Three cities in Florida were recently hit by ransomware attacks and now the IT administrator for one town is out of a job.
The Mayor of Lake City, Florida fired the IT manager after it paid half a million dollars in ransom to rescue the cities important files. How did this attack happen? Did some brilliant hackers manage to break through firewalls and other protections? Not exactly. A city employee clicked on a document attached to an email. Clicking on that document downloaded a bot which buried the Ryuk ransomware in the system and later executed it and locked up all the city’s files and issued a ransom demand if the city wanted the files unlocked.
Now, if they were forced to pay the ransomware, you can bet they did not have the city’s important files already backed up. With proper backups in place, you could wipe the system and restore your important files. Of course, with proper training, employees would know not to click on documents from unknown sources. So, it’s not surprising that the IT admin was fired.
Georgia’s state court system was also hit by the same type of ransomware, which crippled the City of Atlanta’s computer system last year.
These crooks aren’t just targeting US Cities. Officials in the UK have issued a warning about the Ryuk ransomware. This tricky malware doesn’t show itself for weeks or even months after infecting a system. That gives the crooks plenty of time to learn everything they need to know about the system before locking the files.
What are the lessons to be learned? Don’t click on email attachments or links! Or at least make sure someone you know sent the attachment. Always, always, always, keep a backup of all important files! Keep your security software up-to-date as well. Many times good security software can detect programs like this.
Also, consider switching your PC settings to stop third-party apps from installing without your specific permission. Click here to learn how to make that simple security change.