Government Agencies Need to Be Proactive About Ransomware

By August 20, 2019 Uncategorized
Why Government Agencies Need to Be Proactive About Ransomware

Think only private companies are targets for hackers? Think again. A new and disturbing trend in cyberattacks on city, regional, and state governments is gaining new levels of severity in the United States. Cybercriminals, armed with ransomware, are increasingly targeting government bodies. From small towns to large cities, not a single place is exempt. Government agencies have long been a target of nefarious groups and individuals, but in the last few years the frequency and severity of these attacks has increased significantly.

It’s well-known that hackers frequently target startups and small businesses—these entities often lack the robust cybersecurity of more established companies. However, what’s surprising about the spate of ransomware attacks on municipalities across the country is that so many of these offices have ineffective defenses against such tactics. Once in, hackers can—and do—shut down city government operations (email, phone systems, networks, file servers, security cameras—anything connected to the compromised network).

Capturing and/or encrypting government data for ransom is a terrifying new phenomenon in the cybersecurity scene. Read on to learn about this trend and what government bodies large or small can do to protect against this threat.

Ransomware is Proving Effective, Destructive and Lucrative

Imagine trying to run a city the size of Atlanta or Baltimore as if it was once again 1950: there are now neither email nor phone lines, even the printer doesn’t work. Utility bills, such as water and trash, cannot be paid unless residents send a physical check. Likewise, say goodbye to any records except for those which exist in a series of binders neatly stored in some far-flung hallway storage. Actually, that’s exactly what happened in both of those cities in the space of less than a year.

Ransomware, as the name suggests, encrypts data from a computer or server (sometimes even capturing and transmitting data to an offsite location) and demands money in exchange for a decryption key. Often, this ransom runs into the tens, if not hundreds of thousands of dollars. And, more often than not, cities pay. They have little other recourse. Attempting to recover the stolen data manually is too time-consuming, expensive, and crippling to the government body.

As a result, hackers are having a field day. According to The New York Times, the FBI received approximately 1,500 reports of ransomware attacks from municipal bodies, hospitals, and private institutions in the past 12 months.

Ransomware is the Biggest Malware Threat of 2019

2018 saw a massive increase in ransomware attacks, a trend that has quickly dominated the cybersecurity scene in 2019. Notably, ransomware takes advantage of the fact that many organizations—especially municipal governments—cannot defend against or outwit such attacks. Most of the major ransomware attacks on city and regional governments have exhibited similar features, including:

  • A lack of adequate backups, or backups in unsecured locations.
  • Poor access controls, meaning that attackers can completely cripple government functions by accessing the entire network.
  • Staff that was not trained to spot suspicious emails.

In other words, small-town governments—and sometimes even big cities like Atlanta and Baltimore—are easy targets. Fortunately, there’s a way to change that.

Proactive Planning Is Critical

The rise of ransomware means that, for most private and public sector institutions, it’s not a matter of if a hacker strikes but when. Government bodies all across the US can learn from the cautionary tale of the handful of cities which have already faced extraordinary expenses trying to wrestle their data back from criminals.

CDS specializes in helping organizations and government bodies prepare for, prevent and recover from ransomware attacks. Our unique combination of business continuity and disaster recovery plans, alongside partnerships with best-in-class solutions providers means that a proactive plan for ransomware isn’t just possible, it’s accessible to every budget level. These partnerships address  key elements in surviving a ransomware attack:

  • Business Continuity & Disaster Recovery (BCDR). A secure BCDR policy neutralizes the power of ransomware by ensuring that a company always has access to its records. CDS partners with Datto to deliver flexible, secure solutions capable of restoring access to systems in a manner of minutes.
  • Email Security. A leader in the enterprise email security industry, Barracuda introduces robust security measures to keep malicious actors out of employee inboxes while ensuring that communications remain seamless.
  • Network Security. Ransomware takes advantage of poor planning and security policies to gain free rein over a network. Next-generation firewall technology from Cisco Meraki analyzes network traffic with a state-of-the-art intrusion detection engine and gives IT personnel complete control over network traffic.

Everyone need ransomware protection—especially governments. These three elements combine under CDS’ comprehensive managed technology services to provide exactly that. Create a bulletproof strategy, run by a team of seasoned IT specialists, which seals out cyberattacks once and for all.

Get the Next Generation of Cybersecurity With CDS

Ransomware has proven to be a serious threat not just because it’s so damaging to offices which succumb to it but because it’s often so easy for cybercriminals to accomplish it. For city and state governments, however, it’s both embarrassing and expensive. Fortunately, there are many steps which even small city halls can take to ramp up their cybersecurity. Call CDS today to talk about a free network assessment and form a plan for better cybersecurity.

CDS specializes in outfitting government agencies and businesses with the cybersecurity strategies necessary to remain functional and secure. Read about government contracting or contact us to schedule a consultation.