Ransomware is a big problem for criminals and painfully expensive for businesses. More and more cities and local governments around the world have become a target of choice, with hackers blocking government services, hospitals, blue light services, schools and universities.
In the United States, this type of attack is notable. In the past 10 months alone, 140 local governments, police stations, and hospitals have been held hostage by ransomware software attacks, despite the introduction of antivirus software and other basic protections.
As a result, hospitals are ending the intake of new patients, first responders are slow to respond to calls for help, municipal services are disrupted, and schools are suspending classes.
About the AuthorFrank Krieger is Vice President of Government, Risk and Compliance at iland.
States hit hard
Ransomware attacks are hitting the United States hard, and unfortunately, many companies are choosing to pay ransoms for their data, creating a lucrative market for hackers. In October, an Alabama hospital paid hackers an undisclosed amount to unlock their data after being forced to suspend new patient admissions. In June, Lake City, Florida, had paid € 460,000, and Riviera Beach, Florida, more than € 600,000 in Florida to retrieve their data.
The landscape is equally vulnerable in the UK. In the first half of 2019, the number of malicious attacks in the UK increased by 195%. The United States and the United Kingdom have seen an increase in the number of malware-related incidents. By 2020, this trend will undoubtedly continue with hackers exploiting common vulnerabilities of regional and local governments and education authorities with limited budgets and easy access to cyber insurance. affordable.
Most local governments are forced to allocate IT budgets and resources to improve services through next-generation technologies such as 5G networks, IoT, and cloud IT. In doing so, your operations and data are increasingly connected through local and global networks, and your IT professionals are overwhelmed by IT data regulations and their demand for innovation. There is little time or resources to protect your networks.
A tempting solution might be to sign up for cyber insurance and prepare to accept disruptions in the event of a successful attack. However, government and education authorities can strengthen their defense with external resources and best practices that are as affordable and easy to implement as cyber insurance. Many of them begin by changing the way we think about the problem.
Sanctions versus consequences: what's the difference?
There is a big difference between cybersecurity penalties and their consequences. Although public sector organizations that are victims of ransomware attacks are not subject to specific sanctions, public sector organizations still face significant human consequences. When services are disrupted, citizens are unable to contact emergency services, frozen property records may block loan applications, or hospitals are unable to admit and treat new patients.
A ransom payment, backed by cyber insurance, can return data and transactions in order. But what is the cost to the citizens who depend on the services and to the overall reputation of the utility provider? Worse yet, by paying ransoms, we only encourage hackers, which explains the magnitude of these events.
These hackers know who pays for the insurance and what coverage they have. Furthermore, no one should assume that they are immune from penalties. A ransomware attack that exposes attackers to personal data puts the organization in violation of general regulations and faces potentially huge fines. What is the alternative and what steps can be taken?
Strengthen IT with subscription cybersecurity
Whether it's data backup, IT compliance, or security programs, most cloud-based IT services are now available through monthly subscriptions, priced at or below insurance. cybernetic.
Most local authorities have limited IT resources, which means they focus on resolving the latest incident ticket rather than keeping hardware and software up to date. Hackers know when the latest software updates or patches are released and smaller companies will likely take their time updating.
On the other hand, companies that provide cloud services regularly publish and update patches and apply patches to their services and data centers to ensure the highest possible security.
Minimize risks by keeping access controls up to date
One of the easiest ways to access a local authority or school network is to use an access point with outdated identifying information, for example when you are not at school. An employee leaves the organization. Usernames and passwords should be removed immediately when employees leave their jobs. Knowing that resources on the site are limited, this process needs to be communicated and addressed as a top priority.
Securing IoT sensors and devices through network segmentation
As local authorities expand their services in next-generation technologies to build smart cities, they are increasingly connected. By 2025, more than 75 billion devices are expected to be connected via the Internet of Things (IoT), but a single unprotected access point can make any database vulnerable.
IoT devices rely on sensors to collect data about power grids, traffic, garbage collection, or road conditions to provide services more efficiently. However, hackers know that many small authorities lack the computing resources and expertise to block these sensors. Hackers can use this access to hold services hostage through ransomware, sometimes paralyzing critical systems for months.
At most, security measures should be applied to these sensors and their IoT devices. At a minimum, city officials must store and manage their data and applications in different data centers. This can also be done in the cloud.
Just say no "
Local government organizations with backup and emergency plans can almost always say no to hackers. An effective backup and disaster recovery system should allow systems to recover quickly and with little or no data loss.
By refusing to pay ransoms and subscribing to a practical "insurance policy" that establishes the establishment of a disaster recovery plan and disaster recovery plans (DRaaS), public sector organizations can resist hackers and send a clear message that they are a more difficult target, no. An easy victim.
Frank Krieger is Vice President of Government, Risk and Compliance at iland.