As you may already be aware, as early as 5:40am on March 22, officials for the City of Atlanta, Georgia uncovered evidence of unusual activity on their servers. By then, it was already too late: SAMSAM had infiltrated the City’s systems through a vulnerability in servers that run Java. If that sounds familiar, the exploit is in the same family of malware used in attacks on US-based healthcare facilities two years ago.
One important aspect of this story that bears special scrutiny has to do with a different ransomware exploit used to target Atlanta’s cyber infrastructure last year – WannaCry. WannaCry was dumped onto the Internet after the hackers who stole it from the NSA tried and failed to sell it on the Deep Web. In Atlanta’s case, although Microsoft caught wind of the plot and released security updates weeks before anyone had a chance to use WannaCry, Atlanta had still failed to install those updates more than a month later. This adds up to an assessment that their attitude about threats like the one they’re experiencing now isn’t proactive or even reactive. It’s entirely passive.
As of today, Atlanta officials have not confirmed yet whether they intend to pay the ransom to regain full control of the portions of their infrastructure affected by the ransomware, but in the past 24 hours the story took a somewhat unexpected turn: after releasing images to the press detailing contact info and the Bitcoin wallet address the hackers had submitted to the City of Atlanta, the group responsible ultimately decided to remove those avenues of communication. It remains to be seen now whether paying the $51,000 ransom is even possible.
One of the big takeaways here is that the larger and more complex your organization, so to must its infrastructure be to continue to meet your needs. All of those moving parts need to work in harmony to prevent crashes or, worse still, breaches. Our recommendation is to consult with your IT department and find out what kind of solutions you have in place to protect your data – a solution like Datto. Datto provides assurances for 24/7, uninterrupted access to and protection for all of your data in the cloud. No client has ever had to pay a ransom to hackers because, even if they were targeted, they could just get a full drive restoration with zero downtime by copying it all from the cloud. How much is peace of mind worth to you?
Contact us today to find out how you can prevent what happened to Atlanta from ever happening to you and your business.
1 Comment