The threat ransomware poses to government agencies is growing fast. Taking simple steps to mitigate risk can help federal and local government agencies secure mission-critical IT infrastructure and protect constituents’ data from ransomware attacks.
Ransomware attacks on government agencies are not a new phenomenon. For years, cyber criminals have been using tactics like phishing emails to gain access, steal data, lock computer systems and demand ransoms from public sector organizations. If the organization doesn’t comply, attackers threaten to release private data publicly. Holding critical data for ransom is a lucrative business and attacks are on the rise.
In fact, according to the U.S Department of Homeland Security (DHS), ransomware attacks have doubled since 2017. Recently, the highly publicized attack on the Colonial Pipeline caused a temporary disruption in the delivery of gasoline across a large portion of the Southeast U.S. According to the Government Accountability Office (GAO), the company paid over $4 million in ransom to get back into production. From petroleum to the meat industry to education, no sector has been left unscathed.
Attackers Capitalize on Remote Work Vulnerabilities During Covid 19
The onset of the global pandemic caught many state and local organizations unprepared to support employees and contractors working from home. Without a secure infrastructure in place for remote access to systems and data, many were vulnerable to ransomware attacks. In the last couple of years, victims have included the Baltimore school district, the NYPD fingerprint database, and the State of Texas. Often, these types of government agencies have few resources or the funding to protect themselves and their constituents’ data from ransomware attacks and that makes them easy targets. Elementary school districts have been particularly hard hit.
For example, in December 2020, federal law enforcement received an uptick in reports of ransomware attacks against K-12 educational institutions. In these attacks, malicious cyber actors successfully targeted school computer systems, slowing access, and often making the systems inaccessible to administrators, teachers and students for basic functions like distance learning.
The Center for Information Security (CIS) runs the Multi-State Information Sharing and Analysis Center (MS-ISAC), a federally funded organization tasked with helping improve cybersecurity for state, local and tribal government entities, including public schools. As reported in the Washington Post, between 2019 and 2020 the MS-ISAC saw a 19 percent increase in ransomware and other cyberattacks targeting K-12 schools and projects a whopping 86 percent increase in 2021. The MS-ISAC offers free cybersecurity resources to K-12 schools.
Mitigating Ransomware Attacks in the Public Sector
The Federal Government has provided guidance to organizations and individuals to help them mitigate cyber threats like ransomware. For example, the DHS Cybersecurity and Infrastructure Security Agency introduced the Reduce the Risk of Ransomware campaign and published guidance on the rising ransomware threat in response to increases in ransomware attacks targeting technology assets and control systems. Additionally, the U.S Department of Justice issued a memorandum for all federal prosecutors with counsel for cases related to ransomware and digital coercion.
As criminal groups, including nation states, increasingly target the IT infrastructures, systems and assets of governments – national security, economic stability, and public health and safety are at great risk of compromise. Mitigating threats is the key to ensuring the continuity of government operations. A robust backup and data recovery plan, as part of a disaster recovery strategy, will help eliminate downtime from ransomware attacks as well as natural disasters.
How Qumulo Can Help Government Agencies Ensure Data Safety and Integrity
Learn how government agencies can take simple steps to help secure mission-critical IT infrastructure and protect constituents’ data from ransomware attacks. Join us on December 9, 2021 at 2 PM EDT, 11 AM PDT for Qombating Ransomware–Strategies for Mitigating Risks in Government. In this webinar, industry experts will discuss the importance of planning ahead before a data disaster and how a cloud-based disaster recovery as-a-service (DRaas) solution can help public sector organizations leverage the cloud. You’ll also learn best practices for creating a disaster recovery strategy to help you prevent and detect attacks, recover your data, and resume operations quickly.
Qombating Ransomware | Strategies for Mitigating Risks in Government
Thursday, December 9, 2021 at 11 AM PDT or 2 PM EDT
- What is Ransomware and How to Detect It [Ransomware Infographic]
- How Holistic Security Helps Protect Your File Data Storage from Ransomware
- Cloud Backup and Migration for Government Agencies (in 3 Simple Steps)