Beginning April 1, 2019, we will be launching our new EPL risk management site at Univantage.EmploymentRiskSolutions.com. After April 1, 2019, you will be redirected from univantagehelpforce.com to Univantage.EmploymentRiskSolutions.com. Your existing user credentials will remain in effect and can be used to log in to the new site. Please contact The McCalmon Group, Inc., platform administrators, if you have any trouble with registration.

Welcome

Are you a new user?

Register

Or Login

Retrieve
Password

Recent Articles
Words And Tone Matter When Addressing Employees

Managers and supervisors, who speak to their team with respect, understanding, and appreciation, will have better employees. Leslie Zieren examines the issue. Read More

Managing Celiac Disease And Other Hidden ADA Risks

Understanding the full scope of disability discrimination is key for preventing the risk in your organization. Leslie Zieren examines the challenges with hidden disabilities. Read More

print   email   Share

Ransomware: Still A Risk For All Organizations

A recent ransomware attack partially shut down Baltimore's Public Works and Parks Departments. The city had to suspend Public Works' customer support, billing for the Parks Department, and vehicle intake at an impound lot.

Experts believe that the ransomware did not result from spam email, although they have not stated the source.

According to the president of the Baltimore City Council, there is no evidence that cybercriminals stole personal data from the city's system, but the city has shut down a majority of its servers as a precautionary measure.  

A ransom message on affected computers demanded that the city pay three Bitcoins, or around $76,000, to restore its disabled services. City officials did not say whether they would pay the ransom.

This ransomware attack resembled other cyberattacks against cities. In April, the RobbinHood virus crippled Greenville, North Carolina's computers. In March 2018, a cyberattack shut down internet service at Atlanta's airport. In that attack, cybercriminals demanded $51,000, which city officials may or may not have paid. A previous attack against Baltimore hamstrung the city's 911 and 311 automated message systems.   

In the two years prior to March 2018, there were 184 cyberattacks against local government and public safety agencies in the U.S. that affected hospitals, transportation, billing, communications, and other services. J. Brian Charles "After Second Ransomware Attack in 14 Months, Baltimore Refuses to Pay" governing.com (May 08, 2019).

Commentary

Ransomware can hamstring your organization, whether you are a small operation, a major U.S. city, or a large corporation.

The FBI and cybersecurity experts recommend never paying cybercriminals a ransom. They say that paying incentivizes ransomware attacks. It will lead to more cybercriminals with more targets.

Email phishing scams are the main way that cybercriminals commence a ransomware attack. Cybercriminals will often create fake emails that look like they are coming from a coworker, a known vendor, or other familiar source. Employee training should focus on the risk of phishing emails from downloading unknown, unverified attachments or clicking on unknown links.

In addition to training, organizations can protect their network by partitioning it. That way, if cybercriminals do infect part of your network, it will not shut down your entire operation.

In addition, if you have data that does not need to be accessed online, store it on computers that are not connected to the internet.

Routinely back up all information that is essential for operations onto a hard drive that is not connected to the internet. Having data stored where cybercriminals cannot access it means you can resume operations even if ransomware locks you out of your network.

Finally, your opinion is important to us. Please complete the opinion survey:

©2010-2019 The McCalmon Group, Inc., all rights reserved. Designated trademarks and brands are the property of their respective owners. Use of this web site constitutes acceptance of The McCalmon Group's User Agreement and Privacy Policy.

News
Recycle The Trash, Not Your Passwords

Reusing the same password for multiple accounts invites cybercrime. We examine. Read More

Lessons Learned From The Equifax Data Breach

Recent large data breaches like Equifax, Capital One, and American Medical Collection Agency illustrate the risks of storing confidential and personal information. We examine. Read More

Not All Search Engine Sites Are Safe: The Fallibility Of Blacklisting

Blacklisting helps users avoid malware-infected sites, but there are flaws. We examine. Read More