Posted October 2019

Ransomware is malicious software that locks your files and demands payment to access them. All too often hackers are demanding payment in exchange for returning technology systems to normal operations. Here are a few of the latest unsettling ransomware attacks:

• A ransomware attack to Baltimore City and County governments prevented them from mailing the annual water and sewage tax bills to its residents. They did not pay the ransom and it took the city more than a week to recover more than half of the systems, incurring an estimated $18.2 million in losses.
• NEO Urology in Ohio paid $75,000 in bitcoin to unlock its computer systems after attackers breached and encrypted their data. The company estimates that the attack caused revenue losses of $30,000 to $50,000 for each day that the institution could not operate.
• Another City recently targeted was Rivieria Beach, Florida, which agreed to pay hackers about $600,000 in bitcoin to end a ransomware attack that crippled the city’s IT infrastructure for nearly a month.
• Talley Medical Surgical Eyecare Associates PC in Indiana reported a ransomware attack caused files to be inaccessible, affecting information pertaining to approximately 106,000 individuals of current and former patients and employees. Data included personal information such as names, addresses, diagnosis and treatment information, and Social Security numbers, among others.

The FBI is very clear in its stance on the matter: it does not support paying a ransom in response to a ransomware attack, stating: “Paying a ransom doesn’t guarantee an organization that it will get its data back — there have been cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cybercriminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity.”

The cost of ransomware attacks go beyond the damage it can do to an organization in terms of financial loss. It also causes reputational damage. Depending on the type of business, you may be required to report a ransomware attack.

TGI is here to protect your businesses and ensure control and ownership remain undisputed in cases of user error, malicious attacks, compliance issues, and user management. TGI’s proven defense strategy against cyber extortion includes three protection layers: educating users, antivirus, and a data protection solution.

Organizations should follow these best practices to prevent ransomware infections and mitigate the effects of a ransomware attack:

• Practice the 3-2-1 rule. At least three copies, in two different formats, with one of those copies off-site.
• Users should be wary of suspicious emails, URLs, or attachments that attackers can use to deliver ransomware.
• Limit access to administration tools and files to authorized personnel. Practice the principle of least privilege, network segmentation, and data categorization.

It is important to stay abreast on this constantly evolving subject in order to protect your organization from cyber attacks. If you don’t have the time or resources to do this, TGI is here to help. We stay vigilant for you. Preparation and prevention are the most critical steps to take. Reach out to TGI’s IT team today to see how we can protect you.