Ransomware has been making headlines the past few years, and that’s for good reason.  Out of all types of malware, ransomware is the best “low-risk/high-reward” solution for a cybercriminal.  Worst case scenario, you cover your tracks well and people never find out you did it.  Best case scenario, people are sending you the Bitcoin you asked for left and right.

According to Business Insider, ransomware is responsible for $25 million in revenue to hackers each year.  Why wouldn’t they jump on the profitable train that is ransomware?

The latest victim is the city of Johannesburg, South Africa, whose electricity was jeopardized due to a ransomware attack.

A Shocking Discovery

On July 25^th, the city of Johannesburg was put at risk by a ransomware attack targeting City Power, the main electricity supplier for Johannesburg.  While City Power assures that none of their customer’s information was stolen or breached, the attack caused a fair bit of inconvenience.

The ransomware attack encrypted the whole I.T. department of City Power, according to a tweet they sent out during the attack.  Servers, databases, their network, everything.  Not only was the I.T. department inconvenienced, but so were customers.  The website was down the whole time the attack was in effect, disallowing customers from doing important work, such as checking invoices or buying more electricity.

Strike One

The good news is that Johannesburg is back up and running!  The ransomware attack is done, everyone’s information is safe, and the city of Johannesburg can sleep soundly.

But how long will it last?

With an increase in ransomware attacks in recent years, how often should we expect a ransomware attack to strike?  It was only half a week later that police equipment in Louisiana was taken down by a nasty bout of ransomware.  What’s worse is that the police equipment were taken offline after the state of Louisiana was put under a state of emergency after ransomware nicknamed RobbinHood took down the state’s I.T. department for almost a month!

Ransomware is terrifying.  Best case scenario for ransomware is that you call the hacker’s bluff and can get rid of the block.  Worst case?  You lose all your data, money, or even your device.

Yet despite the harm that ransomware can cause, it seems that the majority aren’t aware or just don’t care about it.  The WannaCry ransomware stormed headlines throughout 2017, yet most don’t even remember it.

(As a side note, almost two million computers are still at risk of a WannaCry attack.)

It seems that some people think that keeping yourself secure requires nothing more than common sense and a reliable VPN server.  Sure, these will do just fine, malware can attack from anywhere, and it’s risk should never be discounted.

Solutions to Ransomware

First off, keep in mind that most ransomware attacks through email attachments.  If you find yourself avoiding opening spam emails, keep doing that.  Common sense is king when it comes to avoiding malware.

If you’re using common sense, there’s not much else you can do to avoid ransomware, but that should keep you away from 99% of malware.  However, malware can make it’s way onto your devices through your network, so make sure that your home network is secure as can be: password-protected, network hidden from passerby, etc.

And if you do all this and still find yourself at the mercy of ransomware, don’t even think about paying.  Sure, you could get your data back, but you have a better chance of joining the NFL.  You may lose data, but you don’t have to lose hundreds of dollars either.

Johannesburg is only one example of a widespread problem when it comes to cybersecurity.  I sound like a broken record, talking about flawed cybersecurity, but it’s an issue that deserves to be talked about.  If a city can lose access to paying for electricity because of some malware, there’s a bigger issue in play than the one incident.

I won’t be surprised if we experience a WannaCry 2.0 in the next few years, but make sure that you and/or your business avoid a tragic fate.  Don’t click on random emails, keep your network secure, and most importantly, stay educated.