Ransomware is a worldwide threat, targeting large corporations down to home users. But in a disturbing trend, attacks are frequently being committed against all levels of local governments, from the city of Atlanta, Georgia to school systems in Montana and South Carolina. Ransom demands in these cases range from several hundred to tens of thousands of dollars to unencrypt the data.
As Maureen Gray, COO of Blue Ridge Networks, a Virginia-based cybersecurity firm, explains, it’s a matter of opportunity. “To a hacker, they seem like the proverbial ‘low-hanging fruit.’ Local governments may not have the same level of cybersecurity as state or federal agencies or large corporations can employ, as they just don’t have the same funding available,” Gray explained.
Governments have the additional burden of delivering uninterrupted services to the public. A hack can interfere with operations from licensing and trash collection all the way to public safety and health. So, some local governments have chosen to pay the ransom.
That goes against the recommendations of law enforcement and many cybersecurity experts. But, if it comes down to a few thousand dollars versus spending millions to recreate the data and recover from the hack, why not just pay up?
Gray said there are two key reasons. “First, it encourages the hackers to continue trying to extort money from you and other victims. Second, there’s no guarantee you’ll get your data back, your systems are still compromised, and realistically, you’ll still have weeks or months of cleanup to do.”
No one is immune to these threats, Gray said, but added that including a layer of defense on top of common security best practices can mitigate these types of breaches. “Typically, the first step in cyber best practices is to seriously examine your network for obvious vulnerabilities. Are you running the latest operating systems everywhere, and have all security patches been applied? Are your users’ passwords strong? Is your data regularly backed up? And are you engaging your users to help maintain security?” Often, the answer to a lot of these questions is no. Updating, patching, and backing up data are all time-consuming and tedious tasks that even some of the largest organizations’ IT teams have trouble keeping up with. To alleviate some of the strain, organizations need to look to implement a non-intrusive breach prevention system that mitigates these vulnerabilities without depending on critical security patches, scanning, or updates.
A good deal of malware gets onto a network through a simple click – a user clicks on a link in an email or visits a website that downloads code to the user’s system. That code proliferates quickly, often spreading throughout the network in a matter of minutes.
The risks are increased by mobile device usage. “Smartphones, tablets and laptops come in and out of the network from both employees and third-party vendors or contractors,” Gray said, “and that means more opportunities for malicious code to slip past the network’s protections.” She also pointed to home computers and USB flash drives as a source of attacks. “If you log in remotely or copy files from an infected system and move them onto a clean one, it opens the door to a ransomware attack.”
For local governments looking to step up their cybersecurity posture, Gray says security tools need to keep up with the attacks. She suggests that endpoint security should be considered as part of the strategy. “By implementing a breach prevention tool that stops breaches before a compromise occurs, without the need for scanning or detection, you can render malicious code harmless early and actively prevent it from executing and doing any damage to the enterprise network.”
Her advice to local governments? “Think of security as a way of life,” Gray explained, “It’s an ongoing battle, but in the end, the right policy, the right tools and the right attitude from your users can give you the advantage.”
Ready for the next level of endpoint breach prevention? Click here to find out more.