Baltimore, MD had a crippling ransomware attack in 2019

The city services of Baltimore, MD ground to a halt two weeks ago after a ransomware attack. It’s expected that it will take months for them to finish rebuilding their servers.

We’re not going to summarize the article here, instead, here are three actionable takeaways:

  1. Assume that it will happen to you. For Baltimore, last year’s attack on Atlanta was an early signal that cities are being targeted. Over 70% of ransomware attacks now target SMBs, that means you.
  2. Have a disaster recovery plan. If you assume it’s going to happen, plan for it. The simplest of plans go over just a couple of things: is our critical data backed up? How do we recover it? What computers do we work off of while we recover? Great disaster plans will do more, but those three questions are at least a start.
  3. Test your plan annually. Your plan is an aspiration until you do a firedrill on it. Find some computers to borrow and try to do a live recovery of the data you identified in step 2. 99% of the time you missed something: that’s fine, that’s why you run a firedrill. Because your data changes periodic tests are needed.

Is there more to do? Yes. But do these three things and you’ll be way ahead of the curve.