You have probably by now heard the story of Lake City, Florida, as most in the IT industry have.
Lake City, FL paid out a ransom of $460,000 in Bitcoins to hackers just a few weeks ago. It was determined that an employee downloaded an infected document that they had received via email. According to Gizmodo, “That set off a chain of events involving three separate malware variants sometimes used in concert in cyber attacks. The initial document carried the Emotet trojan, which installed itself and subsequently downloaded another trojan called TrickBot and the Ryuk ransomware. Ryuk then spread throughout city systems, locking them down and demanding a ransom. Only the police and fire department systems were spared as they were on a different server, according to the New York Times.”
So where did they go wrong?
- They had unsatisfactory backups- with data backed up offsite, there is no need to pay a ransom to hackers to get your data back.
- Security Awareness Training- the user that clicked on the link in a malicious email should have received training on what to watch out for.
- Weak Antivirus and Ransomware Protections
So, what then, did they do right? They had cyber insurance, which helped cover the ransomware payment.
How can we at Charles IT ensure that this won’t happen to us? We’re glad you asked…
- They had unsatisfactory backups- Charles IT’s Backup offering backs files up once per hour, and offsite them once a day to make sure you are protected.
- Security Awareness Training- Our Security awareness offerings help test and train users on what to watch out for.
- Antivirus and Ransomware Protections- At Charles IT, our Managed workstation offering includes antivirus and anti-ransomware protection that blocks ransomware which would have stopped this in its tracks.
- Post Event Analysis-Our Security Information Event Management offering would have alerted us to an issue, and our Security Operations Team would have jumped to action and blocked the intrusion, providing valuable post event analysis on what servers were touched by outside hackers to help stop the attack from spreading.
- Charles IT educates our team…extensively. We educate them on how to correctly handle suspicious emails to prevent initial downloading or dropping of malware.
- We test their skills. At random, we’ll launch a phishing attack to employees while their guard is down. If they fall for it, they retrain.
- We test passwords. Employees are the weakest link in network security, using weak passwords and falling for phishing and social engineering attacks. We take a look at the effectiveness of our passwords and policies so that we can take action.
Unsure if your insurance policy will cover you in the event of a cyber breach? Or if you’d rather not test your insurance policy, call us today to talk about how we can better protect your network! We’d love to hear from you.