Effective April 1, 2019, the AmTrust Workplace website for your Employment Practices Liability (EPLI) coverage written with your Package, BOP or Workers' Compensation policies is being updated to a new name, AmTrust Employment Risk Solutions, and a new URL, AmTrust.EmploymentRiskSolutions.com. Your existing user credentials will remain in effect and can be used to log in to the new site. Please contact The McCalmon Group, Inc., platform administrators, 888-712-7667, if you have any trouble with registration.

AmTrust Workplace
print   email   Share

Ransomware: Still A Risk For All Organizations

A recent ransomware attack partially shut down Baltimore's Public Works and Parks Departments. The city had to suspend Public Works' customer support, billing for the Parks Department, and vehicle intake at an impound lot.

Experts believe that the ransomware did not result from spam email, although they have not stated the source.

According to the president of the Baltimore City Council, there is no evidence that cybercriminals stole personal data from the city's system, but the city has shut down a majority of its servers as a precautionary measure.  

A ransom message on affected computers demanded that the city pay three Bitcoins, or around $76,000, to restore its disabled services. City officials did not say whether they would pay the ransom.

This ransomware attack resembled other cyberattacks against cities. In April, the RobbinHood virus crippled Greenville, North Carolina's computers. In March 2018, a cyberattack shut down internet service at Atlanta's airport. In that attack, cybercriminals demanded $51,000, which city officials may or may not have paid. A previous attack against Baltimore hamstrung the city's 911 and 311 automated message systems.   

In the two years prior to March 2018, there were 184 cyberattacks against local government and public safety agencies in the U.S. that affected hospitals, transportation, billing, communications, and other services. J. Brian Charles "After Second Ransomware Attack in 14 Months, Baltimore Refuses to Pay" governing.com (May 08, 2019).


Ransomware can hamstring your organization, whether you are a small operation, a major U.S. city, or a large corporation.

The FBI and cybersecurity experts recommend never paying cybercriminals a ransom. They say that paying incentivizes ransomware attacks. It will lead to more cybercriminals with more targets.

Email phishing scams are the main way that cybercriminals commence a ransomware attack. Cybercriminals will often create fake emails that look like they are coming from a coworker, a known vendor, or other familiar source. Employee training should focus on the risk of phishing emails from downloading unknown, unverified attachments or clicking on unknown links.

In addition to training, organizations can protect their network by partitioning it. That way, if cybercriminals do infect part of your network, it will not shut down your entire operation.

In addition, if you have data that does not need to be accessed online, store it on computers that are not connected to the internet.

Routinely back up all information that is essential for operations onto a hard drive that is not connected to the internet. Having data stored where cybercriminals cannot access it means you can resume operations even if ransomware locks you out of your network.

Finally, your opinion is important to us. Please complete the opinion survey:

Are you a new user?

Register Here


Retrieve Password

Recent News

Cybercriminals Target Seniors: What Employers Should Know

With cybercriminals stealing $40 billion annually from seniors, everyone needs to know how to protect themselves and the older adults they know. We examine. Read More

Drive-By Downloads: A New Way For Malware To Infect Your Phone Or Computer

Some malware requires no action on your part to infect your device. Learn how to protect yourself from this type of attack. Read More

Worm Risks Highlight The Need For Fast Patching

A million computers remain vulnerable to the BlueKeep flaw, even though Microsoft released a patch. Read why you must keep devices updated, and what can happen if you don't. Read More

Recent Articles

Cybercriminals Target Seniors: What Employers Should Know

With cybercriminals stealing $40 billion annually from seniors, everyone needs to know how to protect themselves and the older adults they know. We examine. Read More

Managing Hearing-Impaired Employees: Avoiding ADA Risk

The EEOC settles a disability discrimination lawsuit with a large retailer who refused to provide reasonable accommodations to deaf employees. We examine. Read More

Fraud In Procurement: Criminal And Civil Exposures

An ex-CEO is charged with four counts of making false statements to obtain government benefits. Learn about the statutes that regulate the risk. Read More