On Thursday, March 22, 2018, the city of Atlanta's online systems were hit by a ransomware attack. In order to minimise the impact of the intrusion, employees were told not to use their computers or wireless networks. While the hackers were demanding $51,000 in ransom, the impact to the city was much worse affecting many of the local services.
What happened? The attack affected:
Who is behind the attach?
The group behind the SamSam ransomware is responsible for the attack. The group has made over $850,000 since December 2017 and is also responsible for attacks on the Colorado Department of Transportation (twice), Municipality of Farmington in New Mexico, Allscripts, Hancock Health, Adams Memorial Hospital and Davidson County in North Carolina.
How was the ransomware spread?
Ransomware attacks are not going to disappear anytime soon. Attacks are getting more sophisticated everyday and are targeting state and local agencies, as well as private companies, that lack the necessary network security to protect the data and infrastructure.
What Can You Do?
Even today’s sophisticated malware protection can be circumvented by ransomware. The best approach to network security is multi-layered and requires vigilance from both IT professionals and their end users.
Lock down administrative rights. Don’t give users administration rights, even on their own machines, unless it’s absolutely necessary. Cloud users have restricted access to only the required files to run the applications. The important data is located on the cloud servers protected by the most advanced network security technology which reduces the risk in the event of an attack to your local network. We also provide local netwrok security to protect your data and every device connected to your network or wi-fi.
Don’t open attachments. Unless your users are absolutely, positively sure that they recognise both the sender and the file, it’s better to leave attachments alone. If they do open attachments, they should never enable macros or executables. Suggest other ways to share documents that require authentication and have built-in virus scanning. Our 365 Cloud Email includes multiple spam filters so your email is protected from the moment you receive your first message. We also provide Cloud Email Archiving to ensure that you always have a backup of all your emails.