The city of Atlanta fell victim to a crippling ransomware attack. The attack crippled several critical systems across the city. The police department lost access to certain databases, the judicial system lost the ability to process payments for traffic fines and other functions, and many other city services were taken offline. So, what is a ransomware attack? How did the City of Atlanta get breached? And how can you protect you and your organization from the same fate? Cybersecurity is the key to prevent cyberattacks.
What is Ransomware?
Ransomware is a kind of malware virus that hackers use to steal your data/services/access and hold it for ransom. To reclaim your information and network you must pay a ransom determined by the hackers. Even after payment, it’s common that hackers won’t return your data, or they’ll ask for more money. Ransomware virus’ can enter your system from anywhere. For example, Target had a major breach from a ransomware attack where the virus entered their system through a contracted HVAC servicer connected to their network while working on their AC.
How Did Atlanta Get Breached?
It’s unclear or unreported where the breach in the City of Atlanta’s network came from. However, the breach is a result of an under-protected network. Many municipalities have a low priority for cybersecurity and therefore allocate small funds to sure up their networks. Due to this fact, cities and towns are being attacked by cybercriminals frequently. A small budget and low priority left the City of Atlanta’s network vulnerable.
Cities and towns are a hub of information, data, and money exchanges. Also, they represent services that are essential for thousands of residents and will, therefore, cause serious damage if the system is compromised. This dependability upon the networks is one reason why hackers target municipalities. They know that since the services offered are so important, compromising them will create a deep urgency to restore them, and that means money for the hackers. Also, hackers are aware of how under protected most municipal networks are and they make for easy targets.
It’s unknown if Atlanta paid the over $50,000 ransom, but regardless, this breach was costly. They lost access to critical systems for extended periods of time. During the restoration process, many procedures had to be done manually, and some services just had to be stopped. The cost that they incurred was far greater than the ransom and has taken significant energy, money, and time to repair, and it all could have been avoided.
How to Prevent Cyberattacks
Training
Preventing a cyber attack can be difficult. It’s hard to predict where attacks may come from and when they’ll strike. That’s why the greatest defenses against cyber attacks are preventative. The largest defense will always be information. Most ransomware viruses enter a network by human error. Meaning an employee opens an infected email or visits a corrupted website. Many attacks can be avoided by teaching staff to recognize potentially dangerous threats. Training staff will help to prevent cyberattacks.
Backups
A data backup is the best way to avoid data loss in the event of a hack. A backup is a stored copy of all your data and information. This is helpful because if a hacker ransoms your data, you can just reload your copy. Backups can be automated to run as frequently as you want. Therefore, you can have your network set to backup every night after everyone has gone home and it won’t affect your daily workflow. Backups may not prevent cyberattacks but they will help greatly minimize their effect.
Replication
A replication is a direct living copy of your servers and networks. These are different from data backups because a replication is a running mirrored server of your current server. So, if a server is down or is hacked, you just push a button and instantly switch to your other server that remains unaffected. This is the most seamless way to avoid downtime from virus breaches. One great thing about replications is that they contain your settings, passwords, preferences, and all necessary information for your servers to instantly run correctly.
Sophos Intercept X
Sophos has created the first software that can actually predict and defend against ransomware viruses. Sophos Intercept X uses artificial intelligence (AI) to actively predict and protect your network from breaches. Due to the nature of ransomware attacks, they’re very difficult to predict, and Sophos has created the only product on the market that can. Sophos Intercept X will help with cybersecurity and prevent cyberattacks.
For more information about cybersecurity and ransomware in the workplace, get your free business assessment from an expert consultant on IT Services in Seattle, IT Support in Spokane, or Managed IT Services in Utah or Oregon.
