Practical Measures for Local Government to Avoid Ransomware
The recent ransomware attack by DarkSide on the Colonial Pipeline, which is one of the largest pipelines in the United States, emphasizes how vulnerable U.S. infrastructure is to a cyberattack. The East Coast pipeline, which supplies 45% of the East Coast’s fuel, was shut down for six days to stop the attack. Gas prices rose and gas supplies were affected by the incident. Ransomware encrypted company files.
Joseph Blount, the CEO of Colonial Pipeline Company, stated that he authorized the payment of $4.4 million because he was unsure how bad the cyberattack had affected his systems and how long it would take for the pipeline to be restored.
Many state and local governments had to adapt quickly to digital technology to continue providing services and keep in touch with constituents. Digital transformation meant that many functions performed in person were replaced by cloud-based systems.
The digital transition allowed local and state governments to continue providing vital public services during the pandemic. However, cyberattacks escalated dramatically due to the spread of the virus worldwide. Because they store, process, store, and transmit large amounts of sensitive information, cybercriminals are actively targeting state and local governments.
Ransomware attacks are one the most common types of cyberattacks. Comparitech recently reported that there were 79 ransomware attacks on U.S. government agencies in 2020. These attacks cost $18.88 million in downtime and recovery.
Ransomware is malicious software that encrypts data on the affected systems. It can block access to computers files and systems unless a ransom is paid for a decryption code. Ransomware can be particularly dangerous for municipalities as it can shut down operations. This can disrupt infrastructure services, such as utilities and 911 systems.
What can municipalities do to prevent becoming ransomware victims?
Ransomware can be prevented by proper preparation and security. Although it may seem impossible to improve cybersecurity without spending a lot, there are simple and inexpensive security measures municipalities can implement to prevent ransomware attacks. Here are some best practices for state and local governments to increase their cyber resilience.
Updates and patches
Ransomware attacks that were widely reported in Atlanta, Baltimore, and Prince Edward Island in Canada were caused by hackers who infiltrated government networks using systems that hadn’t been updated. Older software and operating systems can be a security risk for state and local governments. Hackers are always looking for software vulnerabilities and security flaws to exploit. Software updates are essential because they include the most recent features and often patches for security vulnerabilities. Municipalities can prevent ransomware attacks by making sure that automatic updates are turned on. Set reminders in Outlook and Google calendars for software that doesn’t offer automatic updates to check for new updates. Municipalities should have software update and patch management policies to ensure that patches and updates are regularly installed due to the increase in ransomware attacks. It is crucial to ensure that all operating systems, applications, networks, servers, and end-user desktops, laptops, and devices are up-to-date with the latest security patches and software updates. It is like not updating and patching all devices and systems that have access to municipal systems promptly when you go on vacation.
Antivirus Software and Firewalls
Without basic security measures like firewalls and antivirus software, municipalities are not likely to stop a cyberattack. A firewall is a good first line of defense to prevent hackers from gaining access to municipal systems. A firewall acts as a security barrier between the municipality’s network and external threats. A firewall monitors network traffic and blocks suspicious data. It also allows safe data to pass through the network. A firewall protects hardware and software by blocking unauthorized access. An antivirus program protects software and data by detecting infected files and quarantining them. Municipalities need to ensure that their antivirus software offers protection against ransomware. Antivirus software is the best way to protect your computers and devices from malware, viruses, spyware, and other malicious code. All computers and devices that have access to the municipal network should have antivirus software installed. It is essential to set up antivirus software to run regular scans to protect against new threats. It is important to ensure that antivirus software and firewall software are regularly updated and patched.
Awareness and Training
CSO Magazine reports that 94% of malware is sent by email. Phishing attacks account for over 80% of all reported cybersecurity incidents. This shows how technology alone can’t prevent cyberattacks. Cybersecurity awareness and training are essential to protect municipal computers and data. Local and state governments should prioritize cybersecurity awareness training. This includes guidance on how you can report suspicious activity or incidents like phishing and another social engineering. Every employee should receive email reminders about cybersecurity every other month. This will remind them to be vigilant about opening attachments and malicious websites and to stay safe from malware and ransomware infections. Hackers continue to develop sophisticated ways to combat cyber resilience. Employees should be kept informed by ongoing awareness training. Municipalities can no longer excuse themselves for not having the resources or budget to invest in cybersecurity training and awareness. Here are some links to free or cheap cybersecurity awareness and training materials for local and state governments.
Backup and Recovery
Cyberthreats change constantly, so solutions like firewalls and antivirus software are only one part of a comprehensive cybersecurity strategy. A backup copy of all files and systems is one of the best and most cost-effective cybersecurity measures a municipality can take to protect itself from ransomware attacks. Backups are a backup of the municipal data and systems. They can be restored if the network is affected by ransomware. A municipality can restore its data to the point before the ransomware attack, without losing any data that was created after the backup. Municipalities must establish backup procedures to ensure that they can quickly restore services and prevent disruptions from ransomware attacks. Backups can be saved on an external hard drive, flash drive, or offsite in a cloud. Municipalities should ensure that backups are encrypted to protect them from ransomware.
Ransomware attacked Riverside’s fire and police departments servers in 2018. This attack caused the department’s records management system to be unable to function properly. The ransom was not paid by the city and 10 months of data were lost. Backups could not be restored. If a backup cannot be restored when it is required, it is useless. To ensure that backups are valid and recoverable, it is important to regularly test them by restoring data from a backup. Municipalities should establish policies and procedures for backups. These policies include the frequency and scope, who is responsible for backing up, and how to test data recovery.
Protecting the state and local governments from ransomware and other cyber threats takes constant attention. Municipalities must be vigilant and not let down if they fall prey to ransomware attacks or any other cyberattacks. A month after the Riverside, Ohio police and fire departments ransomware attack, hackers infected their servers again with ransomware. Riverside refused to pay the ransom. However, they were able quickly to recover as they had learned from the previous attack and had daily backups. Baltimore was also the victim of ransomware attacks in two different months, one in March 2018 as well as another in May 2019.
Although no technology or procedure can completely prevent ransomware attacks, there are many solutions that local and state governments can implement at a low cost to increase their chances of avoiding cyberattacks.