Ohio Fire and Police Departments Latest to be Hit by Ransomware Attack
US Secret Service investigates after second ransomware infection in a month
In April of this year, news broke of a devastating ransomware attack at Riverside Fire and Police Department in Ohio. The attack halted operations and over ten months’ worth of data relating to active investigations was encrypted by criminals. The emergency service department’s server was said to be infected through malicious correspondence, disguised as a legitimate email fax.
Luckily, in response to the first attack, the Riverside Fire and Police Department did not pay the ransom, setting a great example for other ransomware victims across the country. The emergency service departments managed to recover most of the critical data from existing backups and public court records. However, the extent of the attack left the Fire and Police departments unable to restore their systems completely.
Doubling Down: Riverside Fire and Police Department Gets Hit by Second Virus
Even worse? The cybersecurity trouble didn’t stop there for the Riverside Fire and Police Department. Less than a month after the initial attack – just as the departments were getting their bearings –cybercriminals struck again and infected Fire and Police servers with a second ransomware outbreak. However, since the departments were on guard from the first attack, their team was more prepared to respond to the second infection.
News of the second attack broke in early May when the US Secret Service was summoned to Ohio to lead a cybercrime investigation. Luckily, department officials had learned from the first attack and had begun backing up data daily. Thanks to this proactivity, the second attack was only able to hold about eight hours of work hostage and the Fire and Police Department was able to recover quickly and fully after the second attack.
However, just because the second attack wasn’t as bad, doesn’t mean it didn’t have a negative effect on productivity at the emergency services department. City Manager, Mark Carpenter claims that though more proactive backup measures had been taken, rebounding from the attack still resulted in redundancies.
“Everything was backed-up,” Carpenter said in an interview. “But we lost about eight hours’ worth of information we have to re-enter. It was our police and fire records, so we just need to re-enter the reports.”
US Secret Service agents are taking the attack very seriously, commencing an extensive investigation. Secret Service agents hope to determine specific points of entry – not just for this attack but for the initial attack as well. The investigation will hopefully uncover critical clues that will help officials track down and stop the hackers once and for all.
A Startling Reminder: No One’s Digital Data is 100% Safe!
These repeat attacks on the Riverside Fire and Police Department serve as a critical reminder that emergency service departments are increasingly becoming victims of ransomware attacks and data loss. In fact, many recent ransomware attacks on emergency service departments have been more devastating than this year’s attack in Riverside. Last year, the Cockrell Hill Police Department in Texas was hit with a massive ransomware attack, resulting in the loss of nearly eight years’ worth of investigation data and evidence.
It doesn’t stop there either. Recent attacks on emergency service departments have been reported across the country. Most recent reports include attacks in Illinois, Massachusetts, Oregon, South Carolina, as well as additional attacks in Ohio and countless others from coast to coast.
However, it must be noted that there’s no evidence to suggest that cybercriminals are specifically targeting emergency service departments. Rather, these attacks do suggest that the bad guys are attempting to deploy more enormous and wide-reaching phishing campaigns in hopes of hitting as many targets as possible. Using manipulative social engineering strategies on a large pool of potential victims, improves the chances of duping targets and infecting as many servers as possible.
If Cyber Criminals Can Breach a Police Station, How Safe is Your Company Data?
While emergency service departments are often able to bounce back quickly – thanks to reliable backups or quietly paying off ransoms – this increase of ransomware attacks emphasizes the need for security awareness training, even for the most seasoned of investigative departments. More importantly, these attacks also serve as a crucial reminder for everyday business professionals. If police and fire departments are falling victim to ransomware attacks, even with the best firewall and cybersecurity measures in place, regular business owners should be on much higher alert.
No matter how extensive your company’s cybersecurity efforts may be, phishing attacks are increasingly being designed to sneak past filters and firewalls. Therefore, getting proactive must be prioritized in your cybersecurity toolkit. Phishing scams are now the most common and effective mode of malware attack and in turn, training your frontline workers to identify these attacks right away and respond to them effectively is critical to keeping your data safe.
Security awareness training is often cited as the best means of preparing front-line tech users to identify and respond to malicious cyberattacks. After all, an informed and vigilant team is a business’ best defense in an increasingly hostile and sophisticated cybercrime climate.
Preparing for the Worst-Case Scenario: What is Security Awareness Training?
Security awareness training isn’t just about reading up on the latest attacks and teaching your team the definitions of phishing, malware, and ransomware. Truly proactive security awareness training involves detailed and interactive modules that help users get a hands-on experience. This includes throwing your team into realistic attack simulations to help them identify red flags and respond with finesse.
So how do you ensure the training you’re providing to your team is up to snuff? Consult or partner with an expert in cyber security. Today’s managed IT service providers are current on the latest cyber-threats. They can assess your current security to see if it’s powerful enough to stop all attacks. In addition, a good IT professional will recommend customized security solutions that can fortify your organization against the ongoing attacks. As the world moves forward, protecting our priceless data is fast-becoming a number one priority.
Author: Joe Martin, Date: 2018-06-25