Cyber Crime Taking Down Cities

Blog Date:  5/8/2018
Author:  Ray Coulombe

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. The police officers were hand-writing reports and there was no free WIFI at the airport.

What happened? A ransomware attack—one of the largest ever against an American city. In a ransomware attack, malicious software cripples a victim’s computer or network and blocks access to important data until the ransom is paid to unlock it. Essentially, a hostage situation. Ransomware criminals lock their victims’ files with encryption, temporarily changes the file names to “I’m sorry” and “we apologize,” and demand payment before threatening to or actually permanently deleting all the files.

In Atlanta, the bad guys are known as “SamSam”. The SamSam group chooses targets that are the most likely to accede to its high ransom demands—typically the equivalent of about $50,000 in Bitcoin—and for finding and locking up the victims’ most valuable data. They have extorted more than $1 million from some 30 target organizations in 2018 alone. Luckily, the Atlanta ransom demand was only about $51,000, but left the city scrambling for days. What is also interesting is that the attack, unlock most others, was not the result of a phishing scheme, but rather based on software designed to ferret out and exploit weak passwords.

Ransomware isn’t new: The concept originally started in Eastern Europe in 2009, when cybercriminals started using malicious code to lock up unsuspecting users’ machines and then demanding 100 euros or similar sums to unlock them again. Since then, the hack been used in many targeted places around the world.

But, this specific attack is perplexing to many: Why Atlanta? Why only $51,000? Who’s next? We may never know all the answers, (they haven’t found the hackers—the federal investigation is still ongoing) but we do know how to make ransomware attacks less likely to succeed.

Update your passwords! Since the attack, the city’s I.T. department has provided new email passwords and strengthened all email filters.

Train your employees: Experts said government officials should have been more aggressive about preventive measures, like training employees to spot and sidestep “phishing” attempts meant to trick them into opening the digital door for ransomware.

Government officials are painfully beginning to realize that keeping the public safe also means allocating more budget to cybersecurity. Is your business doing the same?


Resource Blogs

Most Recent Blog List for Blog Author: Ray Coulombe

Security Specifier Blog List Image for  Stay Safe! While Traveling This Summer

Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->

Security Specifier Blog List Image for Rethinking Cabling

Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->

Security Specifier Blog List Image for Off the Beaten Path at ISC West

Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->

Security Specifier Blog List Image for A Few Thoughts on K-12 School Security

A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->

Security Specifier Blog List Image for Voice Identification: Not Just for the Chatty Kathy

Voice Identification: Not Just for the Chatty Kathy

Learn the meaning of micro-articulometry. A term for the technology used to deduce human profile parameters, employing Artificial Intelligence (AI) to discover micro-patterns (or micro-signatures) contained in speech. And how this technology is coupling with security.
read more -->

Copyright Ⓒ 2010 SecuritySpecifiers™