The recent ransomware attack on the Office of the Illinois Attorney General demonstrates key takeaways for organizations in our area and everywhere. To ensure your network doesn't end up in a similarly compromised position, let's take a look and see what lessons can be learned to take some preventative measures, assess your IT security, and find ways to improve.
What happened?
In the spring of 2021, the Office of the Illinois Attorney General fell victim to a ransomware attack that included the theft and publication of sensitive agency files containing:
- People's names
- Social Security numbers
- Addresses
- Tax information
- Related sensitive and personal data
The announcement that ransomware had struck the Attorney General's office came about three weeks after a data breach was first detected and a few months after the agency was warned of its vulnerabilities. As it turns out, the Office wasn’t holding formal risk assessments, classifying its data, or following a formal security framework.
Although the Attorney General's office managed to get rid of the threat without paying a ransom, it has spent millions of dollars on crisis management measures and protection against future dangers.
What is ransomware?
Ransomware is malware that uses encryption to hold a victim’s sensitive data for ransom. Hackers encrypt the information to prohibit the victim from accessing their files, databases, or applications then demand a ransom to reinstate access. Ransomware is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses for businesses of all sizes.
Lessons Learned from the Attack
There are some major lessons to take away from the ransomware attack on the Office of the Illinois Attorney General, especially for organizations that are concerned with their IT security.
Partnering With an Skilled Organization is Worth the Investment
Some businesses shy away from MSPs because of the cost, but if there’s a security breach ransomware hackers could demand upwards of millions of dollars to release your data. Although it has not been disclosed how much the hackers demanded in the attack, the Attorney General told the media that he was angered, frustrated, and embarrassed. Partnering with an MSP is well worth the investment because it can protect you from paying sky-high ransoms, and defends your reputation and public trust.
You Can’t Afford to Ignore Cybersecurity
The financial and reputational damages that ransomware attacks inflict are simply too much for many businesses to bear, causing them to potentially shutter their doors for good. In fact, 60% of small businesses close within six months of a cyber attack.
Instead of investing in a reasonably priced IT security strategy ahead of time, the Office of the Illinois Attorney General has now spent more than $2.5 million in cybersecurity upgrades after the fact. Putting IT security on the back burner can end up costing you a significant amount and jeopardizing your entire business.
Pay Attention When Suspicious Activity Is Detected
The Office was reportedly warned about their weak cybersecurity efforts before the ransomware attack happened. An audit found that the office had potentially left sensitive information on its computer network “susceptible to cyberattacks.”
Neglecting that warning proved extremely damaging, and unfortunately similar warnings are ignored every day. If you’re proactive and take action at the first sight of any suspicious activity, you’re much less likely to fall victim to an attack. Finding a trusted IT partner that will help build an effective security strategy and foster a security culture in your organization should be high on your list of priorities.
