A major ransomware attack was recently targeted on a
Massachusetts City, New Bedford. The attackers demanded more than $5 million.
This is one of the highest ransomware demand ever reported. The city announced
that they would instead try to restore their data through backups and will
recover whatever is possible instead of paying the ransom.
If they had decided to pay the ransom, then this would have
been the largest ransom money ever payed by anyone.
How it happened?
The MIS staff identified a computer virus attack on 5th
July 2019. It was a few later fully identified a ransomware attack. It happened
in the early hours, before the employees began their day shift.
The staff has reported said that they have recovered most of
the systems affected by the attack and daily services were not disrupted either
because of the attack.
Negotiations
It is reported that the city officials made several attempts
to negotiate the $5.3 million demand with the attackers but they did not
accept. The last offer made by the officials was $400,000 which was also
rejected by the attackers. To their dismay, the city officials decided to
restore their systems manually without waiting or asking for the decryption
key.
According to reports, about 4 percent of systems (158
computers to be exact) were affected by the attack. This is due to the fact
that the staff immediately disconcerted the servers and shut down the systems
before the attack could spread. This smart planning and decision making helped
them to protect themselves from further damage.
It is unclear whether the city was able to fully recover all
the data and systems affected but they reported that they were working on it
and recovered their data and systems to some extent. This is a win for the tech
community as it sends a message that there are other ways to deal with the
problem, rather than paying ransom and giving in to these cyber thugs.
Even though the city saved themselves from paying the ransom
they were still not able to fully recover all their data which can be critical
as many companies and organizations have mission critical data and cannot
afford to lose even 1% of it. This is where a backup and disaster recovery plan
comes in.
Backup & Recovery
Plan
If the city had a proper Cloud Backup and recovery plan in
place they would have not worried about their data getting lost and wouldn’t
have wasted time with negotiating with the attackers and risking to pay ransom
to them. If they had a recovery plan they would have easily recovered their
data in a matter of minutes. Veeam backup to
azure can be used to backup your
data.
There are many vendors who offers such services (for e,g,
StoneFly’s DR365 & DR365V) and setting up a backup and recovery plan is as
easy as ever.
Conclusion
Massachusetts City saved themselves from paying the largest
amount of ransom ever demanded but on doing so they gambled highly with their
data. The only safe and reliable way is to setup a backup & recovery plan
and be prepared beforehand.
