SPRINGFIELD, Tenn. (WKRN) – Ransomware is a tool used by hackers to steal important information before turning around and demanding money in order to release it back to the victim.
A recent attack targeted the city of Springfield, Tennessee, encrypting all of the city’s important files.
Springfield’s Finance Director, Lisa Crockett, first realized there was a problem last week.
“Upon further investigation, we noticed that the entire server had been encrypted, which includes our enterprise software which is all the programs we use to run the city,” said Crockett.
She told News 2 she contacted the city’s information technology company and they responded to an email address attached to the encrypted files.
The company received a reply telling them that all the city’s files had been encrypted and if they wanted them back, they needed to pay a $1,000 ransom.
Fortunately, the city had all of all of the information backed up on other sources so it didn’t have to pay the ransom.
Springfield Police Chief David Thompson told News 2 he is aware of other businesses who were in the same situation and weren’t so lucky.
“I have become aware of a number of businesses that simply payed the money out because they had to have their data back. I am aware of some of those who have payed tens of thousands of dollars to get their data restored,” said Chief Thompson.
He told News 2 the best defense against ransomware is to outwit the attacker by not being vulnerable to their threats in the first place.
This means backing up important information daily, so even if your computers and servers get locked, you won’t be forced to pay to see your data again.