Late last March, the infrastructure of Atlanta was at its knees. More than a third of 424 programs used nearly every day by city officials, was out of commission. What’s worse, close to 30% of these programs were considered “mission-critical,” according to Atlanta’s Information Management head, Daphne Rackley. The culprit wasn’t some horrific natural disaster or mechanical collapse; it was a small package of code called SAMSAM.
SAMSAM is a virus that managed to penetrate the networks of a $371 billion city economy and wreak havoc. After the malicious software wormed its way into the network, hackers demanded a $50,000 Bitcoin ransom. While officials remain quiet about the entry point of SAMSAM or their response to the ransom. Within two weeks of the attack, total recovery costs already exceeded $2.6 million. Rackley estimates they’ll climb at least another $9.5 million over the coming year.
It’s a disturbing cautionary tale not only for other city governments but for organizations of all sizes with assets to protect. Atlanta wasn’t the only entity to buckle under the siege of SAMSAM. According to a report from security software firm Sophos, SAMSAM has snatched almost $6 million since 2015, casting a wide net over more than 233 victims of all types. And, of course, SAMSAM is far from the only ransomware that can bring calamity to an organization.
If you’re a business owner, these numbers should serve as a wake-up call. It’s very simple: in 2018, lax, underfunded cyber security will not cut it. When hackers are ganging up on city governments like villains in an action movie, that’s your cue to batten down the hatches and protect your livelihood.
The question is, how? When ransomware is so abundant and pernicious, what’s the best way to keep it from swallowing your organization whole?
1. SAMSAM: BACK UP YOUR STUFF
If you’ve ever talked to anyone with even the slightest bit of IT knowledge, you’ve probably heard how vital it is that you regularly back up everything in your system, but it’s true. Preferably, you’ll maintain several different copies of backup files in multiple locations, on different media that malware can’t spread to
from your primary network. Then, if it breaches your defenses, you can pinpoint the malware, delete it, then restore your network to a pre-virus state, drastically minimizing the damage and totally circumventing paying out a hefty ransom.
2. Educate Yourself
We’ve written before that the biggest security flaw to your business isn’t that free, outdated antivirus you’ve installed. It's actually the hapless employees who sit down at their workstations each day. Ransomware can take on some extremely tricky forms to hoodwink its way into your network, but if your team can easily recognize social engineering strategies, shady clickbait links and the dangers of unvetted attachments, it will be much, much more difficult for ransomware to find a foothold. These are by far the most common ways that malware finds it way in.
3. SAMSAM: LOCK IT DOWN
By whitelisting applications, keeping everything updated with the latest patches, and restricting administrative privileges for most users, you can drastically reduce the risk and impact of ransomware. But it’s difficult to do this without an entire team on the case day by day. That’s where a managed services provider becomes essential. Proactively managing your network to plug up any security holes long before hackers can sniff them out. The bad news is that ransomware is everywhere. You can secure your business against the large majority of threats.