ZDNet has reported that 19 percent of all ransomware attacks are directed at government agencies, and it’s no surprise why. As we discussed previously, small IT teams and small budgets set up some difficult conditions for data protection.
City, county, and other municipal government offices are vulnerable for a number of reasons. They have lots of sensitive data (would you want your traffic tickets, tax info, or your home remodel permits accessed by a cybercriminal?). Government IT systems are rarely the latest and greatest. And if the IT infrastructure is not extensive - it usually isn’t - there are security holes that need to be filled.
Given their lean resources, city and municipal agencies operate much like small businesses. IT staff are often overworked generalists, without specific training in data security. Other municipal workers are also likely to be untrained on how to identify suspicious emails or web malvertising.
Months after a ransomware attack on the city of Atlanta, the financial toll was still being calculated, but the government had earmarked $5 million for recovery. Ontario’s Provincial Police is issuing warnings about a rise in attacks on cities throughout the province.
The annual MISA Ontario Infosec conference for municipal IT professionals will be held October 29-31 in Stratford, Ontario and it’s no surprise that the agenda is packed with presentations on cybersecurity.
As in any industry, there are ways to protect against attacks. Some are common sense, and some may take a bit more expertise. At a minimum, public-sector IT pros must immediately take steps to secure data both onsite and off.
Here are the top 3 things to do to secure your data:
- Put backups offline, at another site/cloud, or on another network.
- Store backup and archived data in an immutable format so that it cannot be altered or accessed by cyberattacks.
- Scan primary, backup, and archive data for ransomware signatures and viruses.
We will be at the MISA Ontario Infosec conference and look forward to meeting attendees and talking about the very critical issue of defending against ransomware. Visit us in booth 20 and let’s chat.