Cybersecurity and Ransomware...still prevalent
Ransomware is prevalent in the current landscape. Seemingly there are at least one or two attacks published every week. There are certainly many more successful attacks throughout the nation on commercial entities and consumers. There are many reasons for this, including the ease of use and the financial return on the resources used to execute the attack. The targets are varied, but have one thing in common-there is data or a system the target needs to have access to or use. One of the familiar targets has been municipalities. These entities have historically had issues with budgets. These attacks certainly do not help with this concern, as the costs associated with a successful ransomware attack with the forensic work, along with uploading backed up data, tends to be rather costly. When there is an insurance policy with this type of attack specifically addressed is in place, the costs may not be as problematic to the municipality. If the fee is paid, there are also significant costs. Smaller municipalities may be targeted at a greater rate due to their lack of resources and trained staff in cybersecurity. One such recent victim has been the city of Shafter.
The city in California unfortunately was the victim of a successful ransomware attack. The targeted IT system was compromised. As with ransomware’s mode of operation, the system was locked and subsequently shut down. Due to the system being locked down, the city hall was closed. Once discovered the city contacted federal law enforcement agencies. The focus is to find the attackers and the extent of the compromise.
This was clearly a devastating attack. The take-away from this however is the need for cybersecurity and staff training. Granted this is not free, however, to place this in perspective, how much is a successful attack that locks down all of the systems, critical and not, so that the municipality or business is not able to operate. There are training sessions available to train the staff to reduce the opportunity for this to occur.
Johns, T. (2020, October 21). City of shafter hit by ransomware attack. Retrieved from https://bakersfieldnow.com/news/local/city-of-shafter-hit-by-ransomware-attack
Wright, A. (2020, October 20). City of shafter hit with ransomware attack. Retrieved fromhttps://www.turnto23.com/news/local-news/city-of-shafter-hit-with-ransomware-attack andhttps://www.databreaches.net/ca-city-of-shafter-hit-with-ransomware-attack/
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.