More than a month after the City of Atlanta was hit with a SamSam ransomware virus, the government is still struggling to get back to normal operations. Water and sewer bills must be paid in person instead of online or over the phone. Public WiFi at the country’s busiest airport was down for two weeks. It’s been one of the highest profile ransomware incidents in the US, with the city paying out nearly $2.7 million in emergency contracts to crisis management consultants and IT specialists. Experts say the city’s road back to normalcy will be a long one.
“It takes a while to rebuild and reconstruct applications and network devices,” said Walter Tong, security architect for the Georgia Technology Authority. “Hackers choose targets and they find ways of getting there, whether it’s to cause a disruption of service or destruction of data, or both.”
Hackers look for vulnerabilities in network settings and older devices.
“You can spend a lot of time on educating, making sure your network devices are patched and secure,” Tong said. “But once it happens, you have to have an instant response plan.”
Uplogix can be part of your instant response plan with abilities to rapidly reset your network infrastructure for differing emergency scenarios as an attack is underway, or for rebuilding devices after the fact.
After a breach, Uplogix can operate independently of the network over its dedicated out-of-band connection. Continuous monitoring means quick alerting when there are issues and last-known or golden configurations can be pushed to devices, wiping out malicious changes. The secure out-of-band access ensures access even when the primary network is down or degraded.
Your instant response plan can include configurations for a “safe mode” for network devices, limiting functionality to effectively quarantine sections of your network. With Uplogix you can push a config to one device, or thousands deployed across your network.
For more information, see the Network Restoration Blueprint infographic.