Ransomware: Why Hackers Have Taken Aim at City Governments

When the news media reports on data breaches and other forms of cybercrime, the center of the story is usually a major software company, financial institution, or retailer. But in reality, these types of attacks are merely part of the damage that global hackers cause on a daily basis.

Town and city governments are becoming a more common target for online criminals. For example, a small city in Florida, Riviera Beach, had their office computers hacked and ended up paying $600,000 to try to reverse the damage. Hackers saw this as a successful breach and are now inspired to look at more public institutions that could be vulnerable.

Why are cities and towns so susceptible to hacking, how are these attacks carried out, and what steps should administrators take to protect citizen data?

How Hackers Choose Targets

While some cybercriminals seek out exploits for the sole purpose of causing destruction or frustration, the majority of hackers are looking to make money. Their aim is to locate organizations with poor security practices so that they can infiltrate their networks and online systems. Sometimes hackers will actually hide inside of a local network or database for an extended period of time without the organization realizing it.

Hackers usually cash in through one of two ways. The first way is to try to steal data, like email addresses, passwords, and credit card numbers, from an internal system and then sell that information on the dark web. The alternative is a ransomware attack, in which the hacker holds computer systems hostage and unusable until the organization pays for them to be released.

City and town governments are becoming a common target for hackers because they often rely on outdated legacy software or else have built tools internally that may not be fully secure. These organizations rarely have a dedicated cybersecurity team or extensive testing procedures.

The Basics of Ransomware

Ransomware attacks, like the one which struck the city government of Riviera Beach, can begin with one simple click of a dangerous link. Hackers will often launch targeted phishing scams at an organization's members via emails that are designed to look legitimate.

When a link within one of these emails is clicked, the hacker will attempt to hijack the user's local system. If successful, their next move will be to seek out other nodes on the network. Then they will deploy a piece of malware that will lock all internal users from accessing the systems.

At this point, the town or city employees will usually see a message posted on their screen demanding a ransom payment. Some forms of ransomware will actually encrypt all individual files on an operating system so that the users have no way of opening or copying them.

Ways to Defend Yourself

Cybersecurity threats should be taken seriously by all members of an organization. The first step to stopping hackers is promoting awareness of potential attacks. This can be done through regular training sessions. Additionally, an organization's IT department should evaluate the following areas immediately.

  • Security Tools: City governments should have a well-reviewed, full-featured, and updated virus scanning tool installed on the network to flag potential threats. At an organization level, firewall policies should be put in place to filter incoming traffic and only allow connections from reputable sources.
  • Web Hosting: With the eternal pressure to stick to a budget, cities often choose a web host based on the lowest price, which can lead to a disaster that far exceeds any cost savings. In a recent comparison of low cost web hosts, community-supported research group Hosting Canada tracked providers using Pingdom and found that the ostensibly "free" and discount hosts had an average uptime of only 96.54%.For reference, 99.9% is considered by the industry to be the bare minimum. Excessive downtime often correlates to older hardware and outdated software that is more easily compromised.   
  • Virtual Private Network (VPN): This one should be mandatory for any employee who works remotely or needs to connect to public wi-fi networks. A VPN encodes all data in a secure tunnel as it leaves your device and heads to the open internet. This means that if a hacker tries to intercept your web traffic, they will be unable to view the raw content. However, a VPN is not enough to stop ransomware attacks or other forms of malware. It simply provides you with an anonymous IP address to use for exchanging data.

Looking Ahead

Local governments need to maintain a robust risk management approach while preparing for potential attacks from hackers. Most security experts agree that the Riviera Beach group actually did the wrong thing by paying out the hacker ransomware. This is because there's no guarantee that the payment will result in the unlocking of all systems and data.

During a ransomware attack, an organization needs to act swiftly. When the first piece of malware is detected, the infected hardware should be immediately shut down and disconnected from the local network to limit the spread of the virus. Any affected machine should then have its hard drive wiped and restored to a previous backup from before the attack began.

Preparing for different forms of cyberattack is a critical activity within a disaster recovery plan. Every organization should have their plan defined with various team members assigned to roles and responsibilities. Cities and towns should also consider investing in penetration testing from outside groups and also explore the increasingly popular zero-trust security strategy as a way to harden the network. During a penetration test, experts explore potential gaps in your security approach and report the issues to you directly, allowing you to fix problems before hackers exploit them.

Final Thoughts

With ransomware attacks, a hacker looks to infiltrate an organization's network and hold their hardware and data files hostage until they receive a large payment. City and town government offices are becoming a common target for these instances of cybercrime due to their immature security systems and reliance on legacy software.

The only way to stop the trend of ransomware is for municipal organizations to build a reputation of having strong security defenses. This starts at the employee level, with people being trained to look for danger online and learning how to keep their own hardware and software safe.

About the author: A former defense contractor for the US Navy, Sam Bocetta turned to freelance journalism in retirement, focusing his writing on US diplomacy and national security, as well as technology trends in cyberwarfare, cyberdefense, and cryptography.

 

Copyright 2010 Respective Author at Infosec Island

via Infosec Island Latest Articles https://ift.tt/2NhaGL4
RSS Feed

If New feed item from http://www.infosecisland.com/rss.html, then send m


Unsubscribe from these notifications or sign in to manage your Email service.

Download IFTTT for iOS Download IFTTT for Android

Comments

Post a Comment

Popular posts from this blog

Evernote cuts staff as user growth stalls

Image
Note-taking app Evernote has fallen on hard times of late, culminating in its latest spate of job cuts impacting 15 percent of its workforce (54 employees). CEO Chris O' Neil -- an ex-Googler who took the reins in 2015 -- announced the firings at an all-hands meeting earlier today, reports TechCrunch . In a message on the Evernote blog , O' Neill admitted he'd set "incredibly aggressive goals" for the company in 2018. He continued: "Going forward, we are streamlining certain functions, like sales, so we can continue to speed up and scale others, like product development and engineering." The layoffs follow an exec exodus just weeks ago and the company's recent brand refresh (complete with a refined logo and wordmark). But critics are more concerned about its product, especially the free tier, which they claim lacks the perks to
Read more

The best air conditioner

Image
By Liam McCabe This post was done in partnership with Wirecutter . When readers choose to buy Wirecutter's independently chosen editorial picks, it may earn affiliate commissions that support its work. Read the full article here . After six summers of researching, testing, and recommending window air conditioners, we've learned that quiet and affordable ACs make most people the happiest—and we think the LG LW8016ER will fit the bill in most rooms. This 8,000 Btu unit cools as efficiently and effectively as any model with an equal Btu rating, and runs at a lower volume and deeper pitch than others at this price. Little extra features like a fresh-air vent, two-axis fan blades, and a removable drain plug help set it apart, too. The LG LW8016ER is a top choice for an office or den, and some people will find it quiet enough for a bedroom, too. If our main pic
Read more

We won't see a 'universal' vape oil cartridge anytime soon

Image
Pre-loaded cartridges of cannabis concentrate are currently among the most popular means of consumption, and for good reason. They're discreet to use and easy to handle, a far cry from the dark days of 2016 when we had to dribble hash oil or load wax into narrow-mouthed vape pens by hand. But, frustratingly, an ever increasing number of oil cartridge manufacturers employ one-off design standards so that their products won't work with those of their competitors, thereby locking customers into proprietary ecosystems. We've already seen this with nicotine vaporizers -- which has a seen a massive rise in "pod systems" in the last few years, each outfitted with a unique canister and battery built to be incompatible with those of their competition. Is it too late for the burgeoning cannabis industry to set a universal standard for their product designs?
Read more