Web Analytics
  • Secure Channels

‘Cattle-not-pet’ system management could have prevented Atlanta’s ransomware attac

Dive Brief:

  1. Atlanta’s March ransomware attack is leading many to believe this is the worst cyberattack on a U.S. city to date, reports Reuters. Police and court services are still dealing with the impact and about 30% of applications are in “mission critical” states, according Daphne Rackley, the city’s head of information management, speaking to the Atlanta City Council.

  2. For example, only six of 77 computers consisting of a decade’s worth of legal documentation were maintained from the attack, according to interim City Attorney Nina Hickson. The police department’s dash cam footage was also unrecoverable.

  3. Rackley is projecting nearly $10 million more in recovery costs. Prior to the hacking, Atlanta Mayor Keisha Lance Bottoms previously proposed a budget of $35 million for the city’s technology, according to Reuters.

Dive Insight:

The city had thought no critical systems were impacted from the cyberattack but as the investigation continues more damages have been revealed. The costs are mounting and the city already paid $2.7 million in recovery from March 22 to April 2.

Atlanta’s attackers used a password discovery tool to “move laterally through a network” in public-facing systems with insufficient credentials, according to Adam Firestone, chief engineering officer at Secure Channels Inc., in an emailed statement to CIO Dive. Atlanta needed a refreshed vulnerability assessment to flag shortcomings like weak passwords.

Experts have attributed Atlanta’s attack to the hacker group known as SamSam. The group has a reputation of demanding a ransom that is presumably within a victim’s means, but Georgia’s capital maintains it did not pay the approximately $50,000 worth of bitcoin the ransom demanded.

Ransomware attacks like Atlanta’s are most damaging to entities that treat their systems, such as servers or workstations, like pets, not cattle, said Firestone. This means they have yet to embrace virtualization and instead spend time and resources to tend to a sick system.

With the “cattle” approach, IT can just eliminate what is threatening the rest of the infrastructure or “herd.” The benefit of virtualizing systems gives the metaphorical sick cow a second chance at life with a backup.

“Deterrence by denial is as effective in cyberspace as it is in physical space,” according to Firestone, and “malicious actors can be effectively deterred by simple economics.” If organizations in the public or private sector are able to decrease an attacker’s return on investment, they can also lower their chances of becoming a hacker’s target.

The loss of some data is “inevitable,” in most cyberattacks according to Firestone. But a virtualized server would equate to a downtime of mere minutes, which undermines the urgency rooted in ransomware-related outages and the notion of paying a ransom.

Find the original article on CIO DIVE here.

#Irvine #CEORichardBlech #Atlanta #CyberSecurity #AdamFirestone #CyberDefense #CyberAttack #patentedencryption #SecureChannels

Secure Channels BRINGS to market data encryption, cryptographic protocols, and access control/ privileged access/ user authentication technologies in the form of licensable tools, end user platforms and purpose-built solutions, SERVING software & application developers, hardware OEM and device manufacturers, and enterprise organizations, WHO place a premium on cybersecurity, risk reduction, and operational performance benefits or competitive differentiation provided, ALLOWING them to replace, augment, or introduce to new cryptography into their products or environments, PROVIDING material and measurable cybersecurity protections, risk reduction and data breach mitigation.

Secure Channels Inc. 

2102 Business Center Drive, Suite 130  |  Irvine, CA 92612  |  T: (949) 208-7525  |  E: contact@securechannels.com

Follow us!

  • Facebook
  • LinkedIn
  • Twitter

Copyright © 2020 Secure Channels Inc. All rights reserved