SAVANNAH, Ga. (WSAV) – St. Joseph’s/Candler (SJ/C) officials say they’re still working diligently to get their main computer system back up and running.
SJ/C was hit by a ransomware attack last Thursday, and some are still wondering how this could happen.
In the past, when major companies like SJ/C are hacked, they are stuck between a rock and a hard place.
They can pay up if the hackers are asking for ransom money, and that could get them back access to their computer systems. On the other hand, they could build back up their security systems from scratch.
“Colonial Pipeline, their CEO paid $4.4 million, the next day to get his system back,” said Dr. Frank Katz, Director of Cyber Security at Georgia Southern.
“Every company is different. I don’t know what St. Joe’s/Candler is going to do with their data and their system,” he added.
The Georgia-based Colonial Pipeline, which provides nearly 45% of fuel to the East Coast, was hacked back in May.
Katz says they had what’s called a virtual private network or VPN. He says it helps protect or encrypt data that is being transmitted from point A to point B.
“Colonial Pipeline had a VPN that was a server that they were no longer using that was still connected to the network,” said Katz. “The hackers found it and they found the user IDs and passwords and that’s how they got into Colonial Pipeline.”
Katz says if you pay the ransom, there is no guarantee you’ll get back access to your system
His advice to companies is to always delete the user IDs and passwords of employees who leave and clear any devices that may be connected to those credentials.
Katz says, unfortunately, unlike computers, people make mistakes.
“They aren’t making malicious mistakes,” said Katz, “they are making accidental mistakes, but that opens the door for the bad guy to get in.”