Jackson County, Georgia officials recently paid cybercriminals $400,000 after a cyberattack shut down the county's computer systems, according to the Athens Banner-Herald. Now, Jackson County officials are decrypting computer systems affected by the cyberattack.
Cybercriminals deactivated Jackson County's computer systems on March 1 or 2, County Manager Kevin Poe stated. Jackson County hired cybersecurity consultants to address the ransomware attack; these cybersecurity consultants paid the ransom and were reimbursed by the county.
The FBI is investigating the Jackson County ransomware attack and has not determined how cybercriminals were able to access the county's computers. However, the FBI has indicated the group responsible for the cyberattack could be located in eastern Europe, Poe said.
Atlanta Suffers Ransomware Attack, Refuses to Pay Cybercriminals
The Jackson County ransomware attack comes after cybercriminals deactivated several Atlanta computer systems on March 22, 2018. These cybercriminals demanded a ransom of $51,000 in bitcoin, and Atlanta officials refused to pay the ransom.
Atlanta officials awarded emergency contracts to SecureWorks, EY, Microsoft and various cybersecurity firms after the city's ransomware attack. Furthermore, Atlanta officials created a cross-functional incident response team that includes city officials, law enforcement, the FBI, U.S. Department of Homeland Security (DHS), U.S. Secret Service and independent forensics experts to find ways to safeguard the city against future cyberattacks.
How Can MSSPs Help Their Customers Address Ransomware Attacks?
There is no one-size-fits-all solution to address all ransomware attacks. Fortunately, there are many things that MSSPs can do to protect their customers against ransomware attacks, including:
- Provide educational resources. Teach customers about ransomware and the dangers associated with it.
- Deliver antivirus software. Offer antivirus software that detects ransomware attacks.
- Ensure customers can back up their sensitive data. Provide snapshot-based, incremental backups to help customers instantly recover from ransomware attacks.
MSSPs also can help customers craft cybersecurity strategies. In doing so, MSSPs can empower customers with the support they need to mitigate ransomware attacks both now and in the future.