Jim Fisher

Many of us recently peeked out from under our rocks just long enough to hear of the news that the City of Florence was a victim of a cyber attack on June 5th. The city paid a $300,000 ransom to criminals in hopes of protecting the privacy of Florence citizens.

I’ve written about Ransomware and phishing attacks many times in this space but a quick summary is: Ransomware is malicious software that encrypts all your data (pictures, documents) making them unreadable. To get your stuff back, you have to pay a ransom to a criminal who will supposedly provide you with a unlock code to get your stuff back. Ransomware attacks usually happen as a result of falling for a phishing email. This is an email that entices you to open an attachment disguised as something innocent, but is actually a computer virus. So what happened in Florence? How could this happen? Should you be concerned? Let’s dig in.

This all started when a manager-level technician fell for a very common “DHL Shipping Notice” phishing attack at the end of May. This is an email purportedly from DHL that contains some enticing text such as, “We were not able to deliver your shipment. Please open the attached document and update your shipping information.” If you open that “document,” Very Bad Things can happen. In this case, the city’s IT manager probably had an “Oh spit!” moment and may or may not have alerted his team that he fell for it. Regardless, his actions allowed the criminals full access to the city’s computers including sensitive information on citizens. That information could be names, addresses, social security numbers, income, or credit card information. After a week or two of snooping and stealing information, the criminals encrypted all the data and demanded money in exchange for not releasing the data to the Dark Web.

Florence decided to pay the ransom. I’m sure that was a very difficult decision and we will never know if that was the “best” decision. I can only offer my opinion that Florence literally negotiated with terrorists. That’s a no-no in my book. Back in 2019, the US Conference of Mayors unanimously agreed to stop paying ransomware demands. I do not know if Florence’s mayor attended this conference but what I do know is that Florence fueled the criminal’s engine for an attack on someone else.

So what can you do to prevent this from happening to you or your business? That would require another 3 columns to address properly, but for now; Immediately start using quality email providers that filter phishing emails before they get to you. Google, Microsoft, Apple, and many other companies provide such services for home and business users. Those using AT&T, Bellsouth, Yahoo, Comcast, and other unfiltered email services are at risk. The most important thing you can do is keep backups of your data and physically separate those backups from your computer once the backups have been completed.

Jim Fisher owns Excel Computer Services in Florence. Reach him at www.ExcelAL.com