Small Village Targeted for Ransomware

Day after day, Jefferson village simply operated as they did the day before, the day before that, etc. Each day passed without anything exciting occurring. The existence was rather uneventful, which is perfectly acceptable.

Ransomware

On a fateful day, the last thing on the administration's mind was the system potentially being encrypted and a ransom requested for a decrypt key.

In late May 2018, this is what happened (http://www.starbeacon.com/news/locla-news/hackers-try-t0-hold-jefferson-computers-at-ransom/). The Village of Jefferson found themselves as victims of ransomware. The ransom request was for approximately $4,900 of bitcoin to be paid or the systems would be wiped. Curiously, two additional entities were hit at nearly the same time. All three contracted services from Steve Schoneman of Ashtabula’s Schoneman Inc.

Target

The focal point of the attack, among other areas, was a computer used for finances. Fortunately, the village actively used back-ups. These back-ups were used to re-image the systems. This sounds easy enough, however, the project did take a few days.

Lessons

This is a fantastic example of what makes back-ups, tested and verified, so very important. Granted, the fix for the situation took a bit of time, however, compared to losing the data forever or paying the ransom, this was a completely viable solution. Without the back-ups in place and verified, the village would have been in a very difficult position.

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.