It only took one employee a single click on an email link that allowed hackers to upload malware, and now the City of Riviera Beach, Florida is finding out first hand how expensive a ransomware attack can be. Going against U.S. Department of Homeland Security, Secret Service, and FBI suggestions, they paid $600,000 in ransom to hackers after they took over the city’s systems; and an additional $1.0MM on new computers and hardware.
This event highlights two key factors – first, we cannot use a single recommendation. Some municipalities will have to pay out hackers when the cost of disruption could lead to much more severe consequences. Second, and more importantly, it brings to light the means through which hackers would resort, in order to get to their goals. In this case, email, which is unfortunately becoming an area where we are seeing less security spending for two main reasons: a) most companies outsource their email hosting services to third party vendors; and b) most email messages are analyzed at time of delivery. As methods and tools have improved, hackers can now intelligently embed links in their messages that would appear ‘innocent’ to the third party vendor BUT could be repurposed on-the-fly for a request originating from the target enterprise.
While we continue to suggest that the best defence against ransomware is not to get infected, a fair number of municipalities are simply unprepared for, nor do they have an adequate defence system in place to prevent these attacks. The sad fact is that many of these ransomware attacks are initiated by a simple phishing email that leads to a malicious download that starts the whole downward spiral as hackers gain access to key systems. In the case of Riviera Beach, it was just that; an employee clicked on an email that allowed hackers to upload malware.
All of this can be prevented! It could be as simple as being able to stop that initial phishing email from being delivered to an end user within the network. Municipalities that have already been hit, or those that are keen on taking a proactive approach so that they don’t become one of the growing ransomware statistics, should all take advantage of Wedge’s FREE 90 day trial of the Wedge Advanced Malware Blocker.
With patented Deep Content Inspection, combined with an orchestrated platform that utilizes machine learning / AI and best of breed security defence solutions, WedgeAMB has a 99.97% accuracy rate for detecting and blocking malware in Real-time. In the case of Riviera Beach, the email in question would have been stopped in its tracks because WedgeAMB is the only product available that can provide both web and email protection – in REAL-TIME, detecting and blocking the phishing email before it even landed in the employee’s inbox and prior to them being able to access any embedded links. At Wedge, we continue to promote the Detect and Block approach for any and all organizations. Ransomware can prevented and WedgeAMB provides the first step. For more information, contact our team at: firstname.lastname@example.org.