Ransomware is a very real problem today, and it doesn’t discriminate. You can be an individual who gets attacked at home, or you can be a business or government entity, such as Madison County in Indiana.
Just last week, the Madison County computer network was the victim of hackers, and ultimately, due to the ransomware, employees were unable to access any county records stored on the network. THE. ENTIRE. COUNTY. NETWORK. WAS. HACKED.
When a computer network is infected with ransomware, the hackers encrypt the computer with a file that makes it impossible to access certain files without a decryption key. However, the hackers will not give this code until they are paid, and paid well.
Madison County was held for ransom in this way, which caused almost all county services to be compromised. Finally, over the weekend, county leadership made the decision to pay the ransom, though the amount has not been officially released.
The County Commissioner, John Richwine, reported that they contacted their county leadership, and upon the recommendation of their insurance company, decided to pay. Travelers, the insurance company, paid the amount, and the county was responsible for the deductible. O.M.G.
The County was at a deadlock until the decision was made, and some county offices were even closed for the duration of the hack. Fortunately, emergency services were still available and no data was lost. However, the ironic part of this story is that county officials knew their network security was weak, and there were plans in the works to install new anti-virus software – it was just too late. And apparently they didn’t have an effective backup.
Protecting Yourself from Ransomware
Don’t let yourself become a victim like Madison County. Instead, use the following tips:
- Right now, proactively back up all your data with both cloud based and local backups.
- If you have backed up your data online with multiple time/date stamps (which means redundant recovery points) and redundant copies of uninfected/non-encrypted data, you don’t have to pay the ransom. However, you still must remove the infection.
- Remove the ransomware from your computer, but understand the machines data will still be encrypted.
- Report the incident to law enforcement. If they don’t help, you will at least have a record.
- Disconnect the computer from the network. This may prevent the infection from spreading.
- If you have to pay, you will likely have to pay in bitcoins and over the Tor network as, it’s anonymous. It’s well worth it to research this before paying. See if your insurance carrier will pay the bill.
- The crook will likely give you the key, as they want to be taken seriously, but it’s still possible they won’t, and you will just throw money away.
This crime is getting hairier by the day. Some estimates say it’s over a half billion dollars a year income for the criminals. The best practice is to prevent ransomware attacks by keeping your device’s security software updated, backing up data, not clicking on strange links in emails and online, and not downloading unsafe software, such as music, games, or movies from torrent sites.