It could happen to your small business
February 8, 2023, the City of Oakland suffered a ransomware attack. It forced several city systems to go offline. Fortunately, it did not affect emergency services. 911 and fire rescue were still online.
Digital security experts investigated the incident. They assume the attack started with an email that contained a malicious ransomware program. When a user clicks on a link or attachment, the ransomware gets into the system and steals valuable data.
Reason for State of Emergency Declaration
Interim City Administrator G. Harold Duffey declared a state of emergency on Feb. 14, 2023. That allows city officials to fast-track procurement to address the situation. They can activate emergency workers faster, too.
Update From the City of Oakland
Not all details are known to date. But several non-critical systems reportedly went offline.
Some services also became unavailable, including the following:
- Report processing
- Payment collection
- Issuance of permits and licenses
A week after the attack, officials are working to put in place their recovery plans. The goal is to restore all affected systems to normal.
They have not announced who was responsible for the attack, though. No one has claimed responsibility, either.
Ransomware Attacks on the Rise
Ransomware disables systems by encrypting files. It then gives the user a limited time to pay up or risk losing the files. It is easy to get the program into the computer. The challenge is getting paid.
Cybersecurity expert Ahmed Banafa noted that ransomware attacks are rising alongside the increasing use of cryptocurrency.
Hackers had limited options to get paid before cryptocurrency. Regular money transfers can lead to them. They need to provide banks with their data, like names and addresses. With cryptocurrency, they can receive payment privately. Police would have a hard time tracing it to the criminal.
These criminals also like to target the public sector. Unlike private companies, they cannot justify high budgets for IT. Security experts in Emsisoft said that over 200 US public sector organizations received ransomware threats.
Education and healthcare industries are also vulnerable as they hold valuable data. Patient details could be stolen and sold to others.
It takes weeks or months to recover from a ransomware attack. Some organizations could not afford that. It takes a lot of time and money to resume normal operations. The best course of action is to prevent an attack.
Security experts suggest having cybersecurity programs. They guard against malware and computer viruses.
My perspective
But the best line of defense is knowledge. Companies can invest in employee training. Employees should learn how attacks happen. That way, they can guard against potential threats, keeping the organization and its critical data safe.
"The way to get started is to quit talking
and begin doing." -Walt Disney
By Denis Wilson
Thanks for reading this post. I always take into mind that your time and attention are precious. And these posts need to be timely, to the point, and short. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, YouTube, and Facebook.
I am also a published author and speaker on cloud computing, work-from-anywhere, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.
Contact me if you have any questions about the subject.
I'd be happy to spend 15 minutes discussing it with you.
