How One Organization Successfully Beat Ransomware

Ransomware is a dangerous malware that has caused businesses a lot of stress in recent years. However, if the right precautions are taken, a ransomware attack can be completely thwarted. A recent hack attack of the San Francisco Municipal Transportation Agency provides us a real-world example that helps make ransomware appear a lot less formidable.

Characteristic of ransomware, the attack locked transportation agency employees out of their workstations and disabled other systems. As a result, the agency was unable to collect payments for fares at their many ticketing kiosks, as each kiosk could only display the message “you hacked. ALL data encrypted (sic).” In response, the agency accepted cash payments for fares or did not charge for rides while the system was down.

The hacker, which went by the username Andy Saolis, demanded that the agency fork over $73,000 worth of Bitcoins in exchange for the decryption key. In an odd twist as to why the hackers targeted the public transportation agency, an email revealed misplaced Robin Hood-like motives, “They give Your Money and everyday Rich more! But they don’t Pay for IT Security and using very old system’s ! (sic)” However, an investigation by the FBI into the Andy Saolis account revealed a history of hacking several private companies.

Instead of yielding to the hacker’s demands, officials elected to restore their system from a backup copy. Essentially, they called the hacker’s bluff and came out on top. Upon enlisting the help of hackers of their own to assist with stopping the attack, the agency discovered that the hackers had only gained access to 25 percent of the agency’s network and made off with no data. This stands in contrast to the hacker’s online boast that they stole financial information from the payment kiosks, as well as 30 gigabytes of sensitive data pertaining to the operations of the agency.

While your agency may not be able to employ the services of the FBI or vigilante hackers to strike back (or, even be in a position to offer your services for free during a blackout), you do have the ability to maintain backed up copies of your data so that you can revert to these copies should a ransomware attack ever befall your organization.

Additionally, by taking advantage of security best practices like using complex passwords, two-factor authentication, and security solutions like firewall, spam blocking, and content filtering, you’ll be able to safeguard your network from getting hacked in the first place. To make sure your network is equipped to thwart a malicious ransomware attack, reach out to SMART Services at 586 258-0650 .

Let Smart Services position your agency for tomorrow’s technological challenges. For 25 years, Smart Services has helped agencies across the U.S. face a changing environment by providing innovative technology solutions that allow agencies to focus on growing their business. MyAgency Cloud, our complete cloud solution, covers all your technology needs in the cloud or at your agency. In today’s competitive environment, it’s time to make your agency technology a strategic asset, instead of a liability. Let us show you how. To learn more, please call our expert agency technology advisor at 586-258-0650.