SamSam Ransomware Attack on the City of Atlanta

The threat of ransomware attacks continue to grow, just a few weeks ago the City of Atlanta was the target of one of the largest ransomware attacks. The hackers encrypted a portion of the city government’s vital systems. The city was forced to shut down municipal courts, online bill paying and other functions. Hackers demanded that officials pay $51000 USD to be sent to a bitcoin wallet. Security firm Secureworks determined the attack was the hacking group known as SamSam Ramsomware.

The City is still trying to recover from the attack but it will be a long slow process.  Luckily the IT department had done its due diligence in backing up critical data and moving some data to the cloud.  Regardless of the ability to recover most of the data, it is a major disruption to lose any data.

While the SamSam group seem to be targeting government and healthcare they are focusing their attack on open remote desktop protocol (RDP). With these ever evolving threats you and your company must be diligent in protecting your data.  Doing so across multiple environments, desktop, laptops, mobile devices, servers and the cloud can be very complex. Focus should be on preventing rather than detecting.

Some Do’s and Don’ts with regard to ransomware.

1. Do not pay the ransom. It only encourages the attackers and there is no guarantee you will be able to regain access to your data.
2. Restore any files there were impacted from a good back up. You can subscribe to a reliable off-site backup such as OCC Online Backup
3. Never provide personal information when answering an email, unsolicited phone call, instant message or text message. Phishers will attempt to trick you or your employees into installing malware.
4. Use reputable antivirus software and a firewall. Network Firewalls and Security will protect your organization, our security experts at Orange County Computer can provide assessment of your network environment.
5. Do make sure that all systems and software are up-to-date with all patches, this helps prevent infection.
6. Do practice safe and smart browsing and email habits. Emails should be scanned and filtered, and block any attachment that could pose a threat.
7. Consider moving to a Virtual Desktop Solution (VDI). Please visit our website for more information.

Your security is of upmost importance to us here at Orange County Computer and offer multiple solutions for you to secure your data. For more information contact us at (949) 522-7709 or click here.