Initial Comments on the Ransomware
Dalia Diaz
With the recent hi-jacking of the city’s technological infrastructure across the Commonwealth during the past couple of months, one has to ask oneself “what is homeland security doing about ransoms?”
In just a few months, Lawrence, Haverhill, Methuen, Melrose, The Registry of Motor Vehicles, and other cities, school districts, and public service organizations have had to pay hundreds of thousands of dollars to regain access to their networks. That only says one thing: everyone has to invest in their technology, yearly, to ensure that network and software vulnerabilities are secured. Too many of these organizations, especially government, are in denial about their technological infrastructure by using outdated programs that leave them open to ransomware.
What’s more depressing is that in the course of the embarrassment of being hacked, none of these organizations have decided to talk to their sister cities or other organizations to alert them on these potential hacks. Instead, they stay quiet, hoping no one notices and in turn allow others to get hacked as well. They only call the FBI, like that is supposed to get these organizations return of their network.
Furthermore, they spend thousands of dollars in ransom, even more on experts and legal advice. The average cost of ransomware is in the vicinity of $750,000 after all is said and done. Rumbo will wait a few weeks before submitting a public records request of the cost of this incident, including monies paid to the hostage-takers, legal fees, expert fees, and any money to pay for employee’s credit reporting checks which the City is supposed to provide for one year in case their private information is used by the hackers.
In all of this, we will be writing more about the City of Lawrence’s ransomware attack and how like every professional Information Technology (IT) person will tell you (or even brands of technology that you use), to always make a backup of the information that is yours. If there was a backup the city would have never needed to pay.
Spend the money to improve your systems now and avoid spending even more at the time of the hacking. I think they may need a new IT Director.
The last three times the Public Safety Committee of the City Council met were March 16, 2020, September 27, 2018, and April 10, 2018. There are no minutes for any of those meetings and tabled items dating back to 2013, 2014, 2016, 2017, and many from 2018 and 2019.
The Committee Chair is Pavel Payano. He just sent out a notice to its members to hold another meeting next week. I wonder what’s on the agenda.
Be the first to comment