From Florida to a group of cities in Texas, even Baltimore to Atlanta, the frequency of ransomware attacks against local governments is rapidly rising. A recent report from Barracuda Networks confirmed that out of hundreds of attacks, nearly two-third of ransomware attacks targeted local government institutions and organizations.
Ransomware is a form of malware that inhibits an authorized user from accessing a private computer system or data. The cyber attacker encrypts a file or folder to gain monetary benefits in exchange for the encrypted content. These perpetrators usually demand cryptocurrency, making it difficult to track the transaction. Economic advantage is the primary motivator of ransomware attacks. Malware, including ransomware, has always been one of the common cyberattacks every year. Surprisingly, reports are suggesting a drop in ransomware attacks; yet, these attacks faced no significant decline in its revenue.
This year, over 70 state and local governments suffered ransomware attacks. In July, at the US Conference of Mayors, more than 225 US mayors stood their ground (through a resolution) against paying the ransom in return of encrypted data. The resolution came to light after Baltimore’s servers faced the Robinhood ransomware attack, resulting in a loss of $18 million to recover the data, versus the original ransom of $80,000. These incidents affect the system deeply as local and state governments have national implications, eventually affecting local and national economies. Besides that, local governments deal with a limited budget, making unexpected ransomware attacks a costly endeavor. Sometimes, the preventive measures budget is also low. The recent spike in ransomware attacks on local governments is bringing to light the issue of having a reasonable budget to prevent such attacks from occurring.
Why are Local Governments Frequent Victims of Ransomware Attacks?
Different angles on why ransomware attacks are keen on targeting local government institutions and organizations –
1. Offers More Opportunities for Cybercriminals
Local government bodies are commonly performing IP-based activities to deliver services efficiently. It offers an open window for cyber attackers to break through the security infrastructure. Cybercriminals are technologically sound like the defenders. Their continually expanding technological capabilities are also making the situation worse. This is giving rise to the involvement of state-sponsored attackers by serving sophisticated attack methods as a commodity to both inexperienced and experienced cybercriminals. Ransomware is no different; they are being packaged and provided to the black hat community.
2. Difficult to Hide a Ransomware Incident from Public Notice
According to a recent report by Malwarebytes, overall ransomware detections increased by 363% between Q2 2018 and Q2 2019. It is less likely that ransomware attacks on businesses have taken a back seat, while attackers are primarily focused on local governments. The possibility suggests that attacks on government institutions effortlessly make their way into the limelight. The situation remains the same for a while now, but as ransomware needs local governments to extract cyber insurance, they are now gaining more public attention than ever before.
3. City Systems Have a Lot to Offer
Cyber attackers have realized that city systems present a massive amount of data when breached. This makes city systems the best target as perpetrators can obtain a wealth of data on citizens. These breached systems give a smooth passageway for attackers to steal data and use it for identity theft. Local governments have access to different types of data, including details on vehicle permits, parking tickets, water bills, and more.
4. Limited Funds to Protect Against Security Breaches
Unlike large enterprises, cities and towns face financial constraints when investing in the security infrastructure. This limitation makes local government bodies susceptible to multiple types of cyberattacks. First, the problem takes a larger form when the affected government organization falls short of staff. In a resource-constrained situation, the victimized organization outsources professionals to perform the task. Sometimes, it gets difficult to manage contractors. Secondly, while upgrading existing services with advanced technologies, government bodies often don’t have enough time to eliminate vulnerabilities from the system. Under the same situation, an enterprise has the advantage of going offline for the required time. But this can’t be done by government entities, as they are driven to offer uninterrupted services.
Protect local governments from being attacked
Apart from the general steps to eliminate ransomware, local governments can take a few extra precautions to deal with ransomware attacks –
As local and state governments struggle with increasing ransomware attacks under constrained situations, the federal government can help them gear up for such scenarios. Being interlinked with the federal government helps local government bodies to stay afloat. A pool of various cybersecurity solutions, such as the availability of firewalls, or any other advanced tools, will keep entities strong, even when under attack.
Apart from this, sharing cybersecurity-related data with peers from other jurisdictions, governments can tell whether other jurisdictions are facing the same issue. They can then combine resources to mitigate the problem.
By having a certified professional on-board will quickly resolve the issue. Professionals holding EC-Council Certified Security Analyst credentials are trained to deal with such situations. They go through intense lab sessions to adopt advanced penetration testing skills; the skills that a local government organization needs to keep their assets safe. Regular penetration testing (automated and manual) can determine the vulnerabilities of a security infrastructure. The methodology is also capable of finding software and human errors that can lead to a massive compromise of security. With skilled penetration testers, local governments can help their organizations and institutions to develop strong security controls and safeguards.
ECSA holders are well-versed with automated and manual penetration testing tools. They can penetrate networks, web application, database, cloud, operating systems, and other entities to look for weaknesses, and formulate the required countermeasures to eliminate them. Hire an ECSA holder today, and save your assets from falling victim to ransomware attacks!