In the past year, nearly 150 local government agencies, police departments and hospitals have fallen victim to a ransomware attack. In fact, in just the last six weeks alone, cyber criminals have successfully infiltrated the city of Cornelia, Georgia; the North Carolina State Bar Association; Wood Ranch Medical in California; Ava School District in Missouri; Fayette Medical Center in Alabama; and, most recently, the computer systems in Jasper County.
Sadly enough, this isn’t the first time a local governmental entity in South Carolina has fallen victim to a ransomware attack. Horry County School District was crippled by ransomware and ended up paying a ransom demand of $8,500. At the time, the public couldn’t fathom paying that amount to hackers. Now, just three years later, ransom demands have increased over 6,000%, with one of the most recent ransom demands elsewhere totaling over $1 million.
The reality is that our cyber enemies are getting scarily good. And what’s even scarier, their recent successful attempts have left them hungrier for more. How long before another South Carolina city or county (or the state) falls victim to hackers?
As cyber threats grow and security measures continue to fall short, it is not a matter of if, but when. These enemies are going to continue their attempts to attack our local governments, and it is unclear how ready they are. Fortunately, there are steps Jasper County can take to ensure it doesn’t fall victim again, and cities, towns and counties across the state should follow suit in an effort to minimize their risk of becoming the next victim of a ransomware attack.
First, users and IT administrators need to ensure their operating system and all of their third-party applications are up to date. If they are outdated, security holes are being left unpatched and leaving the backdoor wide open for cybercriminals.
Second, you must analyze your current antivirus program and the approach it’s taking. Often, security solution providers use a reactive approach to security. That means the software will only block known bad files, permitting all other unknown files to install. Then, if one of the unknown files happens to be bad, they will work to remove it – if possible. Based on industry research, this approach is no longer feasible.
This is why the US-CERT, FBI and NSA have encouraged the use of application “whitelisting.” By using a whitelist, the device will only be allowed to run known, trusted programs. This means, even if the enemy found a way to worm their way into the server or computer, they couldn’t install anything malicious, because only good programs and files can run.
Third, and just as important, is education. Knowing what today’s cyber threats are and the red flags to spot them will help decrease the likelihood of unintentionally downloading a malicious attachment or clicking on a malicious link. Keeping yourself and employees up to date is an imperative step to cybersecurity.
The fourth suggestion is practicing proper password hygiene. This includes using complex passwords, including capital and lowercase letters, numbers and special characters. These passwords should also not be written down. Alternatively, users can use a password vault to manage and protect all of their passwords for each account. Passwords should also not be used across multiple accounts, personal or professional. Additionally, users need to update their passwords every six weeks.
The fifth and final thing is backing up files. Storing data on an external hard drive or cloud-based network will help with the restoration process if a cyberattack were to corrupt systems. If the backup of choice is an external hard drive, it is important to unplug the hard drive from the device once the backup process is completed. If users fail to do so, there is a risk of the backup files becoming infected if a cyberattack were to execute.
Cyberthreats are evolving daily, and unfortunately there is no silver bullet. However, if government offices are implementing these five suggestions, the risk of falling victim is minimal at best. We must reach out to our local government offices to urge them to begin using these five cybersecurity tips. After all, they possess your personal information too, and you have the right to know it is being kept secure.
Rob Cheng is the founder and CEO of PC Matic.