On May 7, various networks operated by the City of Baltimore were subject to a ransomware attack that resulted in a loss of more than $18 million. Municipal services in this large American metropolis were substantially crippled by the attack over several weeks; the City Council ordered employees to set up temporary Gmail accounts, but this effort was temporarily interrupted by Google bots that detected multiple accounts created from the same IP address. Mayor Bernard Young refused to pay the 13 bitcoins ransom demand, and the municipal IT department had failed to implement an adequate data backup strategy to withstand an attack of this magnitude.
Security Vulnerabilities that Should Have Been Addressed
The Baltimore Sun, a newspaper that has received multiple Pulitzer awards, reported that the city knew it was vulnerable to EternalBlue attacks since September 2017; nonetheless, recommendations to upgrade and establish a solid backup solution were ignored, and these are the lessons all business owners should learn from this situation.
As for the issue of data backups, it is important to know that they will not prevent a ransomware attack, but they can provide strong mitigation to recover from them. Two things to keep in mind about backup strategies are:
- Are the backups stored in a place where hackers cannot access?
- Are the backups reliable in terms of data integrity and recovery?