The City of Atlanta was recently the victim of a ransomware attack. As reported by Wired and others, Atlanta paid over $2.7 million dollars in consulting and legal fees to settle a $52,000 ransom. The malware used was of the SamSam strain, and experts at SecureWorks, the response firm working with the City, suggest that the exploit was developed by Gold Lowell. All of this is to say that drilling down on the ransomware origin and vulnerability is the easy part. Other parts are more difficult.
First of these is taking the necessary steps to protect your organization. Knowing what to do and how to prepare runs a parallel course with keeping your systems up to date and your cyber defenses in place and strong. It can be helpful to engage the services of an outside firm to offer fresh perspective on not only the realtime needs of your organization, based on discovered vulnerabilities, but also the planning process for recovery from an incident should it occur. ICS works with clients to address all points on this spectrum.
Second is the more philosophical conundrum of ransomware, specifically the debate on whether to pay the ransom. Obviously, it is the tendency of folks to pay that undergirds the success of the exploit, so it would be easy to simplify the response to non-payment. The issues, though, are more complex than that, and the price points used in the exploits demonstrate a keen awareness of the victim’s internal calculus and willingness to pay.
All Who Wonder Are Not Lost
You probably have questions about your security. Maybe you just need a fresh set of eyes on your systems and processes, or an assessment of your network’s vulnerability. Better to be curious and vigilant than certain, it seems. So let’s start a conversation. What could it hurt? Just ask the friendly folks in Hotlanta.