Earlier this month, a ransomware attack shut down the Colonial Pipeline, which transports 45% of the fuel consumed on the East Coast, leading to panic buying and gas shortages. The CEO of Colonial Pipeline Co. paid a 4.4-million-dollar bitcoin ransom to a Russia-based cybercriminal gang know as Darkside. Every year ransomware infects thousands of computers and networks across the United States, including a statewide attack on the Colorado Department of Transportation (CDOT) in 2018 that cost $1.5 million to undo. Ransomware is a virus or type of malware that locks users out of their computers or data unless they pay a “ransom.”
Ransomware attacks, especially on government systems, have become a large-scale criminal industry. In a three-year period, the two men indicted in the CDOT attack targeted more than 200 schools, government agencies, hospitals, and businesses across the U.S. and Canada. While CDOT did not pay the ransom, other victims paid more than $6 million. Ransomware attacks can be devastating and costly, often requiring the services of a data recovery specialist. Even if victims pay the ransom, something the FBI advises against, there is no guarantee that access to data or systems will be returned.
Most ransomware attacks happen through phishing—emails that appear to be from a trusted source designed to trick people into clicking on a link or opening an attachment. For more information about phishing, refer to Technical Update vol. 23 no. 17 Phishing: What you Need to Know.
The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the U.S. Department of Homeland Security, recommends that organizations take the following precautions:
Ransomware attacks are a rising threat for local governments. While CAPP does provide network liability coverage of varying limits for network extortion and other network security incidents, taking steps to prevent ransomware attacks is the best defense. The CAPP Network Liability policy is available at ctsi.org. For more information, contact CTSI at (303) 861 0507.
A PDF of this Technical Update is available here.
A February 2020 Gartner survey on politics found that 78% of workers discuss politics at work. Thirty-one percent of employees surveyed said these discussions were stressful and frustrating, while 36% […]
CTSI recently welcomed a new member to our Loss Control Team. Dana Foley joined the CTSI Loss Control team this month as a Senior Loss Control Specialist. Dana comes to […]
As temperatures soar, the risk of heat-related illness increases. These illnesses are caused when the body’s cooling mechanisms (i.e., sweating, radiating heat, etc.) cannot lower the body’s core temperature, usually […]