After receiving a ransom note, officials in Georgia decided to take a system offline to be safe. Bruce Shaw, an official with the state court system, said:
“Our systems have been compromised, so we have quarantined our servers and shut off our network to the outside. We haven’t figured that out yet, we would love to. It could be a matter of opportunity, I think.”
In this case, no private information would have been compromised. The system could have been sacrificed if need be, but after receiving the note, officials reacted with haste.
Taking the system offline gives them a fighting chance to rid it of malware and potentially guard against future attacks.
There are numerous ways for a computer system to become infected, including e-mail phishing attacks and malware from browsing the internet.
Ransomware seems to come in waves, the last major one lasting throughout 2015 and 2016.
Despite the rise in crypto’s value across the board, the actual frequency of ransomware attacks declined throughout 2017 and 2018. Now the attacks seem to be back in fashion, with a focus on larger targets.
Most security implementations deal with the potential for ransomware in some way or another at this point.
In most cases, cities and organizations that are compromised are better off paying the ransom and finding a way to prevent future attacks.
It often costs more to find ways around paying the ransom.
For example, the last time Atlanta was attacked, the city paid over $7 million to work around paying off a ransom that was less than $100,000.
For months, the city’s online court system was inaccessible, and people were not able to pay tickets and go about their normal business until about six months after the attack.
For the government to fall for the same attack again is a testament to the human element in computer security.
Although the attack is reportedly less severe than last year’s attack, multiple parts of the judicial system are currently inoperable. It would seem more prudent to pay the ransom and carry on.
Call it making a plea deal – but if you can’t secure your system after already falling victim to this very same attack, then you should be prepared to pay.
It’s good there was no private data on the server compromised. But it doesn’t matter. If judges, prosecutors, and defense attorneys can’t smoothly access the system, then the effect is the same.