees about what not to do when working on a computer. That advice should transfer to every individual who does anything with a computer. Ransomware viruses are unfortunately becoming common on even the smallest types of businesses.
DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation for writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.
From FinTech to Embedded Finance
Any business can incorporate FinTech services and gain additional profits by capitalizing on the loyalty of its customer base. Think...
IUL gains momentum in 2020 and prepares the launch of a new test reader
IUL Instruments, a company that designs, produces and markets automation products for microbiology laboratories has invested $727,000 (€600,000) in 3D...
Why markets and the economy continue to rattle on
Another historic week in the U.S. but markets and the economy continue to rattle on. We are seeing some divergences...
2021 begins with markets overvalued, but will it end that way?
Gold’s last all-time high was $2061 on August 6th and has spent the best part of the past six months...
Tages acquires 28 photovoltaic plants in Italy from Viridis and Equiter
With the latest acquisitions, the Tages Helios II fund has come to hold 116 MW of installed capacity, including 30...
Cannabis6 days ago
Research: Long-term use of cannabis has no effect on age-related cognitive abilities
Featured7 days ago
Trading volumes on the commodities market are at low levels
Business6 days ago
Cellnex closes purchase of Hutchison assets in Austria, Ireland and Denmark
Business6 days ago
The next step in coffee’s revolutionary journey: mushroom adaptogens