Atlanta suffered a cyberattack on Thursday, March 22 that resulted in the shutdown of many of the city’s computer systems.
The ransomware attack encrypted city data and a note was discovered by city officials requesting a bitcoin payment to unencrypt the files. The ransomware damaged internal programs and customer-facing applications that allow residents to pay bills but it is not known if any personal data has been compromised. City employees have been urged to keep an eye on their bank accounts for any suspicious activity and to take caution in securing their personal data.
The city is working with the FBI, DHS, Microsoft, and Cisco to address the issue.
The problem with ransomware
Ransomware has become a rising trend among criminal hackers looking for a quick payout. These attacks can cripple whole organizations, with hackers using the technology to encrypt victims’ files, hard drives, or shared drives, rendering the stored information unreadable. In order to regain access, victims must pay a ransom to decrypt the data or rebuild the entire system, which would only be achievable if necessary backups have been made.
There’s always a high level of risk when paying ransoms because there’s no guarantee that the criminals will keep their word and provide the necessary decryption keys. There is also the ethical issue: paying criminals funds future attacks and encourages them to be more ambitious.
Protect your organization
No organization is immune to ransomware attacks. The best way to protect yours is to establish a comprehensive information security management system (ISMS). An ISMS is a systematic approach to managing sensitive or confidential data to ensure it remains secure. ISO 27001 is the international standard that describes best practice for an ISMS. An organization that achieves ISO 27001 certification sends a message to clients, peers, and industries that it is taking effective measures to protect its data.
Learn how to implement an ISMS and achieve ISO 27001 certification
IT Governance’s ISO 27001 Foundation and Lead Implementer courses will guide you through the ISO 27001 ISMS implementation process. You will gain an understanding of the activities needed to plan, implement, and maintain an ISO 27001-compliant ISMS. Learn more about the ISO27001 Certified ISMS Foundation Online course and the ISO27001 Certified ISMS Lead Implementer Online course. Book your place now!
Find out more about ransomware
No matter what industry you’re in, it’s important to be able to spot a ransomware attack and respond appropriately. Our ransomware infographic provides a solid introduction, explaining what it is, how it works, what happens when your system is infected, and how you can stop it.