The media has focused primarily on cyberattacks related to election systems lately. Many individuals, public officials and company executives, however, have been just as worried about ransomware attacks.
Ransomware attacks infect computer networks with a virus that totally shuts down a computer or a network. It prevents access and demands payment to release and restore data on the machine or network. Recent examples of ransomware attacks illustrate the vulnerabilities that government entities face. The ransom costs are exorbitant while the risk of either a loss of data or a service outage is terrifying.
President Trump’s proposed 2018 budget increases cybersecurity personnel across multiple key agencies and, if passed, it will boost the Department of Homeland Security (DHS) cybersecurity unit budget to nearly $3.3 billion. That’s all good, but most of the recent ransomware attacks have occurred at the local levels of government and the federal government allocates no funding for that problem. According to a recent report, states spend between 0 percent and 2 percent of their IT budgets on cybersecurity – while all best practices suggest that spending should represent between 10 percent and 15 percent of an organization’s budget.
In April, a hacker infected computers at the city of Newark, N.J. The virus rendered all machines unusable. The city’s network was compromised and it disrupted digital services. The hacker demanded $30,000 in Bitcoin, an Internet currency that is difficult to trace. Most ransomware encrypts common computer files and requires a password to unlock them.
Last November, the San Francisco Municipal Transportation Agency (SFMTA), which operates the MUNI light rail system, was also attacked by ransomware. While the ransomware did not penetrate the agency’s network, it did shut down ticket vending machines. Hackers demanded $70,000 in Bitcoin. To prevent disruption in service, SF Muni offered free rides until the fare machines were operational again. The agency did not pay the ransom but the attack was very costly.
In August 2016, the city of Sarasota in Florida had a ransomware attack that shut its computer systems down by a type of ransomware that entered the city’s system through a virus that was sent to one employee. Despite demands by hackers, the city did not pay the ransom and was finally able to recover its files. The cost of resources, lost productivity and inability to provide services, however, was very high.
Last February, the city of Los Angeles Integrated Security Operations Center (ISOC) identified 16 ransomware attacks in five city departments. The attacks were segmented, no data was lost, and no ransom was paid. But, analysts’ biggest worry now is ransomware and they struggle to stay two steps ahead of these types of attacks. The city’s proposed FY 2018 budget includes $2.25 million in funding to support cybersecurity initiatives.
The state of New York’s proposed 2018 budget funds the creation of a new Cyber Incident Response Team, which will not only support state agencies, but also local governments, critical infrastructure statewide and schools. The team will provide outreach services and coordinated exercises and act as a first responder to reported cyber incidents.
Many state and local government leaders are committed to having trained personnel in-house so that cyberattacks do not represent the threats that are prevalent today. That will take time, resources and funding that most had not planned for in future budgets. The world has become a more frightening place and government networks are attractive targets for hackers, cyber sleuths and professionals. Taxpayers will ultimately pay much, if not all, of the cost of keeping the government’s data safe from cyberattacks in the future. That is not a positive thought, but even less positive is the reality that individuals are just as vulnerable because personal computer systems are also a major target for ransomware attacks. Protection is available, but costly to citizens, just as it is to the government.