Ransomware Note and Digital Disruption
“Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact”
― James Scott, Sr. Fellow, Institute for Critical Infrastructure Technology
Seemingly a scene from a fiction movie in a fictional city, the City of Atlanta falls victim to a ransomware cyber attack. As a matter of fact, the city continues to grapple with the dilemma a week and a half later. Altogether, the ransomware disabled more than one-third of Atlanta’s municipal computers, rendering city officials helpless. In this case, the criminal hackers requested a $51,000 ransom payment; not a particularly hefty sum, but nonetheless troublesome. At the present time the city, much to their credit and together with recommendations from the FBI, has declined to pay.
An Ounce of Prevention is Worth a Pound of Cure
As has been noted, the city lacked severely in security practices. In spite of a recently failed security compliance assessment, the city neglected to take corrective action. In brief, the Atlanta City Auditors report noted:
“The current Information Security Management System (ISMS), however, has gaps that would prevent it from passing a certification audit, including … lack of formal processes to identify, assess, and mitigate risks … “
Minimizing Ransomware Risk and Loss
Alarmingly, Atlanta is not alone in its lack of preparedness. In fact, research indicates lack of cyber defense awareness and constrained IT budgets are, in part, to blame. While it may be true threat detection software, security protocols, and strong passwords are lynchpin to cyber security, the ability to implement and execute is equally important. With this in mind, and regrettably, there’s something to be said about widespread complacency. All things considered, municipalities should be mindful and learn from the debilitating effects of the attack. In truth, the attacks will continue.