Georgia on Everyone’s Mind: Atlanta Suffers Massive Ransomware Attack

Another day, another massive – and preventable – cyberattack on a major target. Late last week the city of Atlanta was hit by a costly ransomware attack, causing a complete shutdown of the Georgia capital’s online systems that support the police department, city courts, parts of the airport (the world’s busiest) and more. That shutdown is ongoing.

The cybercriminals – believed to be the notorious “SamSam” gang – are requesting a payment of $6,800 to unlock each computer, which translates into $51,000 for all of the needed keys – with absolutely no guarantee that the systems will be restored. Atlanta is working with law enforcement and security firms to lift the wall of encryption that has brought it to its knees, but time is running out. SamSam said it would wipe the city’s files if the ransom wasn’t paid this week.

The fact that government departments within a major metropolitan area can be taken down so easily is yet another wake-up call that managed security should be on the to-do list for every under-resourced, overly worked IT department out there, regardless of what industry vertical it happens to occupy.

Ransomware is a quick and easy win for the bad guys, especially given that email phishing attempts – the primary way in for most malware – can never be fully thwarted. We are only human after all, and it just takes one employee to fall for a fraudulent email to give criminals, who often have no hacking experience at all, access to the kingdom.

Backup alone is not a protection against ransomware, because backup files themselves can be afflicted, even if they’re in the cloud. What’s needed is a sophisticated, multilayered defense. More specifically, Unified Threat Management (UTM) is the evolution of the traditional firewall into an all-inclusive security product able to perform multiple security functions within one single system: network firewalling, network intrusion detection/prevention (IDS/IPS), gateway anti-spam, content filtering, load balancing, data loss prevention and on-appliance reporting. In a ransomware scenario, potentially fraudulent emails are flagged, malicious phishing websites are blocked and, if a bad actor does get through, the organization knows quickly and can address it before the worst-case scenario that Atlanta is living through ever plays out.

Of course, maintaining this kind of system is tough for many organizations that lack a deep well of in-house security expertise. Fortunately, managed security can step in to fill the gap.

TPx offers a managed UTM solution that’s always up-to-date with the latest threats, backed by the constant vigilance afforded by our Security Operations Center (SOC). Leave the monitoring and the defenses to us, and sleep a little sounder at night.

Don’t end up like the Peachtree City. Contact your TPx representative today for details on how TPx can protect your valuable infrastructure and protect you from the ransomware scourge.

About the Author

Matt Mair is a Senior Product Marketing Manager for Managed Services. His role includes marketing and communications for TPx’s suite of managed IT offerings including Managed SD-WAN, LAN Monitoring, Office 365, Endpoints Management, Colocation and Server Backup solutions. Matt holds an MBA from Michigan State University’s Broad School of Business and resides in Los Angeles.