In the past year or two, criminals have made it easier to attack government systems with ransomware. Bad actors engineer packages in a scheme that’s become known as Ransomware as a Service, and gangs with less technical knowhow can buy these packages and deploy them. U.S. cities remain a favorite target of ransomware attacks.
As cybersecurity company Arctic Wolf reminds us in a recent blog post, “Ransomware gangs, as well as individual actors, are continuing to see the payoff in attacking high-value targets like supply chains and critical infrastructure. The Ransomware as a Service model, in particular, is becoming the preferred method for threat actors.”
Only 20 percent of state and local governments have managed to successfully stop attacks before the damage has been done, according to a recent Sophos survey. Agencies recovered only 58 percent of encrypted data in ransomware attacks.
Effective defenses against ransomware require vigilance on all fronts, from endpoint security solutions to employee training, and we explore some of them in a Security Save column on FBI guidance. Among the most important solutions in a security strategy are strong and encrypted backups that operate in a zero-trust security framework, which can ensure minimal disruptions to citizen services.
Click the banner to learn how your agency can increase its ransomware recovery capability.
Governments Can Regain Ground Quickly After an Attack
Recently, StateTech explored backup and recovery solutions in use by state agencies in Oregon, Utah and Mississippi. In many cases, on-premises or cloud backup systems can minimize the pain of a ransomware attack. A comprehensive backup strategy can steady a state or local government enterprise by minimizing downtime and disruption due to ransomware.
For example, Sarasota, Fla., once thwarted a ransomware attack thanks to backup solutions from Veeam. The city avoided a ransom payment and restored government systems without disrupting services. Other cities can follow in Sarasota’s steady footsteps with proactive planning and strong vendor partnerships as part of a backup and recovery strategy.
In today’s threat environment, where even criminals without technical skills can easily launch a Ransomware as a Service attack, backup and disaster recovery services are a critical part of a holistic cyberdefense plan. State and local governments should choose the backup configurations that best address their requirements.
Getty Images/ Antonio_Diaz