There’s been so much news about ransomware over the last couple of years that it’s easy to overlook it at this point. That doesn’t mean that the risk has died down any, however – Atlanta’s recent woes are yet another reminder that organizations of all sizes have to stay vigilant if they want to avoid painful choices and data loss.
The City of Atlanta’s computer systems were infected by ransomware on March 22, 2018, with a ransom demand of tens of thousands of dollars to unlock some workstations. It’s not yet clear what has been affected; GovTech reports that emergency response, payroll and 311 systems are operational, but residents should pay attention to their financial information closely, because they can’t yet confirm it hasn’t been compromised.
Some systems have obviously been compromised – water bills cannot be paid, and the municipal court system is issuing manual tickets for arrests, which cannot be paid online. It’s been described as a data breach, and City Hall employees are not allowed to log on to their computers. The FBI, the Department of Homeland Security and the Secret Service are all involved in the investigation.
There’s an obvious parallel to any business here – many of these ransomware infections are automated, meaning they’re just as likely to hit your business as they are Atlanta’s municipal network. This type of attack would be tremendously disruptive to any business, as its employees would be unable to even log into their computers. Moreover, it’s unlikely to be resolved as quickly at your business as Atlanta’s situation will be, in part because most of us don’t get the benefit of a three-tiered investigation by federal intelligence agencies.
This speaks to the importance of ransomware training. The vast majority of ransomware attacks happen because a user clicks on a link in an email they should have recognized as dangerous. If your technology team isn’t performing regular ransomware email simulations using a system like KnowBe4, talk to them about starting!