Ransomware in Small-Town America
So far this year, over 170 ransomware attacks have been successfully executed on municipalities and state government systems, and there is sound reason to believe this rate of attack will continue. Criminals target cities and counties for two major reasons: they house valuable personal data and they are often easy targets.
In March of 2018, the City of Atlanta came to a screeching halt after being crippled by SamSam ransomware. Memorably, they elected not to pay the requested $52,000 ransom demand, taking the stance that payment further encourages and enables cyber criminals. The overall cost of responding and recovering was roughly $2.6 million.
This highlights a key dilemma that is central to the success of cyber criminals. Evaluating whether or not to pay a ransom is a very serious decision. In every unique situation, local and state governments must analyze and calculate their cost to recover (carefully evaluated based on quality of backups and many other factors) against the demanded ransom.
In our rural cities and towns, skilled municipal workers serve their constituents, file official records, respond on 911 dispatch lines, and protect the peace. They use computers, radios, and other network devices to accomplish their duties. And yet, many don’t understand the inherent risks in their workflow, or believe that they may be a target. This is especially true in the state of Montana.
So, what should governments be doing to mitigate their risk of falling victim to ransomware?
Here are a few essential starting points:
1. Use an Advanced Anti-Virus Software
It’s inevitable – bad actors are going to try and access your network, so reaction time is critical. Not all security software is equal. Advanced Endpoint Detection & Response (EDR) provides forensic data, mitigates threats automatically, isolates the network, and auto-immunizes the endpoints against newly discovered threats. Learn more here.
2. Budget for IT
In a news clip shortly after the city of Atlanta was hit with ransomware, Mayor Bottoms addressed the public: “Cybersecurity is now a top priority.” Our response? …Too late! It’s always more expensive to be reactive. Budgeting for your IT and security needs is just as critical as budgeting for your payroll and utility bills. An experienced IT partner will help you prioritize, and a good one will save you money in the long run.
3. Perform a Risk Assessment
It’s impossible to rectify issues you don’t know are there. A network assessment is a comprehensive summary of all the devices (computers, printers, servers) connected to your network. This network summary highlights performance, capacity, and security status to bring any issues to light. It’s important to review the results of this assessment with an experienced professional who will explain in layman’s terms what the report details, while giving you a road-map to most efficiently address the issues.
4. Facilitate Regular Employee Training
We are all human, and we all make mistakes. Cyber criminals count on us to open the door for them, and we often do. When we are distracted, afraid, or sense urgency from a perceived authority figure, we often act hastily, missing subtle warning signs. The ROI on end user security training is clearly demonstrated, and it turns your weakest link into your strongest defense.
5. Invest in Quality Backups
Even if you have a dedicated IT budget, address all concerns brought to light in your annual risk assessments, and have a robust employee training program, there are no guarantees you won’t be a victim. Cyber criminals are highly organized, and they use advanced tools to engage their targets. Organizations should always have a backup plan. Here’s an analogy: imagine that your house burns completely to the foundation. You need a blueprint to rebuild it, down to the pictures hanging on the wall. Quality offsite backups provide that blueprint, and an experienced IT partner will use that blueprint to get you back up and running in record time. Our fully managed backup solution is secure, scalable, and routinely tested. Questions? Let’s talk.