County system taken offline by ransomware

Next story
Olivia Storey

An entire North Carolina county has had disrupted services due to a ransomware attack, which left all processes to be dealt with by hand.

Tax payments, jail services, child support, and more were all handwritten in the painstakingly slow hand written procedures as 48 of Mecklenburg County’s 500 servers were infected and inoperative. The cyber-attack on the servers caused data to be frozen after an employee opened an email attachment containing the malicious software.

The local authority of Mecklenburg did not pay the $23,000 ransom, and are now starting the long process of restoring from backups. Although the process of restoration may be long, they have correctly stated that it would have taken just as long to get their data back even if they paid the ransom, and they would then also have been thousands of dollars out of pocket.

Mark James, ESET IT Security Specialist, discusses the effects of ransomware on a business, and the best way to deal with a ransomware attack.

“There are two things that consistently scare the modern digital worker, ransomware and not being able to use your computer.

“When computer systems go down we are often left with ‘nothing to do’. For businesses, the damage caused by ransomware is not just about the costs involved with paying the ransom, it’s the damage caused by systems not being available.

“The knock on effect in this instance caused widespread disruption, systems have to be shut down while damages are assessed.

“In the case of ransomware, the tech team should have a plan of action to enable servers, systems to be restored from backup, and checked to ensure they are clean from malware before proceeding this could realistically take days.

“You then have to consider the ransom payment itself.

“When it comes to tech services both internal and external come at a cost.

“$23,000 is not a massive amount of money for days of downtime, but as with all ransoms it’s generally frowned upon to pay for many reasons.

“Getting your files back is not a given, if you’re going to spend the money its best to spend it on something that will yield results.

“It’s good to see more companies NOT paying. It would be nice to think it will make a difference but the same could be said for spam all those years ago.

“It’s still rife and causes us problems, but putting the right measures in place beforehand for disaster, backup and recovery is still the only way to 100% protect against ransomware.

“It’s all about the planning. Whilst you cannot stop breaches and all malware infections 100%, you can do lots to limit the damage.

“Updating, security software, education and multi-layered protection is the best way to stay safe.”

Do you have a backup plan in place? Let us know on Twitter @ESETUK.

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.