March 29, 2018
Ransomware News: Atlanta Still Dealing with Effects of Ransomware Attack
The City of Atlanta is still struggling to bounce back a week after falling victim to a ransomware attack.
According to reports, Atlanta residents are unable to pay water bills or parking tickets, and employees have to fill out all paperwork by hand. The city says there is no evidence to believe any customer or employee data is compromised, but they are recommending residents contact credit agencies and monitor their accounts as a precautionary measure.
The hackers set a deadline of April 4 for the ransom payment, but the city has not indicated if they will give in to the demand of roughly $50,000 to possibly regain access to their data. It appears the city doesn't have a BCDR solution, so they no means for ransomware removal.
In an unrelated attack, Boeing has also fallen victim to a ransomware attack, although it appears to be on a much smaller scale. The airline manufacturer was hit with WannaCry, the massive attack that made headlines last year. According to Boeing, they have deployed a software patch to mitigate the attack and it was limited to a small number of machines.
How to Protect from Ransomware
Education: It's critical that your staff understands what ransomware is and the threats that it poses. Provide your team with specific examples of suspicious emails with clear instructions on what to do if they encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.).
Security: Antivirus software is essential for any business to protect against ransomware and other risks. Ensure your security software is up to date to protect against newly identified threats. Keep all business applications patched and updated to minimize vulnerabilities.
Backup: Modern total data protection solutions take snapshot-based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll back your data to a point-in-time before the corruption occurred. First, you don’t need to pay the ransom to get your data back. Second, since you are restoring to a point-in-time before the ransomware infected your systems, you can be certain everything is clean and the malware can’t be triggered again.
Finally, remember to NEVER pay the ransom demand. As we found in Datto’s State of the Channel Ransomware Report, there’s no guarantee you will retrieve your data even if you pay the ransom and you are supporting the hackers' efforts.
To find out about ransomware, other types of malware, and what MSPs can do to fight back, check out the full report. The report features new stats and forecasts on ransomware and its impact on businesses, the leading variants, best practices for ransomware protection, and more. Download it today!