Ransomware attacks are on the rise; corporations and individuals find their computers suddenly locked until a ransom is paid. The risks to data on such attacked computer systems are serious. Suzanne Kelly used a Freedom of Information request to uncover that the city council experienced a cyber attack.
Despite the city holding data on all 225,000 Aberdeen citizens and area businesses, a malicious ransomware attacker managed to breach the city’s anti-virus and firewall protections.
Ransomware attacks happen when ‘phishing’ emails or spam links allow a programme into a computer system which then locks data away, until the owner of the system pays a ransom or manages to bypass the attack.
The City had been asked:
“Has your organisation ever been the victim of a ransomware attack which meant that an external hacker encrypted a PC or device or network within your organisation and demanded payment in order to decrypt the device?”
They answered that there was one such incident in the past 12 months.
The City had to remove all software from the relevant device; a spokesperson advised:
“We re-imaged the device. Re-imaging is the process of removing all software on a computer and reinstalling everything.”
A subsequent FOI request will be made to determine if the responsible person or persons were identified, what the cost was to the city, and whether any data could have been accessed, if so what data, and what were the circumstances that allowed the ransomware in.
The City did not record how much money the attacker demanded as a ransom.
The City did not notify the authorities, although blackmail of any kind is a criminal offence, and citizens’ data could have been compromised. Computer World magazine warns that UK institutions are not taking ransomware threats seriously:
“Cyber criminals simply have to infect computer systems with malware designed to lock up critical data by encrypting it and demand ransom in return for the encryption keys.
“The occurrence of ransomware attacks nearly doubled, up by 172%, in the first half of 2016 compared with the whole of 2015, according to a recent report by security firm Trend Micro.
“Ransomware, the report said, is now a prevalent and pervasive threat, with variants designed to attack all levels of the network.
“Cyber criminals spearheading these attacks are creatively evolving on a continuous basis to keep enterprises guessing,” said Raimund Genes, chief technology officer at Trend Micro.
“Ransomware is typically distributed through phishing emails designed to trick recipients into downloading the malware, or through app downloads and compromised websites.”
Police Scotland offers advice on this kind of crime:
“In order to prevent people becoming victims, Police Scotland is advising every computer user to ensure they are running the latest versions of security software; have their data backed up regularly to cloud services or devices not connected to their computer; be extremely vigilant about opening any unsolicited email; and visiting websites you are not familiar with, or do not have a business need to access.
“DCI Cravens added:
“There is a lot of help available online for both individuals and businesses and useful advice for everyone can be found at: https://www.getsafeonline.org/protecting-your-computer/ransomware/
“For businesses, Cyber Essentials is a new Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats, and further information can be found by clicking on http://www.cyberstreetwise.com/cyberessentials/ “”
Picture courtesy of Pixabay: https://pixabay.com/en/social-media-internet-security-1679234/
- Comments enabled – see comments box below. Note, all comments will be moderated.
Very interesting read. I am planning a few FIR’s myself over the coming months for a local business blog, specifically about matter that the council are involved in and technology. I would maybe like to collaborate with Suzanne on something.
Would love to follow up.