A March ransomware attack on the Atlanta Police Department is still being felt three months later as the department reveals it has irrevocably lost all its dashcam footage due to the incident.
The March incident affected not only the APD, but all of Atlanta's city government, resulting in the near paralysis of the city. Like many ransomware attacks in the past year, the one that targeted Atlanta, SamSam, relied on unpatched known vulnerabilities to wreak havoc.
For many IT directors and security professionals the data that's considered valuable in a ransomware situation is mission-essential databases, spreadsheets, applications, and the like. As the APD can attest, there's a lot of other kinds of media that's at risk when ransomware hits.
Any data stored on a computer or server infected with ransomware is vulnerable, and that includes video, images, audio, and other types of media. It's easy to overlook these kinds of files, but their loss could have serious impacts on an organization in ways it's hard to immediately consider.
How to avoid a ransomware infection
Ransomware actors have repeatedly shown their love for known and patched vulnerabilities as attack vectors: Petya, WannaCry, and its myriad impersonators all affected systems that had failed to install critical security updates.
The best way to prevent ransomware, and protect files of all different kinds, is to keep systems and servers up to date in order to avoid falling prey to a known vulnerability. Keeping antivirus software updated should be a priority as well.
SEE: Cybersecurity spotlight: The ransomware battle (Tech Pro Research)
Enterprises should use group policy to control app installation and execution to prevent users from installing or running software that hasn't been vetted and approved, and older systems running outdated OSes that may not receive essential security patches should be replaced and retired as well.
Ransomware can find its way onto a network in a variety of ways: malvertising, a malicious attachment, remote code execution, and other attacks could all lead to an infection. Proper security against ransomware is proper security against any other kind of attack, so be sure you aren't missing any steps in hardening your network—you never know what could happen if you don't.
The big takeaways for tech leaders:
- Ransomware that attacked the Atlanta Police Department resulted in the loss of all archived dashcam footage, demonstrating that all forms of media, including video, audio, and photos, are at risk.
- Securing against a ransomware attack is just like securing yourself against any other threat: Keep systems updated, harden your network, and plan for a variety of attacks.
- 17 tips for protecting Windows computers and Macs from ransomware (free PDF) (TechRepublic)
- Ransomware: Not dead, but evolving nasty new tricks (ZDNet)
- Ransomware: A cheat sheet for professionals (TechRepublic)
- The nasty future of ransomware: Four ways the nightmare is about to get even worse (ZDNet)
- A year after WannaCry, victims haven't improved cybersecurity policies (TechRepublic)
Brandon Vigliarolo has nothing to disclose. He does not hold investments in the technology companies he covers.
Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.