Ransomware attacks create security risks by disrupting public services, including public services, emergency services and education, the Federal Bureau of Investigation (FBI) has warned.
The alert says local government agencies are attractive targets for cybercriminals to hit with ransomware because they oversee critical services the public depends on.
Ransomware attacks on local governments have caused disruptions to healthcare, emergency services and security operations, and seen sensitive personal data stolen by hackers, exposing individuals to additional risk of fraud and cybercrime. Attacks targeting local services show no signs of slowing down.
“Over the next year, US local government agencies will almost certainly continue to experience ransomware attacks, particularly as malware deployment and targeting tactics evolve, further endangering health and safety. and resulting in significant financial liabilities,” the alert warned, detailing how multiple ransomware attacks over the past year have disrupted vital daily services.
TO SEE: Windows 11 security: How to protect your home and small business PCs
For example, the FBI details how a January 2022 ransomware attack forced a US county to take computer systems offline, shut down public offices, and execute backup emergency response operations.
The attack also destroyed county jail surveillance cameras, data collection capabilities, internet access, and disabled automated gates, leading to security issues and a lockdown of facilities.
Another ransomware incident against local government departments in September 2021 resulted in the closure of a county courthouse and cybercriminals stealing personal information about residents and employees. The hackers released the data on the dark web after the county refused to pay the ransom.
In May 2021, a PayOrGrief ransomware attack infected local government systems in US counties, rendering servers inaccessible and disrupting online services, including the ability to schedule COVID-19 vaccination appointments. The attackers claimed to have stolen 2.5 GB of data containing internal documents and personal information.
The examples of cyberattacks detailed in the alert represent only a small fraction of the total number of ransomware incidents against government services in the past year alone – and only higher education and academia have been the victims top ransomware attacks in 2021.
While the FBI and other law enforcement agencies say that victims of ransomware attacks should not pay the ransom demand for a decryption key because it only encourages further attacks , in many cases victims will pay because they feel like it is the fastest way to restore vital data. services – that’s why criminals target public services.
But even if the victims pay the ransom, restoring the network is a daunting task – and there’s no guarantee that the decryption key will work properly or that the ransomware gangs won’t return with more attacks.
Whether the victim pays the ransom or not, the FBI urges US organizations to report ransomware incidents as this could help prevent future attacks on others.
TO SEE: A winning strategy for cybersecurity (ZDNet special report)
The FBI has listed several cybersecurity measures that organizations can implement to avoid falling victim to a ransomware attack. These include keeping operating systems and software up to date with security patches, so cybercriminals cannot exploit known vulnerabilities to gain access to networks, and requiring strong, unique passwords. for online accounts, making it harder for hackers to guess passwords.
Organizations are also recommended to require multi-factor authentication for online services, including webmail, VPNs, and accounts with access to critical systems, to provide an additional barrier against attacks.
Organizations should also keep offline backups of data and ensure they are regularly updated and tested. Thus, in the event of a ransomware attack, it is possible to restore the network without paying cyber criminals for a decryption key.