A Hard to Combat Non-State Actor: Ransomware

Ransomware attacks on government agencies and municipalities are rising, especially in the United States. Cybercriminals behind these attacks target any network associated with the facets of public life, from city government agencies to school districts and even to police departments.

How Do Ransomware Attacks Occur?

Ransomware attacks block access to your device, personal data, and other information by encrypting that data. Cybercriminals then hold your information hostage until a ransom is paid. The attackers promise to exchange a key that would allow the victim to decrypt their files, but there is no guarantee that the extortionists will give the decoding key over once the ransom is paid. Moreover, there is no surefire way to determine whether the cybercriminals left a contingency that would allow them to attack at a later time.

The Struggle for Government and Impact

Public bodies such as hospitals, health care facilities, and federal, state, and local governments have been more vulnerable to ransomware attacks than other industries. These public agencies are often lacking in cybersecurity experts. The absence of a dedicated cybersecurity team and general insufficient cybersecurity and ransomware protection are just some reasons public bodies are open to a cyberattack.  

In January of 2021, the Bristol Police Department in southwest Virginia suffered an attack. The department's system was offline, which forced staff to use analog systems-pen and paper. Information was reportedly lost during that ransomware attack. 

Another ransomware attack on Baltimore shut down the city's CAD system for almost a full day, impacting the 911 system. Manual dispatching enabled public safety officers to respond to calls during this time. However, the city's dispatch calls were not recorded.

Do Governments Pay Ransoms?

According to some experts, these public entities often feel obligated to pay the ransom because services to people who need them are being directly disrupted. However, some reports state that government bodies are less likely to pay a ransom to decrypt their files. According to research, 45% of organizations targeted by ransomware attackers paid the ransom to regain access to their files and devices. In comparison, only around 17% of state and local governments attacked paid up.  

Issues with Implementing Proper Ransomware Protection

A major challenge in figuring out how to prevent ransomware attacks is victims' lack of incident reporting. Without as much information as possible, understanding the scope of the problem becomes increasingly difficult for cybersecurity experts.  

Even with reporting, the challenge in tackling ransomware attacks, even with dedicated ransomware protection, is the widespread access available to hackers through public networks. 

It's not easy to build proper ransomware prevention tactics that will have the capacity to prevent every cyberattack that could come up. Nonetheless, identifying and dealing with any of these gaps is key to preventing future attacks. Recovering from a ransomware attack can be very difficult, time-consuming, and disruptive with the potential for a major loss of funds.

Source: iQuanti, Inc.