The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up
Furnished content.
The City of Baltimore was hit with a ransomware attack in May of this year. Criminals using remodeled and rebranded NSA exploits (EternalBlue) knocked out a "majority" of the city's servers and crippled many of its applications. More details didn't surface until September when the city's government began reshuffling the budget to cover the expenses of recovering from the attack.The person in charge of the city's systems was Frank Johnson, who went on leave (presumably permanently) after a post-attack audit found the IT director hadn't done much IT directing.Johnson, who also serves as the city's chief digital officer, received significant criticism from local authorities for the response to the May 7 attack. City council members alleged a lack of transparency and communication in the wake of the incident, as well as an inability to maintain a functional organization "during an emergency event." He also also never drafted a continuity of operations plan for an IT attack of the kind that occurred. It looks like the list of stuff Johnson was being paid to do that he never did. Hence the catastrophic outcome when the city refused to pay the $76,000 ransom. Given the fact that $6 million has already been pulled from parks and public utilities funds to "harden" city systems, the $76,000 demand now seems like a bargain.City residents should be asking WTF their tax dollars are being spent on. The city's audit of its compromised system rolls on, delivering even more embarrassing details about the city's IT skill set. (via Ars Technica)A new audit of Baltimore’s information technology department says the agency lost key data during May’s ransomware attack because some in the agency used an outdated method for storing files: the hard drives on their individual computers.[...]“Performance measures data were saved electronically in responsible personnel’s hard drives,” [Baltimore City Auditor Josh] Pasch reported. “One of the responsible personnel’s hard drive was confiscated and the other responsible personnel’s selected files were removed due to the May 2019 ransomware incident." Bureaucracies are prone to understatement and the assessment of the ghastly state of affairs by Pasch was no exception. According to Pasch, the permanently-missing data resulted in a "loss of confidence" in the city's IT department's ability to do its job.This understatement brought the hearing to a halt as council members expressed their disbelief that city data was not being backed up. Their comments were less understated.Hearing that, City Councilman Eric T. Costello, a former government IT auditor himself, stopped the hearing.“That can’t be right? That’s real?” Costello asked. It's apparently real. City data needed for an audit cannot be recovered because the IT department never made an effort to express the dangers of storing the only copy of data locally. It also apparently never made a push to create cloud backups of important files. When the ransomware struck, the stuff locked up was -- in far too many cases -- to only copy of that stuff.The tragically hilarious postscript to this is the city's response to Ars Technica's request for info on the city's cyberattack recovery plans.Ars has requested information from the city regarding the contracting details for the recovery, but the city has thus far provided no data. Requests for data on the status of patches and disaster recovery plans were refused because the documents do not exist as a result of the ransomware attack. It's easy to mock governments for their inability to properly handle the massive amounts of data they collect, create, and retain. And so we shall. The city figures it will cost $18 million to recover from a rejected $76,000 ransom demand. I guess if you're going to play chicken with extortionists, you might want to make sure your backup plans at least meet min spec.
Permalink | Comments | Email This Story
Read more here
posted at: 12:00am on 16-Oct-2019
path: /Policy | permalink | edit (requires password)
Blizzard's Face Plant Creates Marketing Opportunity For Companies With A Spine
Furnished content.
Blizzard's decision to pander to the Chinese government is a PR headache that simply isn't going away. Last week, games giant Blizzard stepped in a minefield when it severely punished a Hearthstone player for supporting the protests in Hong Kong during a championship live stream. The reaction was swift, justified, and severe, with everyone from gamers to Blizzard employees accusing the company of prioritizing profits over principles.After days of silence, Blizzard ultimately issued a statement on the decision and, while public backlash forced it to retreat from some of the player's more severe punishments, the company doubled down on its decision to censor players for political opinions, ignoring most of the criticisms leveled by human rights organizations like Access Now. It also tried to claim with a straight face that its financial interests in China played no role in the decision:The specific views expressed by blitzchung were NOT a factor in the decision we made. I want to be clear: our relationships in China had no influence on our decision. We have these rules to keep the focus on the game and on the tournament to the benefit of a global audience, and that was the only consideration in the actions we took. Sure, Jan. While the gamer violated tournament rules by injecting political opinion, Blizzard's over-reaction (the gamer lost all awards and prizes and faced a one year ban from competition) showcased a company absolutely terrified of losing out on Chinese cash. It could have adhered to its rules by applying a more modest punishment. Instead it behaved in a way that made it clear to everybody that Blizzard's principles like Every Voice Matters--etched at the base of a statue at the company's headquarters--couldn't hold a candle to the potential money to be made in China.But one company's disastrous face plant is another company's marketing opportunity. Fortnite developer Epic Games utilized the PR fracas to proclaim that it would not censor gamers simply for having political opinions, insisting companies can walk (embrace fundamental human rights) and chew gum (make a living selling games and game stream ads) at the same time:Fortnite developer Epic Games said in a statement that it will not ban players or content creators for political speech. The message comes after Blizzard caught fire this week for banning a professional Hearthstone player for shouting a statement associated with Hong Kong protesters.Epic supports everyone's right to express their views on politics and human rights. We wouldn't ban or punish a Fortnite player or content creator for speaking on these topics, an Epic Games spokesperson told The Verge. That statement came despite the fact that Chinese tech giant Tencent has held had a 40 percent stake in Epic since 2011. In contrast, Riot Games, developer of League of Legends, is now 100 percent owned by Tencent. On Friday it effectively sided with Blizzard, proclaiming that broadcasters should "refrain" from discussing "sensitive topics" during game streams. Because, you know, god forbid some kid playing a game express something akin to empathy, while an authoritarian government threatens to "crush the bodies and shatter the bones of Hong Kong residents":"As a general rule, we want to keep our broadcasts focused on the game, the sport, and the players, John Needham, the global head of League of Legends e-sports said in a statement. We serve fans from many different countries and cultures, and we believe this opportunity comes with a responsibility to keep personal views on sensitives issues (political, religious, or otherwise) separate." Upsetting China's authoritarian government means potentially losing billions for companies dreaming of international expansion, so, more often than not, cutesy purported principles like "every voice matters" are going to hold up like tissue paper in a thunderstorm. Still, there's a marketing opportunity here for companies interested in showing how having a spine and respecting basic human rights isn't inherently "bad for business." Either way, with protests planned for Blizzard's BlizzCon convention early next month, this was an unforced error that's not going away anytime soon.
Permalink | Comments | Email This Story
Read more here
posted at: 12:00am on 16-Oct-2019
path: /Policy | permalink | edit (requires password)
|
|