Ransomware is a variation of malicious malware designed to block access to a computer system or network until a sum of money is paid. Ransomware spreads through emails containing malicious links or attachments, or by visiting compromised websites. Additionally, ransomware may not be triggered immediately; it can lay dormant for days, weeks, or months, and can be triggered by keystrokes or your face looking into your computer’s camera. Ransomware attacks have been rising and in recent years, and attacks have crippled operations in local municipalities across the country.
Earlier this month, over twenty local governments in Texas were subjected to a coordinated ransomware attack. This attack follows similar events that have occurred in Florida, Maryland, Louisiana, Georgia, and New Jersey. Utah hasn’t been spared from this, with an attack locking the systems of a UCIP member earlier this year.
The FBI and other law enforcement agencies warn that victims of ransomware attacks should refuse to give in to their attacker’s demands. Unfortunately, many local governments find themselves outmatched by cyberthreats that continue to evolve and often lack the resources to acquire the latest, better-protected hardware and software according to Bill Siegel, founder of ransomware security firm Coveware. Further troubling is that, per Coveware’s findings, local governments tended to pay nearly ten times as much money on average than their private-sector counterparts in the second quarter of 2019.
Per Elliott Sprehe, spokesman for the Texas Department of Information Resources, trying to prevent these attacks is “a continual cat-and-mouse game” for governments of all sizes. While 100% prevention isn’t a realistic goal, there are a number of things that can be done in order to keep your systems safe:
- Keep anti-virus software up to date
- Create strong, unique passwords that are changed regularly
- Perform regular, automated backups and keep the backups segregated
- Enable multifactor authentication, especially for remote logins
- Regular security awareness training for employees
- Do not open, click links, or download attachments from emails from unverified senders
- Do not visit compromised websites
Because of open meeting rules that create records of decisions, governmental incidents are more public as opposed to private companies who have the incentive — and in many cases, the ability — to keep things confidential. Public reports on what governmental entities have done also paints an additional target on local municipalities. Per the security firm Recorded Future, ransomware situations are only becoming more pervasive, and local governments need to be prepared. The steps outlined above will help in preventing ransomware attacks. UCIP is always happy to offer additional training and information on this subject. For additional assistance, please contact Alex at firstname.lastname@example.org.
If you fall victim to a ransomware attack, please contact UCIP immediately. Additionally, the Salt Lake City field office of the FBI should be contacted as soon as possible at (801) 579-1400.