Albany, New York’s capital district with a population of about 100000, has suffered a ransomware attack that has brought their IT system down to its knees. As expected, this has affected numerous city services, interrupting the orderly operations of the district and its citizens. The incident was revealed by the Mayor of Albany, Kathy Sheehan, with the following tweet:
The City of Albany has experienced a ransomware cyber attack. We are currently determining the extent of the compromise. We are committed to keeping you informed and will provide updates as they become available.
— Albany Mayor Kathy Sheehan (@MayorSheehan) March 30, 2019
No details about the extent of the compromise, whether the district has paid the actors or not, and if there are any backups that can be used in this emergency were given out yet. However, the major has followed up yesterday through a press release, informing the public about the fact that the officials have worked throughout the weekend to remedy the problems that arose by the ransomware attack. Right now, the city employees are serving the public as usual, but several services have been rerouted to secondary “drop-back” operational level or even different buildings. The issuing of various certificates and licenses, for example, will be done by nearby city halls (in Troy) that were not affected by the ransomware attack, so citizens can not submit and acquire them through the town’s online system yet.
This incident comes only two weeks after Georgia County paid $400k to ransomware actors who locked down their IT systems, leaving the populous state paralyzed. As these incidents are directed against the public interest and impact public safety, they are considered of utmost severity. This practically means that the FBI investigators are working full-time to locate the ransomware actors and prevent this from happening on other states and districts. However, and as the cream of the crop seems to be unable to find the people behind the attacks, there’s an increasing urgency for a national cyber-security mechanism that will manage to protect public services against these malicious actors.
FBI officially consults not to pay ransoms to those actors, but public-serving organizations that fulfill such a neuralgic role in the society cannot afford to wait for a white hacker to release a decryptor. This is why they have become prey to ransomware attackers, who know they will get their money almost immediately. Right now, the best approach is to backup, train the staff, and conduct sponsored penetration tests as often as possible.
What would be the best plan to deal with public-targeting ransomware actors? Share your thoughts in the comments section below, and don’t forget to follow us on Facebook and Twitter, for more news like this one.