Saint Paul says that the violation of cybersecurity was a ransom attack. What does that mean?

Saint -Paul City officials say they hope to restore the online systems by the weekend, after they are called a ransom attack. They said they did not pay the ransom.

Mayor Melvin Carter says the city is going through the “Saint Paul Operation”, which includes manually reset passwords for 3,500 city employees.

To explain what the ransom attack is, Professor Faisal Cleem joined Minnesota now with Nina Mutini. He is the director of cybersecurity and electronic operations at Metro State University.

The following conversation was edited for length and clarity. Use the sound player above to listen to full conversation.

Describe what is the ransom attack.

In a technical term, it is basically digital extortion. Close my criminality for your data and demand payments to be repeated. Think of a thief to sneak into your desk, lock each deposit cabinet and leave a note that says you can only restore your leaves if you pay. You are talking about harmful programs or a harmful program that holds your files or your system to pay a ransom.

Unlike the money, what does the ransom striker from St. Paul?

I would like to say that this seems to be what we call the dual blackmail attack. What this means is that they are not only claiming that they closed the data, but then, let’s say that the city said that they will not pay the ransom, as the attacker may threaten the leakage of data. This is the definition of the double blackmail attack.

Are there other options to solve the problem after paying a ransom?

This is where the term flexibility comes. Flexibility simply means that the city of Saint -Paul has maintained a good backup copy of the data. So, if they do not pay the ransom, and if they can stop the system by simply discovering these activities, this means that they have already kept some backups of good data, which means that they should be able to restore most of the information if they decide not to pay the ransom.

Do you have any idea about what something like that would cost the city?

Retrievance costs often exceed ransom requirements, as they sometimes include system rebuilding. Then there are legal expenses, then there are preventive promotions. There are operational disorders.

But moreover, with this type of event, unfortunately, I always say that reputation and confidence are also a great cost. Residents expect data and services to protect without interruption. An attack like this can eat this confidence.

In case, let’s say, data leakage, even after recovery, sensitive information can be leaked online, creating long -term damage.