It has been revealed that Mecklenburg County in North Carolina had its servers hacked and subsequently held to ransom. It transpired that “someone opened an email attachment they shouldn’t have, helping a hacker gain entry to the county’s system.” A ransom of $23,000 was demanded in exchange for the data to be unlocked, but the county refused to pay. After speaking with various experts, county manager Dena Diorio was confident that they had sufficient backups in place to restore the affected systems.
I am confident that our backup data is secure and we have the resources to fix this situation ourselves. It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible.
It was going to take almost as long to fix the system after paying the ransom as it does to fix it ourselves. And there was no guarantee that paying the criminals was a sure fix.
Additional attacks followed, but they were unsuccessful and the county offices remained open, although some processes took longer to perform.
The county has provided regular updates on the incident and appears to be dealing with it very well. Having backups in place has shown how important they are.
Although this was an accident, it highlights what one click on an infected email can do to an organization. In this case, backups were available so the systems could be rebuilt, although there would have been no need for this if staff had the ability to identify and deal accordingly with a phishing email.
Phishing attacks are increasing in volume and sophistication, and the number of emails containing malicious URLs increased by nearly 600% in Q3 2017. They are showing no sign of going away.
Take action against the increasing threat of targeted phishing attacks by educating your employees to be alert, vigilant, and secure. Our Phishing Staff Awareness Course helps employees identify and understand phishing scams, explains what would happen should they fall victim, and shows them how they can mitigate the threat of an attack. Find out more about phishing with our free infographic.