Matanuska-Susitna, an Alaskan borough just north of Anchorage, declared disaster last month after its systems were infected with various strains of malware.
The attack was reportedly multi-vectored, comprising the Emotet Trojan horse, BitPaymer ransomware, and a cyber criminal hacking into the government’s networks.
Some of the malware was planted on the borough’s systems on May 3 or earlier, more than seven weeks before the primary attack took place. It went undetected, allowing the crooks to carry out the coordinated attack on Monday, July 23, with the ransomware encrypting files and locking almost all of the borough’s 500 workstations.
Resorted to typewriters
The attack crippled not only the government’s computer systems but also telephone and email communications. Nonetheless, employees responded “resourcefully”, according to Matanuska-Susitna Public Affairs Director Patty Sullivan. “[Borough employees] re-enlisted typewriters from closets, and wrote by hand receipts and lists of library book patrons and landfill fees at some of the 73 different buildings,” she said.
The use of typewriters has become standard practice when malware infects an organization’s systems, but that doesn’t make it an acceptable solution. The Matanuska-Susitna government will have found – like many cyber attack victims before it – that typewriters barely keep operations going. Granted, some progress is better than none, but there will still be a substantial loss in productivity, morale, and public confidence.
This will be particularly frustrating to staff, as is the fact that they were the ones tasked with plugging all the typewritten information into the computer systems once they were running again. Unfortunately, there’s not really a better option (hence how often typewriters come to the rescue). That’s why it’s all the more important to prevent – or at least mitigate – the damage of an attack.
Staff wouldn’t have had to resort to typewriters if the government’s cyber defenses had been capable of detecting the malware in the seven-plus weeks that it lay dormant on its systems. It’s understandable that organizations often struggle to find the resources to invest in cyber defenses, and governments are under added scrutiny when it comes to budgeting, but sensible investments can lead to long-term savings.
A defense mechanism such as penetration testing doesn’t break the bank, and allows organizations to spot vulnerabilities in their systems and address them before cyber criminals launch an attack. It’s essentially a form of controlled hacking in which a penetration tester, working on behalf of your organization, searches your networks and systems for weaknesses in the same way a criminal hacker would.
Penetration testing with IT Governance
We offer a variety of penetration testing services to suit your needs, whether you’re concerned about weaknesses in internal networks, web applications, wireless networks, or your staff’s awareness of socially engineered attacks.
If you’re unsure about your requirements or have complex needs, get in touch with our Technical Services team, who will answer your questions over the phone or in an on-site meeting.