02 Aug Effects of Ransomware Don’t End with Ransom
A Florida city is still struggling to recover from a ransomware attack after the city paid the ransom, according to the New York Times. The attack began after a city employee downloaded a malicious document that arrived in an email.
This document downloaded the Emotet Trojan, which in turn downloaded the Trickbot Trojan, a type of ransomware. These Trojans were then used to plant the RYUK ransomware within the city’s systems. On June 10th, the ransomware encrypted 16 terabytes (more than 16,000 gigabytes) of information, including more than a century’s worth of digitized municipal records.
A city clerk who has spent years manually scanning these documents for preservation told the Times that it’s still not clear if the city’s data will be recovered. “It puts us years and years behind,” the clerk said.
The city decided to pay the $460,000 ransom on June 25th after failing to find a workaround. Most of the cost was covered by the city’s insurance provider, with the city paying a $10,000 deductible. Even though the attackers provided the decryption key, the ransomware recovery process is taking a very long time.
These cybercriminals are always searching for what amount someone will pay, rather than saying, “Forget that. It’s easier to rebuild.”
Organizations need to maintain secure backups that are kept offsite, as well as hold security awareness trainings to teach their employees how to avoid falling for these ransomware attacks.
Cybercriminals are continuing to evolve their approach to evading detection. That is why education with security awareness training is such a pivotal component to organization security producers.
Our security awareness training includes a ransomware simulator to get a quick look at the effectiveness of your existing network protection. There are two types of companies, those who have been hacked and those who will be. Contact us here to get your customized training education.