Multiple sources reported yesterday that hackers encrypted files on computers belonging to the city of Newark and have demanded $30,000 worth of Bitcoin to restore them.
The infection occurred over the weekend and took out almost all files on the infected PCs, including word documents, excel files and images.
City officials confirmed the attack saying, “The virus compromised our network and disrupted many services that we offer.”
They added that they are working with law enforcement “to address the present emergency and better prepare ourselves for the future.”
According to a document obtained by local news source TAPInto Newark, the hackers used something called RSA-2048 encryption to pull off the attack.
This is not the first time that a New Jersey city has been hit with this type of attack. Last year, the city of Plainfield’s municipal building’s network was compromised when a user in the finance department opened a nefarious email attachment.
Learn exactly how Ransomware works
Ransomware is on the rise worldwide. Last week, cyber crime expert and FBI Special Agent Chris Christopherson of the San Diego field office told the San Diego Union Tribune that “it’s entirely possible that we’ll have far in excess of $1 billion in losses” related to Ransomware in the final 2016 tally.
According to FBI data, every hour 4,000 new computers are infected with ransomware worldwide. It’s become one of the methods of choice for hackers to scam large corporations as well as individuals.
“Ransomware is one of the few cyber-criminal business models where the same attack could harm a Fortune 500 company, a local restaurant down the street and your grandmother,” according to a report by Palo Alto networks of San Francisco.
We’ve written extensively about ransomware attacks here on our site. As a reminder, if you or your organization is infected, you should not pay the hackers’ demands. There is no guarantee that if you do, you’ll see your files again. You may also just become a target for repeat attacks.
Instead, it’s crucial to take the following preventative measures:
- Develop a Business Continuity Plan, a Disaster Recover Plan, and an Incident Management Plan
- Institute (and test) a consistent and reliable backup system
- Patch servers and computer systems regularly
- Implement a web filtering service that will prevent users from visiting potentially dangerous sites and scrub web traffic for malicious code
- Update antivirus software regularly
- Limit user access to strictly “as needed”
- Purchase Cyber Liability Insurance
It’s clear that Ransomware’s global reach presents a serious threat to everyone online. Especially for companies and large organizations, making plans to deal with these inevitable problems will save plenty of time and money in the long run.