How to Thwart Government Focused Ransomware Attacks
Government ransomware attacks are on the rise. The recent cyberattack that unleashed ransomware on government agencies in Baltimore is, according to NPR reports, “just one of more than 20 made on municipalities this year — and cybersecurity experts say it likely will take months for the city to recover.”
The incident in Baltimore is part of a growing trends of ransomware attacks that have targeted local and regional government agencies across the US and Canada. Last year a similar attack on Atlanta nearly caused a local government shutdown when the city refused to pay ransom. The Atlanta city government reportedly spent $17 million to recover and completely overhaul their IT systems. In 2018, the provincial government of Prince Edward Island, Canada was also hit by ransomware. The government ransomware attack on PEI grabbed headlines across the globe, but the smart backup strategy used by this local government was able minimize down time and quickly recover without paying a ransom.
What can agencies do to thwart government ransomware attacks? How can smaller cities and municipalities where budgets are always tight protect themselves? While antivirus software is a necessity, it is not enough to stop latest ransomware of 2019.
To prevent government ransomware attacks from causing a shutdown, agencies should additionally implement the following cost-effective best practices.
5 Strategies for Thwarting Government Ransomware Attacks
Since most ransomware is written for Windows operating systems, one of the most effective way to eliminate the threat of ransomware is to us a Linux-based backup appliance. The likelihood of backup data being attacked or corrupted is reduced exponentially.
In the recent ransomware attack on the city of Baltimore as well as the PEI government ransomware attack, hackers exploited weaknesses in outdated hardware and software to get into the agencies’ networks. Once inside, hackers were able to deploy the ransomware unchecked — no phishing links or employee errors required. To defend against these types of malware attacks, government agencies should prioritize patching, maintaining, and upgrading IT equipment.
With ever-evolving ransomware keys, algorithms, and infiltration methods, there’s no way to prevent a ransomware attack with 100% certainty. But IT administrators can use automated tools to detect ransomware in the early stages. New intelligent software like Unitrends Backup uses artificial intelligence (AI) and machine-learning to detect suspicious patterns, like groups of files being encrypted in an unusual way, and alerts administrators to ransomware before it spreads.
If and when ransomware strikes, the only way to take back control without paying a ransom is to restore via an uninfected backup. Backup with built-in ransomware protection is important — otherwise, ransomware can lock backup files, too. For critical or time-sensitive government services, implementing a cloud-based Disaster Recovery Service can allow agencies to immediately failover to a secure cloud and keep services running for the constituents, even if it takes some time to restore locally.
What’s a backup worth if you can’t actually recover when you need it? The only way to know for sure your backup works and meets your organizations Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) is to test it ahead of time. But with understaffed IT teams being the norm at most organizations, who has the time? Fortunately automated testing and recovery assurance with Unitrends does the heavy lifting for you, and provides reports proving recoverability.
What strategies does your organization use to thwart government ransomware attacks? Let us know in the comments.