Atlanta hack shows just how long the damaging effects of cyber crime can linger.
At the time, vital systems and departments were said not to have been affected, but now almost three months later, it has been revealed that the extent of the damage has far exceeded those early reports. At a public meeting on 6th June 2018, the city’s IT chief suggested another $9.5 million would be needed to help clean up the problems left in the malware’s wake.
This comes just a month after Atlanta’s government already spent $2.7 million trying to repair the damage.
Such huge costs are difficult to comprehend, until you put them into context. Reports suggest that over a third of the city’s 424 software programs are offline, and a third of those are ‘mission critical’, meaning they’re related to vital services like policing, water systems, courts and so on. Clearly, it’s a matter of urgency that these be restored to full working order as soon as possible, and combined with the complex nature of public services, it’s not surprising that Atlanta has had to be pay some hefty bills to private firms just to keep things running.
Is It Best To Pay The Ransom?
It’s not clear whether officials tried to pay the ransom or not, but it’s widely thought that they refused or were unable to do so. Considering the original ransom was only $50k, it’s tempting to think that paying it would have been the better option. Maybe it would have been; after all, it’s tax-payer’s money that’s at stake. But there are some good reasons to avoid paying up in a ransomware attack. For a start, there’s no guarantee that the criminals behind the attack will actually supply decryption keys once they’ve got their money. In fact, in some cases, they might not even be able to. And paying ransoms might also attract repeat attacks – a very real possibility for a high-profile target like a government body.
If anything positive can be said to come of Atlanta’s troubles, it’s that they provide a lesson to the rest of us. No, we probably wouldn't have to spend millions on getting our systems up and running again, but we also don’t have the same depth of funds to aid the recovery process. For small and medium businesses, a major ransomware attack could destroy them permanently.
It’s important, then, to understand what the long-term impact of cyber crime could be for you. If your business were to lose all record of invoices, you could lose money for work already done. If payroll were affected, you might be liable to pay compensation to employees. If ordering systems go down, you could lose the ability to bring in vital stock or equipment. The list goes on. And all these things could lead to customers taking their money elsewhere or business operations having to cease.
How could all this pain be prevented? With comprehensive, top-to-bottom cyber security policies and systems. As well as modern firewalls, antivirus and so on, you also need to think about staff training, to help reduce your chances of being attacked by criminals. Plus it should be considered essential to have a robust disaster recovery strategy in place, because even the best protective measures in the world aren’t perfect.
It's also worth considering moving over to a proactive support and security arrangement with a managed services provider, rather than relying on reactive, 'break-fix' solutions, which by their very nature are only employed when something has already gone wrong.
Most importantly, you shouldn’t make the mistake of thinking that once a cyber attack is over that’s it. In many instances, the worst is yet to come.
Concerned about your organisation's cyber security? Don't wait until it's too late. Contact TMB to find out how we can help you.