7 minute read
WhyYou Should Never Pay a Ransomware Ransom
Why You Should Never Pay a Ransomware Ransom
Mike Smith, Network Infrastructure Consultant Sophicity: We put the IT in City
Advertisement
In the wake of a recent ransomware attack at the City of Atlanta,thequestionhasbeenraised(again)aboutwhether to pay a ransom or not. It appears the city ended up not paying,butothercitiesandgovernmententitieshavedone so. Unfortunately, IT professionals and law enforcement sometime give mixed signals about paying ransom. But you should never pay.
Here’s why.
1. It is never guaranteed that criminals will unencrypt your data.
Criminals often ask for thousands of dollars in ransom. Would you take thousands of dollars from your city treasury and then flip a coin to see if you keep it? That’s essentially what happens when you pay criminals.
According to SentinelOne's Global Ransomware Report 2018 (reported in KnowBe4), “45% of US companies hit with a ransomware attack last year paid at least one ransom, but only 26% of these companies had their files unlocked. ” Yes, only 26 percent! With such a low chance of your ransom actually unencrypting your data, it’s not wise to throw thousands of dollars at criminals. Plus, if you pay, criminals may also ask for more money or target you again—viewing you as a nice source of revenue!
2. It is never guaranteed that criminals will restore your data as it was.
Visit the League’s website!
Visit the Events section frequently on the SDML website, www.sdmunicipalleague.org, to find out what meetings and trainings are coming up. Onceyougetyourdataback,doyouknowforsurethatit’s unaltered? If criminals had access to it, they could do anything with it. Delete some of it. Corrupt it. Implant malware into it. Who knows? These are criminals. You can’t trust them.
Insomecases,ransomwareattacksareledbysophisticated nation states or professionally organized criminal syndicates with deep pockets and resources. Who knows what they ’ ve done with and to your data before they give it back.
3. It is never guaranteed that criminals will no longer have access to your data.
Remember, these criminals held your data hostage. By paying a ransom, you are trusting a criminal to perfectly return your data back to its previous state. And maybe they ’ll also nicely clean up the mess they made to your data, computers, and network—and lock the door behind themselves on the way out?
Don’tbetonit.Howdoyouknowtheydon’tintendtostill use the data they held hostage?You don’t know for sure if criminals accessed your data, still have your data, and intend to use your data for malicious purposes.
4. You’re supporting a criminal enterprise by paying the ransom.
Why is ransomware so rampant right now? Because it works. People are falling victim and then paying the ransom. If no one paid, criminals would not make money. If you pay the ransom, you ’re funding criminal activity and encouraging it to continue. It’s no different than traditionalblackmailorransom.Bynotpayingtheransom, you ’re helping to cut off the lifeblood from these crime rings.
5. You’re further avoiding taking proactive steps to protect your environment.
A CBS News article about the City of Atlanta’s March 2018 ransomware attack said:
Atlanta was warned months before a recent cyberattack that its IT systems could easily come under attack if they weren't fixed immediately, an internal audit obtained by the CBS affiliate WGCL-TV shows. In the 41-page audit, which was presented to city leaders last summer, the city was told that its IT department was on life support and that were no formal processes to manage risk, WGCL-TV reports.
Don’t be “that” city. Ransomware need not cripple you. Some key best practices include:
• Data backup and disaster recovery: Because there is no guarantee that you ’ll get your data back after paying a ransom, you need to take steps to ensure you can retrieve your data even after a ransomware attack. A tested onsite and offsite data backup and disaster recovery plan is your best insurance against a ransomware attack.
• Proactive IT support, maintenance, and
monitoring: This includes antivirus software kept up to date, security patches applied to software, and senior IT professionals monitoring your systems for red flags. • Ongoing employee training: All it takes is one employee clicking on a malicious email attachment or website link to download ransomware into your systems. However, ongoing training can help employees spot phishing attacks and avoid malware.
You should never pay a ransom, and you should never be inthepositionofevenconsideringitasanoption.Don'tbe that city leader who ignores the auditors, ignores best practices,ignoresredflagsandwarningsigns,anddoesn’t ask “What are we doing about this problem?” until your ransomware attack is front page news. The South Dakota Department of Transportation (SDDOT) is developing a Tentative 2019-2022 Four-Year Statewide Transportation Improvement. Program (STIP). The Tentative STIP includes all the state sponsored transportation projects for this future time period.
