It’s clear that government is becoming a bigger target for cyber criminals looking to use ransomware. In fact, according to a report from the Department of Homeland Security (cited in this DHS magazine article), there were 321 incidents of ransomware on 29 different federal networks between June 2015 and March 2016.
Below, we’ll walk through three actions government agencies can take to mitigate risk and reduce the impact of ransomware attacks.
Cybersecurity In Government: 3 Practices For Preventing Ransomware Attacks & Fallout
1. Understand that ransomware attacks are opportunistic.
Simply understanding and acknowledging why cyber criminals use ransomware attacks is a step in the right direction. Most criminals who use ransomware want an “easy payday,” so they target organizations that deal with time-sensitive, critical, or life-and-death information. Cyber criminals are increasingly focusing on healthcare, education, and government because they know that they have a good chance of interrupting a critical function, which increases their odds of a payout.
2. Regulate cybersecurity internally.
In our BitSight Insights report, we found that the financial industry performs the best against ransomware attacks. This may be partially due to the increased regulatory scrutiny financial institutions face. Self-imposed regulation and diligence could become far more critical for government agencies that may lack advanced cybersecurity protocols and internal training.
3. Be diligent about cybersecurity best practices.
In February 2016, a police detective’s laptop in Melrose, Massachusetts, was attacked with a ransomware infection that forced the department to pay a bitcoin ransom to regain control of its network. The officer who triggered the attack opened an infected email attachment, which then encrypted the files on his system. To help prevent malicious attacks through email attachments, government agencies need to implement email security protocols like Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). SPF helps limit an attacker’s ability to successfully spoof a valid “from” address, and DKIM helps to authenticate valid servers and limit the sending of spoofed email messages.
C. Back Up Your Systems
If your network is compromised through a ransomware attack, you should have a regularly updated backup of your systems to fall back on. This could cause a disturbance, as systems could potentially be offline for a while—but it could also help you avoid paying the ransom. Government agencies (and also other organizations) must assess the impact of a major disruption on their network. With system backups that are segmented from the rest of the network, IT teams may be able to reduce the amount of downtime resulting from a ransomware attack, and avoid the necessity to pay a ransom to retrieve information.
Learn More About Ransomware In Government Cybersecurity
Ransomware is affecting virtually all industries today. Download the latest BitSight Insights report to learn more about how ransomware infections have evolved over the last year and how businesses can help mitigate the threat of ransomware.
If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...
If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...
During this dynamic and stressful workplace environment 2020 has brought us, finding the most efficient ways to perform in your job has never been more important. When it comes to managing your vendor lifecycle, there are three ways you...