Over the last few weeks, a challenge that took headlines last year has made a roaring comeback. Ransomware attacks are back, and they are going after big targets this time around.
The City of Atlanta was the first major victim of a Ransomware attack that crippled the city for 6 days, taking city operations back to paper and pen and leaving many citizens unable to pay their bills or clear up court cases. The hackers demanded $50,000 worth of bitcoins.
The next Ransomware victim was the Boeing plant in Charleston, SC. Not much is known about this attack other than initial rumors that indicated it’s a wannacry ransomware. This was the ransomware attack that crippled parts of Europe, Russia, China and the US last year. It was later attributed to North Korean hackers.
The third victim was the City of Baltimore’s 911 CAD system which was attacked and brought down. The hack took down the 911 CAD system for 17 hours with citizens location being disabled and having to revert to dispatching emergency crews like the days of old.
What does all this tell us?
These three cyber-attacks fall into the many challenges IT professionals have to deal with on daily basis. The Baltimore CAD hack was due to the city’s IT team leaving a port open while working on the city’s server and giving hackers an easy target. They left it open for 24 hours and the attack happened.
The business of hacking and yes, it’s a business. It’s not some kid or college student in a dark room who’s doing these.
These are organizations with employees, HR departments, perks and benefits spread across the globe. Many of these are located in different parts of the world, like the Ukraine, Iran, North Korea, China, Russia, Bulgaria, Romania and the list goes on…
This is especially alarming because it only not indicates the maliciousness of these attacks but also the level of organization and sophistication to execute these cyber-attacks. It’s a method of operating in the cyber space to find vulnerabilities within organizations and take advantage of them to their benefit or that of their client.
Next month I have the extreme privilege to host CyberHub Summit in beautiful Austin, TX. As I was exploring the list of impressive speakers coming and preparing my questions and topics, I couldn’t help but think about all the brains I wanted to pick and the ocean of advice they have to offer.
This requires a new approach to thinking about cybersecurity. We have to think offensive to build the right defense, we have to recognize weakness and practicing the basics is critical like patching, secure devops process and coordination across team.