LaPorte Government Computers Hit By Ransomeware

LaPORTE COUNTY, Ind.–LaPorte County government computers were hit by ransomware Saturday and the county’s IT team worked for 15 hours to make sure the court system’s computers stayed operational. But, that’s not the only system in Indiana that’s been hit lately. A computer science professor at Purdue University says if your company or government isn’t backing computers up, ransomware could be big trouble.

“This is similar to extortion. It is extortion. This is similar to if someone came by and said, lovely city government you’ve got here. It would be a pity if there was a fire,” said Prof. Eugene Spafford. “Municipalities that end up paying are rewarding criminal behavior. That’s bad policy.”

In LaPorte County, the IT team was able to shut the system down before much of it was encrypted. But, that doesn’t always happen.

“It encrypts user data, often programs, then alerts the user that that information has been encrypted and that if the user wishes to get the key…they are to pay a ransom.”

For some older ransomware, keys are available that can unlock the system and get data back.

Spafford said that computer scientists and IT professionals have been warning companies and governments for over a decade that this type of extortion was possible. He said that while most of the malware doesn’t gather the critical data of individuals, it hides the data, tempting governments and companies to pay.

But, having good backups, that are not connected to the internet, and good IT protocols, such as instructing people not to click on bad links, and not giving everyone access to every part of the system, can be good deterrents for the ransomware.

Spafford said companies and governments not taking basic precautions can expect people to be put off about the way their vital info has been treated.

“Citizens should be upset about this…it also indicates that the municipality has done poor job of organizing and protecting their IT infrastructure that has critical information.”

Spafford said people generally send out ransomware for two reasons: to make money, and to destroy or corrupt files on purpose, pretending to be the ones who are trying to make money. He also said that it’s difficult to catch the crooks because they are working from other countries, many times, and investigating criminal activity in foreign countries is just as difficult as extraditing them may be when they are caught.

He said the best advice is to keep good backups, and make sure that you are not clicking on suspicious links or opening suspicious emails.

 

Photo by Markus Spiske on Unsplash