Possibly lost among higher-impact national news is the fact that the city of New Orleans, as of this writing, has been using pen and paper to complete routine government functions for three weeks.
Pen and paper. That’s police reports, property taxes, city council meetings, the DMV, bill paying – you name it – all without basic computer functions.
As Bill Bozeman, CEO of PSA Security Network and a resident of New Orleans told me: “My hometown is shut down right now because of ransomware. Right now you can’t do anything….you can’t send an email to the city or conduct business – the whole damn city is shut down.”
So how did all these attacks happen? If you have any familiarity at all with this topic (and as a faithful reader of this magazine, I certainly hope you do), you already know that some technologically challenged computer neophyte clicked on a link in an email that unleashed a nightmare.
According to nola.com, the attack on New Orleans “began Dec. 13 after an employee apparently responded to an email seeking credentials to access the city’s system” – all of which led ultimately to New Orleans Mayor LaToya Cantrell declaring a state of emergency and later announcing that the city will increase its cyber insurance coverage from $3 million (which did not cover the costs incurred by this attack) to $10 million in 2020.
The city of Baltimore, which experienced a similar attack earlier in 2019, has reportedly increased its cyber liability coverage to $20 million in 2020.
Meanwhile, as New Orleans entered a potential fourth week of total paralysis, hackers started leaking files stolen in a ransomware attack on the city of Pensacola, Fla. – adding a new dimension to the scourge of ransomware, the threat of data release (instead of plain deletion). This is the same group responsible for the ransomware strain (Maze) that breached two very familiar security industry companies, Allied Universal and Southwire.
After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware published tons of data and files stolen from both companies.
“Gone are the spray-and-pray days (of ransomware) – now it is about complete compromise, where the ransom aspect is more a demonstration of just how deep the compromise is,” explains Adam Laub, CMO at STEALTHbits Technologies.
Your Role?
So where do security integrators fit into this equation? To begin with, as Bozeman says, cybersecurity is most assuredly not a fly-by-night fad. This is true for commercial security customers, but even for residential ones; in fact, attacks that can cripple a major city to the point of shutdown for weeks are the symptoms of a market crying out for assistance from our industry.
“Perhaps an unintended consequence of focus on (government) organizations will not just be a heightened level of awareness amongst the general public, but the desire for the general public to push for the resources their local governments need to match up with these highly motivated adversaries,” Laub says.
With increased awareness comes increased funds and increased spending on cybersecurity – from insurance, to backup servers, to email protection. But instead of focusing on the technological defense, perhaps it is time for the security industry to embrace the awareness angle on this one.
“CISOs focus on technological defenses, when they should also be patching their colleagues with regular simulated ransomware attacks and security awareness trainings,” says Colin Bastable, CEO of security awareness training company Lucy Security.
By leveraging trusted advisor status among all clients, security integrators can easily help coordinate internal awareness and best practices campaigns – with the happy side effect of strengthening and building those business relationships.
Paul Rothman is Editor-in-Chief of Security Business magazine (www.securitybusinessmag.com). Email him your comments or topic suggestions at [email protected].
