Suffolk County, New York, which encompasses the eastern part of Long Island, has asked the New York Police Department (NYPD) for help after its government systems, including 911 emergency services, were taken down following a September 8 ransomware attack. The incident is also disrupting real estate deals, as the title reporting system is affected.
- Suffolk County staff are using pen and paper to handle emergency calls. Reverting to manual means is not uncommon with ransomware attacks, but be sure to understand how long that is viable. In this case they are reaching to NYPD for coverage until they are back online. While not viable in all scenarios, make sure this approach is included in your disaster plan preparation processes.
- Events like this are reminders that our DR/BCP programs must be up to date and tested, but there’s a deeper issue. Organizations mistakenly focus all of their resources on preventing compromises through known vectors. It’s easy to understand why; this is a problem it’s easy to create a product for. Unfortunately, it leads to a false sense of security since it prevents organizations from developing truly effective detection capabilities. Without the capacity for effective detection of unknown threats, we will always be caught flat-footed trying to recover after the damage is extensive.
- For the rest of us, the lesson is that in the event of a breach, we may have to pay for outside assistance. The cost of such assistance must be included in consequence component of the calculation of risk.
Read more in