FRSecure’s Chad Spoden was interviewed by KARE11 recently about the ransomware attacks that affected Atlanta, Baltimore and Boeing in late March. This is an excerpt from the story.
Chris Hrapsky: You might have seen the TV show, movie, or read the book with this story in it: “Hackers Hold City Ransom”. But fiction appears to have become reality. A gang of hackers handcuffed the city of Atlanta for more than a week by sneaking in a ransomware attack on the city’s computer systems. As Atlanta is recovering, this is gut-check time for other cities and companies.
Atlanta City Representative: The city of Atlanta has experienced a ransomware cyberattack.
Chris Hrapsky: An entire city government was held hostage over the last week by a virus sent by hackers to lock up files and demand payment to release them. It’s called ransomware. As a network is infected, files become encrypted. The hackers have the key to the handcuffs, and in Atlanta’s case, that key was allegedly available if the city paid the hackers six bitcoins; which was worth about $51,000 last week, but bitcoin’s prices have struggled so that payment would be about $41,000 today.
Second Atlanta City Representative: We are dealing with a hostage situation.
Chris Hrapsky: All employees were ordered to unplug and shut down. Police had to write reports by hand. Warrants couldn’t be validated. Applications and payments couldn’t be processed. Scary stuff.
Chris Hrapsky: You hack companies?
Chad Spoden: That’s part of it.
Chris Hrapsky: And then you tell them “here’s how we did it”.
Chad Spoden: Here’s how we did it, and here’s how you fix it.
Chris Hrapsky: Chad Spoden is a security analyst with FRSecure in Minnetonka. They would be the type of company Atlanta hires to fix the hacker mess, or prevent it.
Chris Hrapsky: Cities and big companies, should they already know this stuff, or what should they be learning from this?
Chad Spoden: They should definitely learn from it. One of the things that they should be doing is doing an assessment to figure out where their weaknesses are. I can’t fix a weakness that I don’t know I have, so we need to find out what those weaknesses are first, and then come up a plan of attack on how we’re going to plug those holes.
Chris Hrapsky: How frequently do attacks like this happen?
Chad Spoden: They’re happening more, unfortunately.
Chris Hrapsky: You may have read about Atlanta, but you may not have read that Baltimore’s 9-1-1 system was infected ransomware this week, and it’s reported that Boeing was hacked by the WannaCry ransomware virus as well: the same one that affected countries worldwide last spring. And in all these cases, here’s the $51,000 question:
Chris Hrapsky: Do you pay?
Chad Spoden: No.
Chris Hrapsky: Why not?
Chad Spoden: Because you should have systems in place to recover from that.
Chris Hrapsky: Wouldn’t you spend a whole lot more money trying to deal with it than you would just paying?
Chad Spoden: Potentially, but by paying, you just encourage more bad behavior.
Chris Hrapsky: Atlanta officials have yet to say if they paid or not.
Chris Hrapsky: It begs the question though. Should we be so reliant on computers for things like this that are basic necessities of society?
Chad Spoden: I think that’s a question that everyone needs to wrestle with sometimes. How much is too much?
Chris Hrapsky: So again, they are keeping very secretive about if they paid or not. But they are working with the FBI and other federal agencies who are directing them, probably saying “don’t pay” for that very reason. Because could pay, they may or may not unlock your files, and then do it again next week.
Rena Sarigianopoulos: Yeah, it certainly encourages the bad behavior. I hope that’s not the case. But you’re right, we rely so much on technology that when something like this happens, you’re crippled. An entire city crippled, it’s kind of crazy when you think about it.
Visit FRSecure to learn more about how incidents and breaches like these can be prevented or managed effectively.