The city of Baltimore estimates that the May 7 ransomware attack on city computers will cost at least $18.2 million to restore systems and make up for lost or delayed revenue.
We've rounded up resources and articles from SHRM Online and other trusted outlets on the news.
City Pays Much More Than Hackers Demanded
The hackers demanded a ransom in bitcoins worth about $76,000 on the day of the attack, but Mayor Bernard C. "Jack" Young refused to pay, saying "we're not going to pay criminals for bad deeds. That's not going to happen." He added that even if the city were to pay the ransom, "there's no guarantee that if you pay, you reset your system."
Since the attack, employees had been without access to their work e-mail. Many resorted to creating Gmail accounts as a workaround before Google's security system flagged some of the accounts as suspicious and briefly suspended them.
(The Baltimore Sun)
Ransomware Attacks Increase
Ransomware is becoming an increasingly common cause of cyber loss for businesses. According to the NAS Insurance 2019 Cyber Claims Digest, which analyzed data from 2018 claims, ransomware was the second most common cause of cyber claims last year, just as it was in 2017.
(Insurance Business America)
More Cities, States Targeted
The Baltimore incident follows last year's high-profile ransomware attack in Atlanta, which cost the city an estimated $17 million to fix. There have been at least 24 reported ransomware attacks on municipalities in 2019 so far, including Greenville, N.C., and 46 last year, according to Moody's Investors Service.
(Bloomberg)
Ransomware Just One of Many Risks to HR Data
Artificial intelligence and application programming interface technologies that connect disparate HR systems have brought important new benefits to the workforce but have also created new risks to the security and privacy of sensitive human resources data.
(SHRM Online)
HR's Role in Cybersecurity
HR is the conduit between the IT security department and staff—clarifying policy, providing resources, and working behind the scenes to recognize and anticipate the potential information security issues that arise in every company.
(SHRM Online)