Global 'WannaCry' Ransomware Attack Offers Peek at Local Government's Next Battle

Cities and counties must constantly be vigilant and aware of their surroundings, and understand how these things work.

by Jessica Reynolds, The Daily Star, Oneonta, N.Y. / May 17, 2017
Shutterstock

(TNS) -- The weekend’s global cyber-extortion attack has reinforced the need for hospitals, businesses, banks, and other large organizations to update their computer operating systems and security software, area officials said Monday.

Computers across the world were locked up Friday and users' files held for ransom after dozens of countries were hit in a cyberattack that targeted hospitals, companies and government agencies, according to The Associated Press. It is believed to be the biggest attack of its kind.

The cyberattack infected computers with what is known as "ransomware" — software that locks up the user's data and flashes a message demanding payment to release it.

Security experts said the attack appeared to be caused by a self-replicating piece of software that enters companies and organizations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files, according to the AP.

Britain's national health service fell victim, its hospitals forced to close wards and emergency rooms and turn away patients. Russia appeared to be the hardest hit, according to security experts, with the country's Interior Ministry confirming it was struck.

Brian Pokorny, Otsego County, N.Y.'s director of Information Technologies, said the county had two "phishing" attempts last week and is working with the state Office of Technologies and state police to see if the attempts were tied to the global ransomware attack.

"Phishing is when an email comes in and it appears to be from someone you know," Pokorny explained Monday. "But it's a spoof. … One of ours came from South Korea and the other was from Nigeria."

Pokorny was able to identify the phishing attempt within minutes and block it, he said, so the county's system wasn't compromised. But it could have been.

"This is the next battlefront, in my mind," Pokorny said. "You have to constantly be vigilant and be aware of your surroundings and understand how these things work. The ultimate solution would be disconnecting from the internet, but that's not really an option these days. We're in good shape, but it's a constant battle."

In England, the large cyberattack crippled hospital computer systems, with appointments canceled, phone lines down and patients turned away. One patient's heart operation was canceled, the AP reported.

In mid-April, A.O. Fox Memorial Hospital in Oneonta adopted an "electronic health record" designed to improve care coordination and medication safety. The system puts patients’ health information into one consolidated Bassett Healthcare Network record, so that it's available across the network.

Karen Huxtable Hooker, spokeswoman for Bassett Healthcare Network, said Bassett, like all hospitals and health systems, "employs several security strategies to protect against malicious attacks."

"Bassett continues to monitor all of its systems as well as national and international developments," she said in a Monday email statement. "Safeguarding our ability to care for patients and their medical information is a top priority for Bassett, and we will continue to work closely with our security partners and vendors to identify and address security threats in a proactive manner."

NBT Bank must also be careful to protect customers and information, according to Florence Doller, senior vice president and director of corporate communications.

"In communicating with our customers, we encourage them to always be cautious before opening any emails with links or attachments from an unknown source," Doller said Monday. "It’s also critical to make sure that computer applications and anti-virus protections are up to date by using the most current software versions."

Chris Chase, chief executive officer at Directive, an information technology business in Oneonta, said he had a lot of email messages Monday from customers asking if they should be worried about the global malware attack. Thanks to preventive measures, none of Directive's clients were affected, Chase said, but he wrote a blog post warning customers and letting them know what to look for and how to prevent attacks.

Chase suggested running Microsoft updates and keeping computers up-to-date with anti-virus protection. Directive also uses a program that sends fake emails out to its hundreds of clients to see if they click any accompanying links. It's a test, he said, and based on the results, Directive can offer a class on how to tell if an email is "legit" or not.

"It's a phishing test to see how vulnerable our clients are," Chase explained. "Because that's the way most things get to you — through email. If you click, before you know it, they've installed something on your computer and you're in trouble."

Chase said another way to safeguard personal data on a computer is to invest in a good backup program. That way, if a person thinks his or her system has been attacked, it can be restored to a time before the attack, saving any compromised data.

Pokorny and Chase agreed that the best way to protect oneself from malware is to avoid clicking on links or opening attachments from suspicious-looking emails.

"Make sure your operating system and virus protection are up to date," Pokorny said, "and always avoid weird emails."

©2017 The Daily Star (Oneonta, N.Y.) Distributed by Tribune Content Agency, LLC.