Ransomware can target all kinds of entities, but one of the most devastating attacks in recent memory was launched against Atlanta, Georgia earlier this year. Atlanta suffered from an incredibly sustained and powerful ransomware attack that disabled much of the municipal government.
The attack itself has been linked to a sinister group that pays particularly close attention to its targets. The mayor of Atlanta, Keisha Lance Bottoms, has compared the ransomware attack to a kidnapping situation. Without access to important data, files, and applications, residents and government officials had trouble going about their daily lives in a somewhat normal fashion. It’s crazy to think that technology has become so ingrained in society that functions shut down so comprehensively when an infrastructure is affected in a negative way; but the fact of the matter is that governments rely heavily on technology, and when it doesn’t work as intended, there are a lot of repercussions.
Looking to Atlanta as an example, ransomware locks up files with the intention of releasing them upon receiving a payment, or ransom. The particular strain of ransomware that hit Atlanta, called SamSam, replaced the names of affected files with “I’m sorry” and encrypted them until the ransom has been paid. If the victims don’t pay up within a week, the files will be lost forever. The hackers responsible are known for choosing targets that are most likely to pay up--even with the rather gratuitous fees that total upward of $51,000 in Bitcoin.
Together with technicians from Dell SecureWorks, the officials of Atlanta got the city back on its feet, but not without suffering from considerable operational deficiencies in the interim. It’s not clear why or how Atlanta was hit by this attack, but due to the confidentiality agreements between Dell SecureWorks and Atlanta, we will not find out anytime soon. One thing is clear, however, and it’s that the distinction between paying the ransom and trying to resolve the problems is an issue that cannot be taken lightly. While the mayor of Atlanta hasn’t said one way or the other if they will be paying the ransom, we know that there are many elements to this decision that can’t be taken lightly.
If your business is hit by ransomware, it might be tempting to make the problem disappear by simply paying those who have hurt you. In some cases, it could cost your business considerably less to do so. However, you need to think about the other side of things as well. By paying ransomware developers for the safe return of your files, you are funding further attacks that could potentially target other businesses just like yours. The good news is that Atlanta did exactly what they were supposed to do by contacting IT professionals to assist with the recovery process. It’s better to try everything possible before submitting to the humiliation of paying hackers for your data back - after all, there is also no guarantee that the hackers responsible will hold up their end of the deal even if you do pay.
If you are ever struck with ransomware, SCW wants to help. To learn more, call us today at (509) 534-1530.
Sam is a network engineer with a broad range of experience spanning more than 35 years. He wrote is first piece of code in 1979 and has been involved with the industry ever since. For the last 20 years, he has worked for SCW Consulting where he has embraced his passion for network technology and security.
Mobile? Grab this Article!