The Salisbury, Maryland Police Department recently suffered a ransomware attack considered "the worst computer network attack in history," Director of Information Systems Bill Garrett told WBOC TV 16.
Salisbury police officers were unable to access the department's computer database on January 9, Captain Rich Kaiser indicated. Garrett then discovered a hacker had locked down various department network files and was demanding a ransom to recover them.
The hacker did not download or steal any of the files within the Salisbury Police Department's system, according to WBOC TV 16. Also, the Salisbury Police Department did not pay the hacker's ransom and has recovered the locked files in its network.
Salisbury police officials are working with the FBI to identify the hacker responsible for the ransomware attack. They also are exploring ways to bolster the police department's cybersecurity efforts.
City, state and federal government organizations across the United States have suffered ransomware attacks over the past few years. The costliest municipal ransomware cleanup likely involves Atlanta, which expects to pay about $17 million in various fees to recover, rebuild systems and strengthen security after March 2018 attack.
Ransomware Is Leading Cyberattack for SMBs
In addition to the Salisbury Police Department, small and medium-sized businesses (SMBs) are susceptible to ransomware attacks, which is reflected in the "State of the Channel Ransomware Report" from data protection solutions company Datto.
Key findings from the report included:
- Ransomware is the leading cyberattack experienced by SMBs.
- On average, the requested ransom for SMBs is roughly $4,300.
- The average cost of downtime related to ransomware attacks against SMBs is approximately $46,800.
Deploying a multilayered approach to identify and prevent ransomware attacks is paramount, Datto indicated. That way, SMBs and other organizations can use this approach to stop ransomware attacks before they cause brand reputation damage, revenue loss and other problems.
How Can Organizations Address Ransomware Attacks?
Datto offered the following recommendations to help organizations address ransomware attacks:
- Use business continuity and disaster recovery (BCDR) technology. BCDR technology helps organizations determine how to limit downtime and maintain operations despite a ransomware attack.
- Teach employees about ransomware attacks. Regular and mandatory cybersecurity training teaches employees how to spot potential phishing scams that otherwise could lead to ransomware attacks.
- Hire a dedicated cybersecurity professional. A chief information security officer (CISO) can help an organization develop and deploy a cybersecurity strategy to address ransomware and other cyberattacks.
MSSPs can safeguard organizations against ransomware, malware and other cyberattacks, too. They can provide cybersecurity monitoring and other security services, and by doing so, ensure organizations are protected against cyber threats.