Last week, New Orleans became the latest large American city to be impacted by a cyberattack. The Louisiana metropolis declared a state of emergency and took the majority of its computer systems offline after detecting ransomware delivered via email phishing, even though Mayor LaToya Cantrell said no ransom requests had yet been made—and that no employees had been deceived into sharing private login credentials.
Still, New Orleans has conducted business the old-fashioned way—on pen and paper—for several days while cybersecurity experts safely bring computers back online. Unlike recent city-wide crises in places like Baltimore, however, New Orleans’ critical information infrastructure hasn’t been affected, with emergency services still active. The city’s chief information officer, Kim LaGrue, also pointed out that recent cybersecurity training had enhanced employee defenses against phishing attempts, while the region’s experience with natural disasters like Hurricane Katrina had prepared it to work offline.
This isn’t the first cyberattack on an American city government—and it certainly won’t be the last. Ransomware strains like “RobbinHood” and “SamSam” continue to proliferate, and a devastating breach can still unfurl with the simplest of security lapses: a user inadvertently clicking an illicit link or downloading an infected attachment; a hacker exploiting holes in the security layers that monitor remote access to computers; even a simple password compromise.
So what can we learn from New Orleans’ recent incident?
1) Cyberattacks are costly.
Earlier this year, Baltimore’s city budget office estimated that the cost of its cyberattack stood at nearly $20 million. Only time will tell how much damage New Orleans will incur, although the fact that they avoided severe damage should limit the impact. Still, extra IT dollars will surely be spent restoring systems, strengthening security protocols, and covering delayed or lost revenue.
2) Regular, remote, redundant data backups are critical.
When faced with a hacker’s ransom request, many private companies and public governments have folded, paying a certain amount in Bitcoin—a difficult-to-trace online currency—to regain access to stolen or encrypted data. That’s why automated, off-site data backups are so important. In the face of a truly devastating cybersecurity incident, the only guaranteed way to get your business back up and running is to fall back on a recently completed data backup on an uninfected machine. Working with a trusted IT provider, you can implement these kinds of regular, remote, redundant backups to easily and quickly recovery in case of data disaster.
3) Don’t discount the difference a quick disconnect can make.
In most modern offices, all computers, servers, printers, and other devices share a hard-wired network. That means if ransomware infects one machine, the problem will immediately spread. But if desktops, laptops, and backup drives aren’t connected and one of them gets hit, disconnecting the Internet and shutting down devices can save some data. In New Orleans, such quick thinking certainly mitigated the damage last week’s cyberattack could inflict on city-wide systems.
4) Multiple layers of cybersecurity protection are a must.
Many of the ransomware attacks plaguing city and state governments occur because of outdated systems. Hackers can easily scan thousands of online systems looking for specific security vulnerabilities, making basic protections like firewalls and anti-virus just the first part of a robust cybersecurity strategy. At CMIT Solutions, we specialize in anti-malware software, Internet traffic analysis, and rapid security incident response to shield your business, your data, and your systems from bad actors.
5) Cybersecurity training can empower your company’s employees.
The advanced security tools listed above are important, but so is your first line of defense: the people that work for you. In New Orleans, that kind of cybersecurity training helped city employees spot the pending hack before it occurred, reporting spam emails, identifying threatening links, avoiding illicit online ads, and strengthening passwords. Never underestimate the importance of ongoing education and training to keep employees up to date on the changing cybersecurity landscape.
With ransomware attacks, data hacks, and other security compromises occurring at a never-ending pace, CMIT Solutions can help. We’re dedicated to helping our clients survive and thrive in today’s complicated IT world by specializing in proactive monitoring, backup and disaster recovery, business continuity, data encryption, email archiving, and a host of other services. At CMIT Solutions, we defend your network, secure your data, and empower your staff to be more productive. Contact us today so that we can take care of your IT issues.