After a series of ransomware attacks hit cities last year, finally some good news: Las Vegas was able to stop a ransomware cyber-attack in its tracks. When the cyber-attack was detected, the city responded by taking down its computer network to investigate the threat. Systems were back up with everything functioning as normal within 12 hours—and no public data was accessed. This was partly thanks to Las Vegas’s robust network segmentation, which limited the access that the hackers had to the city’s digital resources. The outcome is a happy departure from the damage other cities have experienced thanks to ransomware attacks—New Orleans even had to declare a state of emergency. So what are some of the lessons we can take away from the Las Vegas ransomware attack? Let’s take a look.
Have a Security and Disaster Recovery Plan in Place
This may seem like an obvious one but a recent report found that many state government bodies don’t have a security or disaster recovery plan. Having these plans in place means that your business has strategies in place to keep out bad actors and to quickly return to normal operations if you are compromised. Make sure to bring all stakeholders to the table when building the plan and to regularly test the plan to check its resilience.
Backups, Backups, Backups
When ransomware shuts down your systems don’t rely on paying the ransom to recover your data (that encourages attackers and doesn’t guarantee recovery of your data, anyways). Instead, make sure all your data is regularly backed up and physically separate from the main dataset. If it’s outside of your firewall it should be encrypted. This way it can’t be accessed by the attacker and, if you experience an attack, you can restore your systems.
Ransomware is often transmitted through email or malicious links. Attackers prey on human curiosity to convince employees to grant them access. Training employees to recognize phishing emails or suspicious sites can help reduce the likelihood of an attack occurring. Also having trainings that simulate ransomware attacks can help prepare employees should an attack occur so that your response is significantly faster.
Part of being prepared for a ransomware attack is having the right tools to address the situation. Vaporstream provides an alternative network for businesses to keep communications ongoing if a ransomware attack occurs. That way, people can communicate their response without having to worry about the attackers accessing the conversations. Vaporstream can also be used to protect communications from phishing attempts that can lead to ransomware attacks—any messages coming through Vaporstream can’t come from an unauthorized person. Learn how organizations are using us here.