Processing Your Payment

Please do not leave this page until complete. This can take a few moments.

Updated: October 5, 2020 Experts Corner

What businesses can learn from Hartford’s ransomware attack

The recent cyberattack on the city of Hartford proved once again ransomware is still very much a threat.

Tim Weber

Thankfully, the city had taken precautions. It credited its ability to continue running emergency services as well as its quick recovery from the attack to recent investments and a proactive approach to cybersecurity.

While the best security event is the one that doesn’t happen, that’s wishful thinking. Every organization across every industry is vulnerable to security attacks that can paralyze systems and shut down operations. Without the proper tools in place to help prevent and recover from attacks, the cost to businesses can be staggering.

A good security strategy prepares organizations for when an attack happens, not if. You can’t wait until a crisis happens to figure out how you’ll respond to a crisis — you need to prepare now.

While always unfortunate, events like the Hartford ransomware attack can be teachable moments for other organizations.

Consider these lessons to help your business prevent cyberattacks — and recover if one happens.

Every organization is vulnerable. Prepare now and plan how you’ll respond.

Everyone is vulnerable. Public entities may have more risk, but there are attacks on businesses of all kinds, everywhere. No industry is “safe” from these attacks.

Complete cybersecurity assessments every year.

Do you know what your risks are? It’s critical that you regularly check your systems for weaknesses and implement solutions and precautions to protect your business and clients.

Security isn’t something you can do once — constant vigilance and review is needed to make sure there are no gaps.

Adopt endpoint detection and response software that can quickly uncover security threats.

Do you have systems in place that support your security goals? Antivirus is not enough. Threats are coming in so fast and so frequently you may not even be present when they happen.

Businesses need managed security services with people monitoring 24x7x365.

Train staff on how to recognize and report attempted intrusions.

Employees are the last line of defense. Whether employees are a cybersecurity strength or weakness depends on you and your organization. Training staff can ensure things like suspicious requests and fake prompts don’t lead to something more serious.

With staff working remotely, ensure those using personal machines to access your systems are adhering to security basics.

Security policies and additional steps like multi-factor authentication (MFA) can be the difference between a successful attack and a failed attempt. Have policies and tools in place to help your team stay safe.

Have good backups.

No matter how good your security strategy is, always have a plan B. If something happens and your data is encrypted or compromised, how secure are your backups? How long will it take you to get back up and running?

Having secure, recent backups that your business can rely on makes a huge difference when dealing with restoration after an attack.

My intention isn’t to scare anyone, but we can’t afford to ignore the rising threats facing our businesses. Cybersecurity can be daunting, but when you look at the cost of a breach, taking these precautions and having a plan are absolutely worth it.

Tim Weber is the director of security services at ADNET Technologies, an IT management and cybersecurity firm in Farmington.

Sign up for Enews


Order a PDF