We usually cover the dangers of ransomware in don’t-let-cyber-criminals-hold-your-data-hostage terms. The situation in Atlanta at the end of March highlights how this type of scam can have very serious consequences.
When was the city of Atlanta affected by ransomware?
In a news conference on Monday, March 26, Mayor Keisha Lance Bottoms said the stakes were much higher than an everyday, run-of-the-mill ransomware scam: “This is really an attack on our government, which means it’s an attack on all of us.”
Unfortunately, we’re slow to learn from past mistakes.
In May 2017, the WannaCry ransomware attack made headlines. That particular cyberattack was the result of update negligence: affected parties simply hadn’t installed a critical update that patched the backdoor WannaCry used to take over victims’ computers. In November 2017, Key Reinstallation Attack (KRACK) cyberattacks made headlines. You’ll never guess the root cause: an unpatched router vulnerability. In short, data-security negligence is a recipe for disaster.
Guess what happened in Atlanta.
According to a WSB-TV 2 investigation, the city missed several “red flags.” Officials were warned about a computer affected with WannaCry in both June and July of 2017, and in February 2018, officials were warned about another cybersecurity threat. By March, the city’s computer systems were brought to their knees.
How did ransomware affect Atlanta’s computer systems?
Just what did the ransomware attack do to the city of Atlanta? According to a CNN report, paperwork was being hand written, court dates were rescheduled, and online payment processing was—predictably—down. While people couldn’t apply for jobs with the city, they still had access to public safety services. But that might not be the case if attacks on public institutions continue.
What should I do to protect myself from ransomware?
The first thing you should do to protect your private data is make sure all of the programs on your computer are updated with the most recent patches.
The operating system? Update.
Router software? Update.
That video game you play after a long day of filing returns? Update.
Other steps include but aren’t limited to the following:
• Never clicking on unfamiliar links or opening unexpected attachments in emails. Or Facebook. Or Twitter. Just don’t do it!
• Never using an easy-to-guess password. (You may be a Packers fan, but your password doesn’t have to reflect fact. Click here for more information on developing a secure password.)
• Never, ever logging into a private account on a public computer.
Basically, develop good data-security hygiene habits, like running regular antivirus and anti-spyware checks or learning how to spot suspicious emails, instant messages, or even texts—your mobile devices are another point of vulnerability, after all.
Ryan Norton, Contributor