This past March, services and programs such as utility bill payment, parking, and court services were severely affected in Atlanta, Georgia when a ransomware attack locked the city’s computer system and forced officials and the public to complete paper forms by hand. The outage lasted several days and the city spent almost $10 million to recover the applications. Despite the cost and effort, some legal documents and police dashcam footage were permanently deleted and lost forever.

In April, a salesperson at A. Duie Pyle, a LTL trucking company, clicked on a malicious link in an email. Two months later, terminals started losing access to the company’s computer systems, and their email, website and computer systems stopped working. It took the company four days to restore complete services.

Computerizing processes so we can make faster decisions or increase productivity, makes us increasingly reliant on computer systems. Unfortunately, the more we put onto our computer systems, the more we lose when our computer systems get compromised. Gone are the days of handwritten orders and manual schedules. Now, a computer attack can cost millions of dollars in lost revenue and operational costs. Criminals know this, and are constantly looking to exploit any gaps in a business’ security.

Welcome to the world of cybercriminals and cyberattacks that are aimed at accessing or destroying sensitive information, extorting money, or interrupting normal business processes.

A cyberattack can occur in one of several ways:

1. Phishing - A phishing attack occurs when a legitimate looking email asks the receiver to validate credit card information. It often seems like a genuine-sounding request that involves clicking on a link to a fake online bank account and providing log-in details. The cybercriminals then use this information to make unauthorized transactions
2. Malware - Malware (often called Trojans) is software that is either delivered via an email or an infected site. In this case, clicking on the link runs a complete program that either infects the computer right away, or waits dormant until nobody is suspicious, after which it deletes data or scans the hard drive for sensitive passwords or data to steal. Sometimes malware can also be left on an infected USB. The A. Duie Pyle attack was a variation of malware called ransomware. It encrypted their data and demanded ransom in return for the decryption key. They refused and chose to rebuild from backups instead.
3. Brute Force - These are programs that keep guessing at passwords, or randomly target sites, in the hope of finding vulnerabilities in old anti-virus programs or unpatched operating systems they can exploit to gain access. The city of Atlanta had old, unpatched computers and the criminals used known vulnerabilities to gain entry into their computer systems.

To combat this, cybersecurity, or the practice of protecting systems, networks, and programs from digital attacks, needs a combination of people, processes and technology to be truly effective. We, in Saia IT, are doing what we can to protect our systems by utilizing the right tools and processes like firewalls, regular patches, anti-virus programs, and backing up data. However, the best systems are a weak defense against someone accidentally providing sensitive information to a cybercriminal or clicking on malware.

We have invested in training software called KnowBe4 and have begun to regularly provide training so employees can detect fraudulent emails and other attacks. Still, the best defense is to be wary. Please be careful clicking on suspicious email. Above all, please let us know right away if you suspect anything, particularly if you have opened a suspicious application — the malware may have already started doing its job - but at least we have tools to prevent further damage. Without your support, we could have a situation that could be very costly to Saia.