Blackletter

What is Ransomware?


Listen Later

On May 7, 2019, the city of Baltimore’s networks was infected by malware, malicious software that infiltrates computers, and its systems were locked down. A ransom note was displayed on the city’s computers, demanding payment in Bitcoins to decrypt the entire city’s networks. The infected networks were taken offline, but not before the malware locked down systems including a parking fines database, and those used to pay water bills, property taxes, and vehicle citations.

This type of malware is known as ransomware, which the Cyber and Infrastructure Security Agency defines as “a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid.” Ransomware is spread through a number of means, but most commonly through either phishing emails which contain attachments or links with malicious code or visiting malicious websites that have themselves been infected by the malware. Once the ransomware has infected the system it locks or encrypts the entire system or specifically targeted data, demanding that the ransom be paid if the user wants to regain access to its data.

Baltimore did not pay the ransom and one month later the recovery process is still ongoing, less than one-third of city employees are able to log into their networks, and many city businesses have been forced to function on paper-based temporary fixes. In a press conference, the mayor stated that the estimated cost of the cleanup would be $10 million. News reports have stated that an additional $8 million was lost because of deferred or lost revenue while the city’s networks were down.

Ransomware attacks are becoming more and more common. On April 10, 2019, government officials in Greenville, North Carolina discovered that their networks were infected with the same type of malware like that used against Baltimore. The investigation and cleanup there are still ongoing. Last year, the City of Atlanta was hit with a similar attack and had to spend more than $2.6 million to mitigate the infection and restore their data.

How to protect against it?

There are several steps that can be taken to prevent ransomware from infecting computer networks. Simple steps such as ensuring that all software and operating systems are kept up to date, installing patches as soon as they are released, and employing anti-virus software can help protect networks from these type of attacks. Additionally, providing basic cybersecurity training to employees on how to identify phishing emails and safe Internet browsing practices can help prevent these infections.

Other more technical, but equally important, steps can also be taken. For example, ensuring that critical data and information are routinely backed up, keeping those backups offline, and creating whitelists that allow only approved applications to run on the system will help prevent attacks and protect networks and data in the event that an infection occurs.

Finally, prepare for the possibility of a successful attack.  Proactive planning is...

...more
View all episodesView all episodes
Download on the App Store

BlackletterBy Thomas Dunlap

  • 4.8
  • 4.8
  • 4.8
  • 4.8
  • 4.8

4.8

17 ratings


More shows like Blackletter

View all
The Daily by The New York Times

The Daily

111,948 Listeners

Up First from NPR by NPR

Up First from NPR

56,508 Listeners