Effective April 1, 2019, the AmTrust Workplace website for your Employment Practices Liability (EPLI) coverage written with your Package, BOP or Workers' Compensation policies is being updated to a new name, AmTrust Employment Risk Solutions, and a new URL, AmTrust.EmploymentRiskSolutions.com. Your existing user credentials will remain in effect and can be used to log in to the new site. Please contact The McCalmon Group, Inc., platform administrators, 888-712-7667, if you have any trouble with registration.

AmTrust Workplace
print   email   Share

Ransomware: Still A Risk For All Organizations

A recent ransomware attack partially shut down Baltimore's Public Works and Parks Departments. The city had to suspend Public Works' customer support, billing for the Parks Department, and vehicle intake at an impound lot.

Experts believe that the ransomware did not result from spam email, although they have not stated the source.

According to the president of the Baltimore City Council, there is no evidence that cybercriminals stole personal data from the city's system, but the city has shut down a majority of its servers as a precautionary measure.  

A ransom message on affected computers demanded that the city pay three Bitcoins, or around $76,000, to restore its disabled services. City officials did not say whether they would pay the ransom.

This ransomware attack resembled other cyberattacks against cities. In April, the RobbinHood virus crippled Greenville, North Carolina's computers. In March 2018, a cyberattack shut down internet service at Atlanta's airport. In that attack, cybercriminals demanded $51,000, which city officials may or may not have paid. A previous attack against Baltimore hamstrung the city's 911 and 311 automated message systems.   

In the two years prior to March 2018, there were 184 cyberattacks against local government and public safety agencies in the U.S. that affected hospitals, transportation, billing, communications, and other services. J. Brian Charles "After Second Ransomware Attack in 14 Months, Baltimore Refuses to Pay" governing.com (May 08, 2019).


Ransomware can hamstring your organization, whether you are a small operation, a major U.S. city, or a large corporation.

The FBI and cybersecurity experts recommend never paying cybercriminals a ransom. They say that paying incentivizes ransomware attacks. It will lead to more cybercriminals with more targets.

Email phishing scams are the main way that cybercriminals commence a ransomware attack. Cybercriminals will often create fake emails that look like they are coming from a coworker, a known vendor, or other familiar source. Employee training should focus on the risk of phishing emails from downloading unknown, unverified attachments or clicking on unknown links.

In addition to training, organizations can protect their network by partitioning it. That way, if cybercriminals do infect part of your network, it will not shut down your entire operation.

In addition, if you have data that does not need to be accessed online, store it on computers that are not connected to the internet.

Routinely back up all information that is essential for operations onto a hard drive that is not connected to the internet. Having data stored where cybercriminals cannot access it means you can resume operations even if ransomware locks you out of your network.

Finally, your opinion is important to us. Please complete the opinion survey:

Are you a new user?

Register Here


Retrieve Password

Recent News

Lessons Learned From The Equifax Data Breach

Recent large data breaches like Equifax, Capital One, and American Medical Collection Agency illustrate the risks of storing confidential and personal information. We examine. Read More

Not All Search Engine Sites Are Safe: The Fallibility Of Blacklisting

Blacklisting helps users avoid malware-infected sites, but there are flaws. We examine. Read More

Ransomware: Still A Risk For All Organizations

Cybercriminals often spread ransomware and other malware through phishing emails. Learn why employee training should not be your only protection. Read More

Recent Articles

Stifling Intimidation To Improve Workplace Communications

Workplace surveys find managers may be perceived as more intimidating than they may think, which hinders effective communication. Read how all managers can improve. Read More

Spear Phishing Targets Executives By Manipulating Employees: Success Levels Are High

CEOs are being specifically and successfully targeted by cybercriminals for spear phishing. Learn more about what you can do to prevent this. Read More

The Capital One Hack Exposes The Risk Of Cloud Services For Employers

A former employee of a large cloud hosting company hacks into the sensitive data of Capital One, exposing thousands to identity theft. Jack McCalmon examines the risk for every employer. Read More