In an effort to reach out to local units of government in South Dakota, interested individuals are hereby invited to attend one of these informal meetings to receive a preliminary look at the 2019-2022 “Tentative” STIP. This “Tentative” STIP document lists the projects that the South Dakota Department of Transportation has tentatively proposed in Federal FiscalYears 2019 through 2022. The purpose of these meetings is to provide interested parties a preview of the 2019-2022 “Tentative” STIPandtobriefthemonitscontents.Thisallowsthemto be better informed when attending the formal Public Meetings that will be held on the following dates:
Prior to formal public meetings being held, the SDDOT will be presenting the “Tentative” Statewide Transportation Improvement Program (STIP) at the following Planning and Development Districts.
State Surplus Heavy Equipment for Sale
The State of South Dakota will be offering a ‘PreSale’ opportunity of equipment to City, County, Township and Tribal Governments from June 14 throughJuly6,2018. After the presale has concluded, the equipment will no longer be available for purchase until public auctionweek:September10-14,2018.Noexceptions.
NOTE: Be certain to check availability date of equipment.
1. PREREGISTRATION to the site is required. (You will only do this once). A login ID and password will be required for the ability to purchase from the site. If you haven’t registered, visit www.sdsurplusproperty.com and click on “Registration. ” 2. SIGNUPforemailnotificationsthroughoutthe year for surplus information from SD Property
Management at www.sdsurplusproperty.com. Please contact the SD Property Management office with any questions: SD Property Management LennisAxdahl, Manager 1320 E. SiouxAve., Pierre, SD 57501 605-773-4935oremail:surplus.property@state.sd.us
State Transportation Improvement Program (STIP)
Informal Public Meetings June 21, 2018 - Pierre - 10:00 a.m.
Central South Dakota Enhancement District at SD DOT, 700 East Broadway
June 26, 2018 - Watertown - 10:00 a.m. 1st District of Local Governments at their office, 124 1st Ave.
June 26, 2018 - Sioux Falls - 3:00 p.m.
Southeast Council of Governments at their office, 500 N. WesternAve
June 27, 2018 -Yankton - 10:00 a.m.
3rd Planning and Development District at their office, 1808 Summit St.
June 27, 2018 -Aberdeen - 4:00 p.m.
Northeast Council of Governments at their office, 416 N. Production St.
June 28, 2018 - Rapid City - 12:00 p.m. MDT
Black Hills Council of Local Governments at their office, 730 E.Watertown St.
Formal Public Meetings
July 10, 2018 –Aberdeen -AmericInn - 7:00 p.m. CDT
July 11, 2018 – Sioux Fall - Ramada Inn Airport - 7:00 p.m. CDT
July 12, 2018 - Rapid City - Ramkota Hotel - 7:00 p.m. MDT
July 17, 2018 – Pierre - Ramkota Hotel - 7:00 p.m. CDT
July 19, 2018 –Webinar 2:30 p.m. CDT Visit our website at www.sddot.com for a link to the webinar
Applications Being Accepted for Community Access Grants
PIERRE, S.D.
– The South Dakota Department of Transportation is now accepting applications for its Community Access, Industrial Park and Agri-Business Grant Program.
The Community Access Program provides funds on a competitive basis to communities with populations under 5,000 for use in new projects involving the repair or replacement of important local roads such as the road to the elevator, to the school or hospital and in the main business district.
The Community Access applications are due to the Department of Transportation by July 17, 2017. The application deadline is intended to provide successful applicants sufficient lead-time to complete design of projects prior to the 2018 construction season. Only applications for projects that have not been constructed will be considered.
The Industrial Park and Agri-Business Grant programs provide funds to assist communities who have a new industryoragri-businessandneedneworexpandedaccess to the facilities. Industrial Park and Agri-Business applications will be considered three times each year. These applications are due April 15, July 15 and Oct. 15 of each year. The applications will then be reviewed by SDDOT as well as the Governor’s Office of Economic Development before being considered at the Transportation Commission meetings.
Applicationsareavailablefrom:SouthDakotaDepartment ofTransportation,OfficeofLocalGovernmentAssistance, 700 Broadway Avenue East, Pierre, SD 57501, or can be downloaded from the DOT website at: http://sddot.com/business/local/economic/Default.aspx.
If you need assistance in filling out your application, contactyourlocalplanningdistrictorPaulaHuizengawith the Office of Local Government Assistance at 605.773.6253.
For complete road construction information, visit www.safetravelusa.com/sd or dial 511.
