In less than one year, there have been 3 ransomware attacks in New York’s Albany County, home to the state capital.
In March 2019, the city of Albany was the victim of a ransomware cyberattack that impacted the city’s police department systems. Though they didn’t pay the ransom, the attack cost them $300,000—upgraded security, firewall insurance and other system improvements—that they had to absorb unexpectedly.
On Christmas Day of that year, the Albany County Airport Authority (ACAA) fell victim to another ransomware attack and just 3 weeks later the town of Colonie was also threatened. ACAA agreed to pay the 6-figure ransom, and Colonie, like the city of Albany, was able to avoid paying the ransom, however, they are still picking up the pieces.
Ransomware attacks targeting municipal institutions were up 60% in 2019, and at least 966 government agencies, educational establishments and healthcare providers fell victim to ransomware in that same year. No matter the size of the organization, ransomware can strike anyone at any time.
- It’s where the money is. People often choose to pay the ransom, and with the uptick in cyber insurance, cybercriminals are able to maximize their profits. The prevalence of attacks has made ransomware the second leading cause of insurance claims.
- Criminals don’t like to work too hard, meaning they are looking for the most reward with the least effort. Local governments and manufacturing are leading targets due to their shallow security measures.
- Some cybercriminals do get a bit more creative in their attacks, making them even more lethal. Petya ransomware used DOS-level encryption in its attacks 4 years ago
- Patience pays off as ransomware can lie dormant on a network setting itself up to cause as much damage as possible before triggering the attack.
Your Prevention Plan
It’s Starts With Your Network
If your network isn’t designed optimally, it can be harder to defend. Getting a network assessment helps you identify opportunities for improvement.
An effective defense strategy should include intercepting phishing emails, preventing your network from connecting to malicious sites, and covering all your endpoints.
An incidence response plan will help you quickly and effectively react to an attack, minimizing the chaos and damage.
If you don’t do regular upkeep with security upgrades and patches, you might as well just hand your network over to hackers.
Providing your staff with security awareness training will help them understand their role in stopping malicious attacks.
BlackHawk Data Is Your Safety Net
BlackHawk Data’s thorough and pain-free Network and Security Optimization Assessment provides a holistic view into your entire infrastructure, and helps you secure your environment to catch zero-day threats before they become breaches.
We can also provide you with managed security services taking the burden off your plate with event monitoring and incident management, analyzing, classifying and mitigating security incidents quickly and providing you with detailed monthly reporting.