Late last March, the infrastructure of Atlanta was brought to its knees. More than a third of 424 programs used nearly every day by city officials of all types, including everyone from police officers to trash collectors to water management employees, were knocked out of commission. What’s worse, close to 30% of these programs were considered “mission critical,” according to Atlanta’s Information Management head, Daphne Rackley.
The culprit wasn’t some horrific natural disaster or mechanical collapse; it was a small package of code called SAMSAM, a virus that managed to penetrate the networks of a $371 billion city economy and wreak havoc on its systems. After the malicious software wormed its way into the network, locking hundreds of city employees out of their computers, hackers demanded a $50,000 Bitcoin ransom to release their grip on the data. While officials remain quiet about the entry point of SAMSAM or their response to the ransom, within two weeks of the attack, total recovery costs already exceeded $2.6 million, and Rackley estimates they’ll climb at least another $9.5 million over the coming year.
It’s a disturbing cautionary tale not only for other city governments, but for organizations of all sizes with assets to protect. Atlanta wasn’t the only entity to buckle under the siege of SAMSAM. According to a report from security software firm Sophos, SAMSAM has snatched almost $6 million since 2015, casting a wide net over more than 233 victims of all types. And, of course, SAMSAM is far from the only ransomware that can bring calamity to an organization.
If you’re a business owner, these numbers should serve as a wake-up call. It’s very simple: in 2018, lax, underfunded cyber security will not cut it. When hackers are ganging up on city governments like villains in an action movie, that’s your cue to batten down the hatches and protect your livelihood.
The question is, how? When ransomware is so abundant and pernicious, what’s the best way to keep it from swallowing your organization whole?
1. BACK UP YOUR STUFF
If you’ve ever talked to anyone with even the slightest bit of IT knowledge, you’ve probably heard how vital it is that you regularly back up everything in your system, but it’s true. If you don’t have a real-time or file-sync backup strategy, one that will actually allow you to roll back everything in your network to before the infection happened, then once ransomware hits and encrypts your files, you’re basically sunk. Preferably, you’ll maintain several different copies of backup files in multiple locations, on different media that malware can’t spread to from your primary network. Then, if it breaches your defenses, you can pinpoint the malware, delete it, then restore your network to a pre-virus state, drastically minimizing the damage and totally circumventing paying out a hefty ransom.
2. GET EDUCATED
We’ve written before that the biggest security flaw to your business isn’t that free, outdated antivirus you’ve installed, but the hapless employees who sit down at their workstations each day. Ransomware can take on some extremely tricky forms to hoodwink its way into your network, but if your team can easily recognize social engineering strategies, shady clickbait links and the dangers of unvetted attachments, it will be much, much more difficult for ransomware to find a foothold. These are by far the most common ways that malware finds it way in.
3. LOCK IT DOWN
By whitelisting applications, keeping everything updated with the latest patches and restricting administrative privileges for most users, you can drastically reduce the risk and impact of ransomware. But it’s difficult to do this without an entire team on the case day by day. That’s where a managed services provider becomes essential, proactively managing your network to plug up any security holes long before hackers can sniff them out.
The bad news is that ransomware is everywhere. The good news is that with a few fairly simple steps, you can secure your business against the large majority of threats.