Security Roundup: Baltimore Cyberattack, GDPR, Guardicore, Siemplify
Baltimore is the latest city to be targeted by anonymous malicious hackers, and its servers’ digital content remains hidden.
Government emails are down, payments to city departments can’t be made online and real estate transactions can’t be processed. The malicious hackers used a ransomware called RobinHood, which makes it impossible to access server data without a digital key, and replicating that key without the hackers is impossible.
The cybercriminals are demanding about $100,000, which the city says it won’t pay, and the FBI and Secret Service are investigating, while the city has contracted with cybersecurity experts help reestablish services.
So why are municipalities increasingly being targeted by cybercriminals?
James Slaby, Acronis‘ director of cyberprotection, tells us there’s clear evidence that cybercriminals, especially the kind whose weapon of choice is ransomware, are training their sights on larger businesses and government institutions. They used to more broadly target smaller businesses and consumers.
Recent examples of municipal ransomware attacks include Washington, Pennsylvania, Stuart, Florida, Imperial County, California, Garfield County, Utah, Albany, New York, Amarillo, Texas, and more.
“That’s before we get to the granddaddy of municipal ransomware attacks, the one that hit (the) City of Atlanta last year, which still ranks among the costliest on a government target, with the city’s cleanup expenses eventually reaching $17 million,” Slaby said.
Bindu Sundaresan, director at AT&T Cybersecurity, said attacks on cities with crimeware as a service is a new component of the underground economy. Cybercrime is pegged at $6 trillion dollars by 2021, according to Cybersecurity Ventures.
“The local city agency is part of the larger supply chain so the impact can be beyond just disruption; cybercriminals can also gain access to information that can be altered, disclosed, [and so on],” she said.
The reasons for this particular cybercrime wave are pretty simple, Slaby said. One, a large city, manufacturer or hospital likely has more money to spend on a ransom to get their data unlocked and their services working again, versus a family or small business, he said.
“Two, these targets have more urgency to pay their attackers, as the availability of their services (in the case of cities and health care providers) may have life-and-death consequences, or they may find downtime extremely expensive (as in the case of an auto factory, where downtime can cost an estimated at $22,000 an hour),” he said. “Third, there may be follow-on consequences even after the attack has been cleaned up: political embarrassment, regulatory fines, lost customers, brand damage, falling stock prices, [and so on].”
The notion that any institution or business can make itself impenetrable to such attacks is fantasy, but some organizations are better at it than others, Slaby said. Proper cyberprotection against ransomware and other malware-based attacks involves …