Refuse Paying Ransom

Mecklenburg County in North Carolina experienced additional cyberattacks after it refused to pay $23,000 in ransomware. However, county officials indicated that the latest cyberattacks were unsuccessful.

Hackers launched the second set of cyberattacks against Mecklenburg County on Thursday, December 7, according to a prepared statement. County Manager sent an email to warn county employees about the cyberattacks and provided these workers with recommendations.

Mecklenburg County originally experienced a cyberattack on December 5. During the cyberattack, hackers froze 48 county servers via encryption, and asked for two bitcoins in ransom, The Charlotte Observer reported.

Just Saying No

Mecklenburg County would not pay the ransom, and instead would use backup data to restore government systems that were affected by the cyberattack.

Since that time, Mecklenburg County has taken steps to restore government systems in the following areas:

  • Criminal Justice Services.
  • Health and Human Services.
  • Office of the Tax Collector.

Mecklenburg County remains focused on restoring affected government systems following last week’s cyberattack. Meanwhile, county offices and departments are open and using alternative processes where necessary to serve community members.

How Can MSSPs Help Organizations Combat Ransomware Attacks?

Ransomware is no longer platform-agnostic, according to a recent study. Fortunately, MSSPs that understand the dangers associated with ransomware can help organizations across all industries limit the impact of ransomware attacks.

Recommendations to help safeguard organizations against ransomware and other cyber threats:

  • Use segmentation. With segmentation, MSSPs can help prevent the spread of an infection inside a network and speed up the recovery time after a cyberattack.
  • Deploy backups. In the event of a successful cyberattack, MSSPs can help customers wipe their workstations and implement backups.
  • Provide comprehensive data storage. Encrypt all customer data, regardless of whether it is stored on-premises or in the cloud. That way, MSSPs can make it tough for cybercriminals to access customers’ sensitive information.
  • Track suspicious activity in DNS logs. Examine DNS logs following a breach to help customers quickly identify and address all affected endpoints.
  • Have alternate systems in place. Ensure customers have alternate systems in place to guarantee continuity of operations after a cyberattack.

Furthermore, MSSPs can empower organizations to take a multilayered approach to cybersecurity. MSSPs can also provide a combination of email and web security services to help organizations bridge all security gaps.