Why your security camera footage could be at risk in a ransomware attack

A March ransomware attack on the Atlanta Police Department is still being felt three months later as the department reveals it has irrevocably lost all its dashcam footage due to the incident.

The March incident affected not only the APD, but all of Atlanta’s city government, resulting in the near paralysis of the city. Like many ransomware attacks in the past year, the one that targeted Atlanta, SamSam, relied on unpatched known vulnerabilities to wreak havoc.

For many IT directors and security professionals the data that’s considered valuable in a ransomware situation is mission-essential databases, spreadsheets, applications, and the like. As the APD can attest, there’s a lot of other kinds of media that’s at risk when ransomware hits.

Any data stored on a computer or server infected with ransomware is vulnerable, and that includes video, images, audio, and other types of media. It’s easy to overlook these kinds of files, but their loss could have serious impacts on an organization in ways it’s hard to immediately consider.

How to avoid a ransomware infection

Ransomware actors have repeatedly shown their love for known and patched vulnerabilities as attack vectors: Petya, WannaCry, and its myriad impersonators all affected systems that had failed to install critical security updates.

The best way to prevent ransomware, and protect files of all different kinds, is to keep systems and servers up to date in order to avoid falling prey to a known vulnerability. Keeping antivirus software updated should be a priority as well.

SEE: Cybersecurity spotlight: The ransomware battle (Tech Pro Research)

Enterprises should use group policy to control app installation and execution to prevent users from installing or running software that hasn’t been vetted and approved, and older systems running outdated OSes that may not receive essential security patches should be replaced and retired as well.

Ransomware can find its way onto a network in a variety of ways: malvertising, a malicious attachment, remote code execution, and other attacks could all lead to an infection. Proper security against ransomware is proper security against any other kind of attack, so be sure you aren’t missing any steps in hardening your network–you never know what could happen if you don’t.

The big takeaways for tech leaders:

Ransomware that attacked the Atlanta Police Department resulted in the loss of all archived dashcam footage, demonstrating that all forms of media, including video, audio, and photos, are at risk.
Securing against a ransomware attack is just like securing yourself against any other threat: Keep systems updated, harden your network, and plan for a variety of attacks.

Also see

17 tips for protecting Windows computers and Macs from ransomware (free PDF) (TechRepublic)
Ransomware: Not dead, but evolving nasty new tricks (ZDNet)
Ransomware: A cheat sheet for professionals (TechRepublic)
The nasty future of ransomware: Four ways the nightmare is about to get even worse (ZDNet)
A year after WannaCry, victims haven’t improved cybersecurity policies (TechRepublic)

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE This Media disposal policy from TechRepublic Premium provides specific instructions for ensuring organization data is properly protected when disposing of old storage media. From the policy: POLICY DETAILS When disposing of damaged, unusable, obsolete, off-lease, decommissioned, old, or end-of-service-life equipment and media, the organization requires that the guidelines outlined herein be followed: Hard drives, ...

PURPOSE To take some of the effort out of writing (and rewriting) emails to share with company staff and executives, TechRepublic Premium has assembled basic templates to handle the most common types of communications. Simply copy the text into your favorite word processor and customize it to fit your needs. Then, paste it into an ...

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for developing mobile applications from a security, procedural and best practices standpoint. While it contains technical guidelines, it is not intended to serve as a programming guide but as a framework for operations. This policy can be customized as needed to fit ...

Why your security camera footage could be at risk in a ransomware attack