Iowa Polk County’s networks were attacked on Friday the 13th

May 20, 2016

Iowa Polk County computers fell victim to a malicious code by a CryptoLocker (trojan virus) Friday the 13th, May 2016, infecting 20% of the county’s servers ultimately forcing the remaining servers to be shut down by IT staff to stop the virus from spreading. This attack was no joke and not just bad luck either. This was an intentional, sophisticated hacking with the intent to hold the County’s computer systems ransom. It took the County’s IT staff 36 hours to isolate and remove the virus. Officials were still unable to access cell phone contact lists on Tuesday.

CryptoLocker is a type of trojan virus usually sent by an email with a link or attachment that is opened by the recipient that then sits dormant waiting to activate to hide traces of its source. It's ransomware because it encrypts a computer system’s data and then offers a key to remove the encryption for a cost, usually payable in bitcoin (a type of digital currency operating independently of the central banking system).

Other attacks

Ransomware has hit law firms in the US and Canada including reports of attempted attacks against firms here in Iowa. In an article published by National Magazine of Canada in May 2015, ransomware needs the unwitting assistance of a targeted email user and then makes its way into the system’s network. The article quotes David Whelan, the Law Society of Upper Canada’s Manager of Legal Information who says “Lawyers and staff should be wary of clicking on links that go to unfamiliar websites and they should be trained not to click and to be paranoid about files they receive. Attachments should be downloaded and scanned by antivirus software, not double-clicked and opened. This includes attachments that look legit, like digital voice mail.”

Ransomware attacks are a real threat to anyone connected to the web.  Whelan recommends a daily backup to a removable external hard drive as a cost effective counter measure. Data can also be stored in the cloud, provided the cloud site remains disconnected from the main network except during file transfers.

Protect yourself from the threats

So what do you do to reduce the chance of your business falling prey to a ransomware infection, fbi.gov recommends:

• Make sure that you have updated antivirus software on your computer
• Enable automated patches for your operating system and web browser
• Have strong and variable passwords, not the same password for everything
• Use a pop-up blocker
• Download software only from trusted sites. Malware often comes from free software downloads like games, file-sharing programs, and customized toolbars
• Don’t open attachments in unsolicited email, instead, close out the email and go to the organization’s website directly
• Use the same precautions on your mobile phone as you would on your computer when using the internet
• Do regular system backups and store the backed-up data off line

It's also wise business practice that should the inevitable human mistake occur anyway, be prepared to fight back with a team of experts. Cyber liability insurance is the surefire method for protecting your business against attacks. Give LiabilityPro a call or submit any questions you may have about protecting your business online here.

Author

Cindy Wiedman, founded Wiedman Insurance Services, LLC (LiabilityPro Insurance Advisors*) August 1, 2014. Cindy is a Registered Professional Liability Underwriter (RPLU) and has designed and administered professional liability insurance programs over a 35-year career working for various insurance administrators in the Midwest such as Shand Morahan & Company, Kirke Van Orsdel, Marsh and Lockton Affinity.

*Currently working with investment advisory businesses domiciled in Iowa, Minnesota, Kansas, Illinois and Nebraska.