A cyberattack slammed Pensacola’s computer system on December 7th. A city spokesperson reported that the hackers were seeking $1 million to return the documents compromised in the attack. At least seven other cities nationwide have been hit by similar attacks, and two in Florida have paid out large ransoms.
Lake City paid out $426,000 worth of bitcoin, and Riviera Beach paid out $600,000 to hackers. The city of Stuart also was hacked, but managed to shut down the attack — which involved hackers encrypting city data, in effect locking the files so they couldn't be used without an encryption key, which the hackers typically provide once the ransom has been paid.
In Stuart, an IT employee putting in weekend overtime spotted the attack and disrupted it. No such luck for Pensacola, where online payment systems were down and the Florida Department of Law Enforcement said the attack seemed similar to one launched against Allied Universal, a California-based company with offices in Pensacola.
Just a few days ago, New Orleans declared a state of emergency and shut down its computers after a cyberattack.
Hackers will continue to step up their game, however, security pros can take decisive action to minimize the impact of ransomware.
The first line of defense is always a good offense. To prevent an attacker from establishing a foothold in an organization's network, organizations should put the following in place:
- Best practices such as strong patching policies, regular system backups, multifactor authentication, application whitelisting, and restrictions of local administrator rights and privileges
- Awareness programs to educate users about phishing and other forms of social engineering
- Security tools that provide spam filtering, link filtering, domain name system blocking/filtering, virus detection, and intrusion detection and prevention
- A zero-trust framework to identify, authenticate, and monitor every connection, login, and use of resources
- Least privilege policies to restrict users' permissions to install and run software applications
Minimizing the impacts of ransomware is about more than just defending systems against attack. It also involves taking action to minimize the impact of breaches as they happen. This is critical, since all systems can be breached by attackers who have sufficient time and resources. Call PalmTech Computer Solutions for assistance in ensuring your organization is secure and following best practices - (561)969-1616.