Ransomware is a type of malware that is used by cyber criminals to infect computers and encrypt files until a ransom is paid. After the initial infection, ransomware attempts to spread to connected systems, including shared storage drives.
If the ransom is not paid, the files will usually remain encrypted and unavailable to the victim. Even after a ransom has been paid to unlock encrypted files, cyber criminals will sometimes demand additional payments, delete a victim’s data, refuse to decrypt the data, or decline to provide a working decryption key to restore the victim’s access.
Ransomware attacks have targeted dozens of municipalities across the country in recent years. Here are some high-profile cases involving ransomware attacks and the potential cost of complying with or refusing the payment demand:
- The city of Riviera Beach, Florida recently paid $600,000 in Bitcoin to hackers after a ransomware attack brought down its computer systems for three weeks. It was locally reported that the attack was triggered when a city employee clicked on a malicious link in an email.
- Officials in Lake City, Florida recently voted to authorize their insurance company to pay $530,000 in Bitcoin to their ransomware attackers. Although the city is paying through its insurance company, it will be responsible for the $10,000 deductible on its policy and may face a hefty premium increase.
- The city of Baltimore, Maryland was hit recently with a $76,000 ransom demand that resulted in many of its computer systems becoming unusable for over six weeks. Baltimore refused to pay the ransom and taxpayers will now foot the bill for restoration, which could exceed $18 million.
- Last year, several Atlanta, Georgia city systems were crippled by an attack. Instead of paying the $51,000 ransom, the city spent $2.6 million in recovery costs.
The financial fallout of ransomware attacks indicates that these and many other municipalities do not have effective disaster recovery plans in place. They could have implemented preventive measures to guard against such attacks – and failing that, restore inaccessible files from offline backups – but they did not take security seriously enough to take even these very basic steps.
When it comes protecting websites from catastrophic loss, Xpheria offers clients peace of mind in several ways:
- Daily security scans identify and thwart malware insertion
- Daily site backups are stored on the host server
- Daily site backups are stored on a mirrored Xpheria remote computer
- Daily site backups are stored on a dark cloud – achieved by shutting down the connection to cloud storage after the website upload
Taking commonsense precautions can prevent harm to computer systems 95 percent of the time. Investing in the tools that monitor for computer system abnormalities in real-time and that automate multi-level backups can help you narrow the remaining 5 percent gap.
Nathan Muller is the author of 29 technical books and over 3,000 articles that have appeared in 75 publications worldwide. He also writes articles, blogs and social media content for tech companies and their executives.