When cyberattacks hit close to home; when an attack affects a large number of people, it really shows you just how much risk a business could be facing by not being prepared. Over Thanksgiving, a cybersecurity incident hit the Washington County government, and as of this writing, several services are still paused while things are getting restored.
Maryland County Suffers from Cybersecurity Attack That Temporarily Shuts Down Government Services
On Thanksgiving day 2022, a cyberattack struck the Washington County government. At the time of writing this, we don’t know the full scope of the incident, other than the fact that the county has had to scramble to get services back up, and that some services will be unavailable with no current expectation on when they will come back online. This includes things like processing and issuing permits, as well as postponing some criminal cases. Some county phone services were impacted for weeks, too.
As you can probably imagine, this is a big inconvenience to many, and is obviously an obstruction to the Washington County government as far as their normal day-to-day operations.
What Could Cause This Type of Attack?
We could speculate on what type of cyberattack it was, but it’s worth mentioning that this is purely guesswork. Just knowing what we know based on the reporting, it sounds like there was a data breach, and since reports mention that attorneys and other officials don’t have access to files, our guess is ransomware. Again, this is pure speculation, but if we’re right, then there is a huge lesson that any organization can learn from this.
It’s easy for a business owner to hear about this kind of attack and think “Thank goodness I’m not associated with the local government, I’d hate to be targeted like that!”
But here’s the thing; while we don’t officially know right now what caused the data breach for the Washington County government, it doesn’t mean it was directly targeting them.
Most ransomware attacks are blanketed out to just about anybody who might fall for them. You only hear about the high-profile attacks because they make it into the news cycle. While it’s possible that this was a targeted attack, it’s more likely that the same attack vector affected other businesses and organizations too, and that it’s still being spread around.
These types of attacks might not even target a particular geographic area, but they can spread geographically, in a sort of sense, because local organizations will likely have local contacts. If the threat spreads via email, then it’s likely going to spread out through contacts the organization had communicated with in the past or have collected over the years. Again, this is all speculation and not necessarily the situation here, but it is good to understand how these types of situations work.
As a Maryland Business Owner, What Should I Do?
You probably aren’t in direct, immediate danger simply because the county offices got hit by a cyberattack, but you are at risk. Your business is always at some level of risk when it comes to cyberthreats. It doesn’t matter if you have antivirus, and it doesn’t matter if you are a smaller business.
Having cybersecurity measures in place is the bare minimum and really only offers baseline protection. Think of it like installing cameras throughout your facilities but instead of recording footage, you are only broadcasting it to a single set of monitors, and the only person assigned to watching the monitors also has about 15 other responsibilities. At that point, the cameras are only there to give the appearance of security.
The same goes for firewalls, antivirus, and other cybersecurity measures. While they can block and prevent some stuff, they don’t offer full protection without being managed and monitored. This doesn’t mean hiring full-time staff to sit and watch over computer logs, but it does mean having professional IT security experts utilizing sophisticated tools that alert them of any anomalies and suspicious activity.
It all starts with an audit of your existing cybersecurity. We also feel that it’s very important to mention that cybersecurity protection isn’t a luxury item. It might feel like a service that caters to larger businesses, but this is a small business problem. Smaller businesses are just as susceptible to these kinds of threats, if not moreso. Let’s take a look at the types of businesses that are at higher levels of risk.
You are at a high risk of cyberattack if your business:
- Handles financial information, including payment processing, storage of credit cards, etc.
- Stores and processes personal information, especially more sensitive information
- Stores and processes healthcare information
- Or your business works with other businesses and organizations that match the above criteria.
With ransomware, cybercriminals also simply assume that the pain of a disruption to services is considered valuable to most organizations, so the greater of an effect widespread network downtime would have on that business, the better of a target they are.
For instance, a one-man CPA might be considered a minor target, but a small elementary school could be considered a larger one, since the downtime would be considered even more painful as it has a broader effect, and could result in netting a higher ransom.
Of course, both examples are still at risk.
Don’t Blame it on Budget
Believe us when we say we understand that there is only so much money to go around. A limited budget will definitely force an organization to make hard decisions, and there are always going to be things that feel much more important than proactively preparing for a cybersecurity threat.
Here’s the irony though. If your business deals with a cybersecurity incident, it’s likely to be exponentially more expensive and time-consuming than taking precautions. This is absolutely ounce-of-prevention, pound-of-cure territory here. The cost of a severe data breach, including the downtime, the mitigation, the nerve-wracking communication fires to put out, and then finally taking these matters seriously are so much higher than making sure you are in good standing and keeping things in check.
If your business has been putting off an IT security audit, it’s time to include it into your 2023 IT roadmap, and it’s best to get started sooner, rather than later. It’s not a matter of if, but of when.
Fortunately, we’re here to help. Let’s start the conversation and talk about what it will take to harden your business so that it doesn’t have to suffer from its next cyberattack. Give us a call at (410) 531-6727 to start the conversation.