Columbus City Cyberattack: What Happened and What We Can Learn
As you may have heard, a hacker group has stolen 6.5 terabytes of data from the City of Columbus and is threatening to auction it off to the highest bidder unless the city pays them nearly $2 million in ransom.
The group was able to download internal login and passwords, databases of employee information, security camera footage, police dispatch logs, and other emergency services data.
How did this happen?
While the investigation is still ongoing, it is believed that a city employee clicked on a malicious link in an email which then installed malware on the employee's computer or tricked the employee into providing login and password information. Either way, the hacker was then able to access the rest of the network and servers and steal the data.
Aftermath
Though the situation is still ongoing, some of the stolen information has already made it onto the dark web. Officers are reporting that their bank accounts have been hacked and that someone is attempting to open credit lines on their behalf.
Even if the city decides to pay the ransom, there's no guarantee that the hackers won't still release the stolen data or request additional ransom payments in the future.
Furthermore, the city is now offering all 10,000 of its employees free credit and identity monitoring as well as identity theft insurance and restoration for two years – an enormous cost for the city of Columbus.
This real world example shows why it's so important for your organization to take this type of threat seriously. It can happen to anyone. No matter how large or small, your organization has sensitive data that would be both valuable and destructive in the hands of a hacker.
That’s why it’s crucial for every organization to have advanced email protection and regular employee security training on how to identify and react to malicious emails. All the technology in the world is no substitute for a well-trained workforce that creates a “human firewall” between your data and a hacker.
Questions? Contact us anytime!
info@niceguytech.com
(614) 233-1648