In 2018, the undisputed star in a cybercriminal’s arsenal was cryptojacking. Nevertheless, the use of other kinds of malicious software is still booming in such relevant sectors as public administration. Ransomware is still one of the most popular cyberthreats among criminals, due to how easy it is to implement, how lucrative it can be, and how efficient it is at getting results. And it is already making waves in 2019.
City officials in the city of Del Rio, Texas, reported a ransomware attack at the start of January that affected their systems and forced them to carry out their administrative tasks manually, with pen and paper. Del Rio’s Management Information Services were obliged to disconnect City Hall’s computers to keep employees from accessing the system and spreading the infection.
According to US media outlets, the attack was carried out using an unusual strategy. The ransom note included a phone number to communicate with the attackers and get instructions as to how to pay to recover their files; the usual course of action for attackers in these situations is to provide an email address for the victim to use if they need more information about decrypting their infected devices.
The City has revealed very few technical details about the attack: the ransom demanded by the attacker, the specific strain of ransomware used in the attack, and the person or group responsible for the attack are all unknown. Nevertheless, along with the cost of recovering their computers, the attack caused a major loss of productivity, and seriously slowed down their workflow.
Other public sector attacks
This is not the first time that a city hall or public administration has been affected by ransomware. In April 2018, the city of Atlanta spent over $2.6 million to recover from a ransomware attack that paralyzed the city government’s operations. With this budget, the city had to pay for incident response services, digital forensic analysis, Microsoft Cloud experts, and staff to help with systems recovery, as well as crisis communication services.
In July, Matanuska-Susitna, a borough in the state of Alaska was also hit by several types of advanced malware, bringing down their IT infrastructure, affecting computers, servers, and telephones, as well as paralyzing email communication. In this case, the borough was attacked with advanced persistent threats, with strains such as the Trojan Emotet and the ransomware BitPaymer. Officials in the borough estimated the cost of restoring servers and systems after the attacks to be over $2 million. It is quite clear that this kind of threat has an almost limitless capacity to endanger all sectors, from private companies to public institutions. This is why it is so important to try to avoid these risks and be able to identify threats in a timely manner.
How to make public administration malware-free
Cybersecurity solutions are vital in the fight to keep ransomware out of public sector systems, and it is important to try to implement them before an attack happens. Heads of security also have a duty to ensure that all employees in these institutions understand the risks and the large scale consequences of such apparently harmless actions as opening an email or clicking on a link. This can be done by carrying out awareness programs, and by training employees.
The most relevant tips for preventing a ransomware attack – making backups, updating software and devices – apply to any kind of sector, including public administration. However, measures such as an efficient incident response plan and complementing internal IT services with the experience and support of third parties can reduce the impact caused by cybercriminals, and help professionals in the race against the clock. Advanced cybersecurity solutions such as Adaptive Defense combine prevention, detection and response to the threats posed by malware. With the necessary support, both private companies and public and government institutions can stop cyberattacks from holding their computers to ransom and forcing them to have to go back to the days of pen, paper, and typewriters.