Group issues ransomware warning to local governments
By Rachel Looker
National Association of Counties
School districts, library systems, sheriff’s offices and other areas of local government have all been hit by a recent wave of cyberattacks that has targeted counties throughout the country. These malware or ransomware attacks are affecting servers, websites and even the start date for some schools.
In response, a consortium of local government groups and others have issued a fresh warning to local governments to back up systems on a daily basis; reinforce basic cybersecurity awareness and education and revisit and refine cyber incident response plans.
The Center for Internet Security describes ransomware as a type of malware that blocks access to a system, device or file until the ransom is paid. Ransomware encrypts files on infected systems with different variants that can erase files or block access to the system using other methods.
The consortium that issued the warning includes the Cybersecurity and Infrastructure Security Agency, Multi-State Information Sharing and Analysis Center, National Governors Association and the National Association of State Chief Information Officers. They are supporting ransomware victims and encouraging the government to protect networks against the threat of a ransomware attack.
Backing up systems and storing the back-ups offline ensures the integrity of the restoration process. If recovering from an attack, the groups recommend restoring a stronger system than was lost, by ensuring it is fully patched and updated to the latest version.
It’s important to refresh employee training on recognizing cyberthreats, phishing and suspicious links which will help local governments prevent cybersecurity attacks, they warned. It’s also important to reiterate to employees how to report incidents to IT staff.
Counties should establish a clear plan to address attacks, which should include how to request assistance from external “cyber first responders” in the event of an attack.
If ransom is not paid within a certain time frame, there is a risk of decryption keys being destroyed or files being permanently deleted, according to the Center for Internet Security. READ MORE.