FBI-Ransomware Impacting Local Governments
Contributed by Jeff Ziplow and Jim Kreiser
The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) last week related to new and evolving cybersecurity threats. In particular, the FBI confirmed that ransomware attacks have been specifically targeted against local government entities. The impact could be “significant due to the Public’s dependency on critical utilities, emergency services, educational facilities and other services overseen by local government”.
Ransomware Facts
There are a number of ransomware threats that have become prevalent over the past year that have been linked to different emails and/or links on websites. No matter how the infection took place, the result are similar, the malware gets downloaded to a PC and will scan all physical and network (logical) drives. Many times information is exfiltrated to the Dark Web and then encrypted. This basically renders the files useless without the decryption key; brute force or other tools cannot break the encryption on these files.
When the ransomware has finished encrypting files on the PC, the virus will typically display a screen regarding a payment program that prompts the user to send a ransom payment to decrypt the files. A user is then given a limited amount of time to pay the ransom (typically 72 hours) or it will delete the encryption key, making the encrypted files permanently inaccessible.
Tips for Mitigating Risks
- Don’t Open Emails From Strangers
- Minimize User’s Network Access
- Implement technologies that shutdown ransomware attacks
- Train Employees
A ransomware attack doesn’t have to bring your organization to its knees, CLA’s cybersecurity professionals can identify gaps in your security posture to help prevent and mitigate damage when a ransomware strike happens.
If you have any questions or concerns, please reach out to Jim Kreiser (717.857.2613, james.kreiser@claconnect.com or Jeff Ziplow (860.561.6815, Jeffrey.ziplow@CLAconnect.com) to discuss ways to enhance your local government’s cybersecurity posture.
Kadian currently works with the Information Security Services Group as well as higher education group providing compliance services, outsourcing and co-sourcing engagements and information security assessments.
Comments are closed.