Restoring Services After Ransomware Is No Easy Task
An ounce of prevention is worth a pound of cure. The adage may seem trite, but in regards to ransomware, it’s more true now than ever. Ransomware can shut down a small business and cause headaches for large companies.
Just look at FedEx, who fell victim to the WannaCry and Petya attacks. The shipping company admitted in their annual report that the financial impact of the attacks is unknown but “material.” More than a month after the attacks, FedEx is struggling to restore operations.
San Francisco’s KQED “stuck in a time warp” due to ransomware.
KQED, San Francisco’s public TV and radio station, is still feeling the effects of a month-old ransomware attack on their computers. With the click of a mouse, they went from reporting on cyber attacks to victimized by one.
Initially, the radio station went silent for 12 hours. IT staff told everyone using Microsoft Windows to leave their computers off. There was no wi-fi for several days, and email took a full two weeks to return.
“It’s like we’ve been bombed back to 20 years ago, technology-wise,” Queena Kim, a senior editor at KQED, told The San Francisco Chronicle. “You rely on technology for so many things, so when it doesn’t work, everything takes three to five times longer just to do the same job.”
Life after a ransomware attack poses challenges and limitations.
Since the attack, staff have been coming in early and working longer hours to produce the same content. Marisa Lagos, a KQED reporter, said. “From an outside point of view, we really made it work. But what our listeners don’t know is that people have been doing really crazy things to make sure no one notices that anything is wrong.”
Teleprompters and content management systems are still offline. Reporters print scripts and distribute them for upcoming broadcasts. Producers use stopwatches to time segments. They’re making it work, but it’s hard to fathom that all of this effort is necessary because one person clicked on link they shouldn’t have.
If you’re wondering why the station didn’t pay the ransom, they didn’t have much of a choice. The attackers asked for the exorbitant price of 1.7 bitcoin per file, which equals $4,675 at the time of writing. With many thousands of files on every computer, the total would’ve been astronomical.
KQED seemed well-prepared for a cyber attack.
According to chief technology officer Dan Mansergh, KQED had just updated its antivirus systems when the attack occurred. Unfortunately, the ransomware was so new that the antivirus program didn’t recognize and quarantine it.
The ransomware only encrypted files on “a small percentage” of computers at KQED, but it had detected others on the same network. Luckily, technical staff isolated the infected computers and stopped the spread.
The victimization of large companies spreads fear.
How can you avoid ransomware when even the best-prepared businesses fall prey? It’s helpful to know that the vast majority of ransomware spreads through phishing emails. Giving extra scrutiny before clicking on a link or attachment could save your organization incalculable time and money.
Despite KQED’s bad luck, antivirus programs prevent many attempted malware attacks. Backing up important files gives a company flexibility in the event of a ransomware attack. And lastly. given the recent spate of successful ransomware attacks, cyber insurance is looking like a great option to hedge against a disastrous infection.