- December 7, 2020
- Posted by: Keith Frechette
- Categories: Blog, Featured
The proper integration of intelligent systems, big data, and interconnected devices are some of the next-generation technological assets that will help to enhance the service potentials of local, state, and education (SLED) government entities. However, due to the high sensitivity of SLED data, it is critical that said entities understand the probability, likelihood, and impact of risks within their sectors, including ways to mitigate said risks in a scalable fashion.
Over these past years, Ransomware has become more prevalent such that it has been adopted by cybercriminals as a means to defunct governmental assets. While these cyberattacks may lead to a considerable loss of utility and downtime, the larger concern is the amount of ransom that malicious actors demand from governments, which of course comes out from the pockets of taxpayers. And when the organizations refuse to give in to the demands of the attackers, the costs can sky-rocket.
For instance, Baltimore City was the victim of a ransomware attack in 2019. Although city council officials refused to pay the $80,000 ransom, this decision ended up costing the city over $18 million in remediation and lost revenue.
Understanding the Criticality of Ransomware Attacks
Ransomware is one of the most significant threats facing organizations today; this is especially worse for critical sectors, including local, state, and education (SLED) government inst. Below are some recent statistics, which offers eye-opening details about the damaging nature of ransomware attacks within critical sectors:
- According to a BlueVoyant cybersecurity firm study, the amount of ransom demanded to release the government data was pegged at $30,000 in 2017. This amount rose by more than ten times to touch $380,000 in 2019. The study also added that many ransom demands were exceeding $1 million in the previous year.
- The report also mentions that the decreasing number of attacks offer no room for complacency. Threat actors are now increasingly targeting smaller municipalities that have more vulnerabilities that can be exploited. Out of the 33 municipalities, at least 15% agreed to pay the demanded ransom, ranging from $45,000 to $250,000
Why are Government Entities Grossly Vulnerable?
State governments are now offering connected services to their customers who can now get their work done from the comfort of their homes. These digital outlets increase the governments’ exposed attack surface. Hence, making it possible for malicious actors to easily exploit through techniques like Ransomware-as-a-Service (RaaS), off-the-shelf malware, and crypto for blackmail payments.
A few years ago, one could hardly see one or two computers in offices of police departments and local school districts. Fast forward to today, every classroom has few computers, and every squad car has its own. These computers act as potential access points that hackers can exploit to launch ransomware attacks. Thus, the need for every government agency to protect its information assets has increased by many folds.
Other reasons for increased vulnerability of local and state governments include tight budgets, inadequate systems, outdated software, using equipment beyond end-of-support dates, etc.
How Can SLED Entities Prevent and Withstand CyberAttacks?
Here are some crucial and straightforward steps that state, local, and government (SLED) government entities can take to help prevent and build resilience against ransomware attacks:
- Getting Rid of Outdated Systems: Government entities can start by deploying smarter systems architecture, while also accounting for proactive security solutions to go with it. A total revamp of outdated systems will help to engage next-generation security solutions that are capable of providing state-of-the-art security solutions, including XRD, MDR, etc.
- Employee Training and Awareness: The next step is staff training and retention, which can be a critical deterrent against ransomware attacks coupled with adequate vulnerability management. The top-most priority must be patching of loopholes as soon as they are discovered within information assets.
- Getting Cyber Insurance and Managed Security Provider: Cyber insurance can also act as a second line of defense to soften the financial impact of such attacks. However, these policies can encourage hackers to demand a higher ransom. Another solution is working with a managed security and compliance service like GoldSky Security that understands the ins and outs of these attacks and can help avoid them altogether.
SLED entities happen to interact with some of the most critical data in the information lifecycle. As such, developing and implementing a robust plan to combat cybersecurity risks and threats, including ransomware, must become a top and ongoing priority.
All in all, the deployment of regular cybersecurity risk assessments must be ingrained into IT management policies, to best ensure that SLED government entities are equipped with the tools and resources needed to engage with competent managed security service providers, such as Goldsky Security – this will help to enhance the preventive, detective, and corrective countermeasures available to combat ransomware attacks plaguing SLED government entities.