A Massachusetts City dodges ransomware demand after attack

A major ransomware attack was recently targeted on a Massachusetts City, New Bedford. The attackers demanded more than $5 million. This is one of the highest ransomware demand ever reported. The city announced that they would instead try to restore their data through backups and will recover whatever is possible instead of paying the ransom. 

Therefore you must have a backup and disaster recovery mechanism to be on the safer end.

If they had decided to pay the ransom, then this would have been the largest ransom money ever payed by anyone.

How it happened?

The MIS staff identified a computer virus attack on 5^th July 2019. It was a few later fully identified a ransomware attack. It happened in the early hours, before the employees began their day shift.

The staff has reported said that they have recovered most of the systems affected by the attack and daily services were not disrupted either because of the attack.

Negotiations

It is reported that the city officials made several attempts to negotiate the $5.3 million demand with the attackers but they did not accept. The last offer made by the officials was $400,000 which was also rejected by the attackers. To their dismay, the city officials decided to restore their systems manually without waiting or asking for the decryption key.

According to reports, about 4 percent of systems (158 computers to be exact) were affected by the attack. This is due to the fact that the staff immediately disconcerted the servers and shut down the systems before the attack could spread. This smart planning and decision making helped them to protect themselves from further damage.

It is unclear whether the city was able to fully recover all the data and systems affected but they reported that they were working on it and recovered their data and systems to some extent. This is a win for the tech community as it sends a message that there are other ways to deal with the problem, rather than paying ransom and giving in to these cyber thugs.

Even though the city saved themselves from paying the ransom they were still not able to fully recover all their data which can be critical as many companies and organizations have mission critical data and cannot afford to lose even 1% of it. This is where a backup and disaster recovery plan comes in.

Backup & Recovery Plan

If the city had a proper Cloud Backup and recovery plan in place they would have not worried about their data getting lost and wouldn’t have wasted time with negotiating with the attackers and risking to pay ransom to them. If they had a recovery plan they would have easily recovered their data in a matter of minutes. Veeam backup to azure can be used to backup your data.

There are many vendors who offers such services (for e,g, StoneFly’s DR365 & DR365V) and setting up a backup and recovery plan is as easy as ever.

Conclusion

Massachusetts City saved themselves from paying the largest amount of ransom ever demanded but on doing so they gambled highly with their data. The only safe and reliable way is to setup a backup & recovery plan and be prepared beforehand.