An Arkansas sheriff’s office became infected with ransomware, paying hackers a considerable amount to recover stolen files…
December 5th marked a troublesome day for Carroll County Sheriff’s Office, located in northwest Arkansas. Lieutenant Daniel Klatt, who runs the department’s information technology infrastructure, reported the department’s system became infected with ransomware, denying them of access to their internal computer files. In response to the infection, and in an effort to recover the files, Klatt reported the department paid approximately $2,400 (or 3 bitcoins) to allow the department to re-access the files the hacker had stolen.
So, how did this happen? Klatt reported the hackers were believed to be from India or Russia and achieved access through the management system, leaving the files inaccessible unless a ransom be paid. A newer strain of ransomware, “Dharma”, is known to be the infection source that took down the sheriff’s office. Klatt commented that they are now working to instituting new security measures in hopes of getting ahead of the infections and hackers.
In return, the ransom paid was not the only expense the sheriff’s office incurred. The Carroll County Sheriff’s Office system was reported down from December 5th to December 9th. Luckily, as of this Monday, 12/12, the department reported that majority of the system was back up and running.
What can you do to stay protected?
One thing is certain… ransomware is taking its toll on organizations of all types, from government agencies to schools, hospitals, as well as the common home user. User education is key. Always think before you click. Too many times our curiosity gets the best of us and we are click on something we shouldn’t. Please be aware of what sites you’re visiting, what files you’re downloading, and what links you’re clicking on.
Second, find a security software that implements application whitelisting technology. This form of protection safeguards against today’s cyber security threats, as it only allows for secure programs to run. Everything else is going to be blocked. Now, please note – these security software programs cannot entirely account for human error. If you choose to whitelist a program that hasn’t been tested, you could still become infected. So again, be aware of what you’re downloading!