While our headquarters is in Elkridge, MD, most of our staff identifies with Baltimore as our hometown. All of our “good” team members are Ravens and Orioles fans, and most of our clients are in the Greater Baltimore area. Of course it was disappointing to hear the news that the Baltimore City government servers were infected with ransomware on May 7th. This was the second cyberattack against Baltimore in the past year, and at least the 19th against a state or local government entity in 2019.
I have seen ransomware attacks directly affect our clients and wanted to share the options available when a criminal is able to encrypt a business’ files or servers. Quite simply, a company can choose one of the following:
- Pay the ransom and (hopefully) recover your files/servers.
- Restore the affected files/servers from a backup.
- Move forward and live with the loss of this data.
There are no other options, and it’s important for every business owner to understand this. Certainly it is undesirable to payoff a criminal to get your data back, but I am aware of companies that have done so. I’ve also heard stories of people that didn’t pay a ransom and didn’t have good backups, so they lived with the data loss. Both of these are terrible options, and the only good one is #2 – restore your files or servers from a backup.
For Howard Tech managed services clients, we manage backup services and (so far) have been able to recover from attacks and other failures each time we’ve been in this situation. We have been engaging clients in regular business/technology reviews (BTRs) and are constantly trying to educate them on the risks. Each company needs to evaluate these for itself, and consider local and cloud backups as part of their overall disaster recovery scenario. As a normal rule, we test backups for our clients’ servers quarterly. We maintain a robust monitoring and alert system, but it’s not possible or practical to physically test backups each day. While we use excellent tools that have (so far) worked 100% of the time, there are always software or human errors that could happen.
The same thing applies to your home computers and other personal devices. Where are you storing your family photos or personal documents or other critical pieces of data? If your home PC was hacked or the hard drive crashed, do you know how to recover your data? When was the last time you tested your backup, to be confident that it was working properly? While we don’t support non-business computers, the HTA team will gladly share best practices for how you can protect your data.
As of this writing, sixteen days have passed since the City’s servers have been encrypted and these services have yet to be restored. I have no specific knowledge of the 7×24 effort being made in Baltimore, but it feels like the City had problems with its backup systems. From the Baltimore Sun “the city’s chief digital officer, Frank Johnson, would not say whether the city had an emergency plan in place for such an attack.” Cyber risks and ransomware continue to grow, and it’s critical that each of us is aware of and prepared for such possibilities. Our team stands ready to answer your questions and support you in anyway we can to reduce business risk.
HOWARD TECH ADVISORS: YOUR PARTNER IN TECH
At Howard Tech Advisors, we manage your IT infrastructure so that you don’t have to. Whether you need assistance creating a disaster recovery plan or you’d like to outsource your IT needs, we can help! Keep up with our weekly blog to stay up-to-date on the latest tech trends, security information you need to know to stay safe online, and tips and tricks to effectively navigating an increasingly mobile world.