Ransomware hasn’t let up. It is important to understand that any organization, of any kind, is a potential target of a ransomware attack – and yes, this includes municipalities. In fact, since 2013, over 170 government systems at the county, city, or state levels have been attacked.
These numbers, by the way, come from a cyber security firm, as neither the federal government nor the Federal Bureau of Investigation tracks these kinds of attacks.
As of May 10, of this year, there were 22 known attacks on the public sector. Unfortunately, there are likely more that we just don’t know about yet, as reports of these attacks usually crawl in months or even years after the fact.
March Ransomware Attacks
March saw a few ransomware attacks on municipalities. The sheriff’s office in Fisher County, Texas, was infected and couldn’t connect to a state law enforcement database as a result.
In Albany, New York, the capital city quietly announced that it had been victimized by a Saturday ransomware attack. This was a tactical choice on the part of the hackers, as there would be nobody there to fight back on the weekend. The city initially gave an understated account of the attack’s effect. Meanwhile, the real problems were much larger than a few belated marriage licenses and birth certificates.
In addition to the clerical delays, the ransomware attack also impacted the Albany Police Department’s systems. As these systems are effectively entirely digitized, the department was left without their incident reports, crime reports, and even their schedules.
April saw the entirety of Genesee County, Michigan’s tax department shut down by ransomware for most of the month. The infection has since been removed.
May has been exemplified by the complete shutdown of Baltimore, Maryland, due to an attack using ransomware known as RobinHood. As a result of this attack, government emails can’t be sent, payments to city departments are on hold, and real estate transactions have been paused.
While RobinHood leverages a notoriously powerful algorithm – even the National Security Agency may not be able to break it. This is according to cyber security expert Avi Rubin. It doesn’t help that Baltimore was also using outdated hardware and software.
Baltimore City Mayor Jack Young has already gone on record to state that the city will not be paying the ransom of 13 Bitcoins. That is approximately $100,000. Instead, the FBI and Secret Service have been called in, along with assorted cybersecurity experts. Despite these resources, the city isn’t expected to recover for months.
Rubin provided some insight into why not paying the ransom is the right call for Baltimore. He pointed out that if nobody paid the demanded ransom, these kinds of attacks would quickly go out of fashion. However, many companies struck by ransomware will quietly pay up.
Analysis has found that a full 45% of affected organizations ultimately pay the ransom to try and get their data back. Meanwhile, 17 percent of state and local governments will fork over the demanded cash.
At WheelHouse IT, we have some experience in dealing with these kinds of things. This means we can confidently agree with the actions of Mayor Young and the statements made by Rubin. Paid ransoms only encourage future ransomware attacks. What’s worse, what guarantee is there that any data will be restored even after payment is made?
No guarantee at all.
That’s why we’ve dedicated ourselves to assisting business users in protecting themselves against ransomware. Give us a call at (877) 771-2384 to find out more.