Early this year, Hinesville, a city in Georgia, was attacked by a ransomware and was pressurized to pay ransom for ransomware removal. So how did the administration manage to neutralize the cyberthreat?
In the aftermath of the attack, Vernetha Ekeyi, the city’s IT Director, immediately contacted Kenneth Howard, the City Manager. Beginning discussions culminated in reaching an agreement that the ransom demand for ransomware removal will not be accepted. The reasoning which prompted the decision was the general belief that such cybercriminals do not keep their word and may attack again in future. It was also unveiled that the exploitation of a RDP end point led to the unauthorized access into the city’s systems.
Mr. Howard realized that the city’s cyber defenses required an upgrade. Thus, the city council was requested to provide a sum of $31,662 for the time being while an additional $29,261 would be required in the next allocated budget for the construction of highly-secure networks and investment in reforming the IT infrastructure via cloud migration.
Lessons Learned
The attack has served as a valuable lesson for other similar city governments. Some of these lessons are:
- A Chief Information Security Officer (CISOs) is a must! CISOs supervise the entire cybersecurity infrastructure of governments to ensure that could not be infected by cyberthreats like ransomware.
- Likewise, education and training sessions must be held for the elected officials. With recommendations and suggestions for hygienic use of computers, they would refrain from clicked unsafe links or download untrusted attachments—often the common distribution strategies of ransomware.
- Also, it is necessary to realize that ransomware removal strategies and solutions require a good budget. Money is needed to purchase cybersecurity insurance policies and upgrade computer hardware and software.
- Regular backups of data must be mandatory where cloud backups are one of the ideal strategies to save data on a separate location.
