According to a recent AP news report, The Department of Homeland Security and the FBI are working with nearly two dozen cities in central Texas to find the perpetrators of a ransomware attack that shut down computers, halted utility bill payment systems, and stopped payroll, in some cases for days or weeks, effectively shutting down several municipal services.
Cyber-attacks are varied, but often begin when an employee clicks on an innocent-looking, yet malicious email link or attachment. Once the bait is taken, hackers can quickly encrypt files stored on a computer or even an entire network until a ransom payment is made. And the ransom payment increases each day, which creates a sense of urgency to either pay the ransom or restore from backup – if a backup is available.
In Keene, a community of 6,000 people southwest of Dallas, the computers of roughly 50 employees locked up and prevented credit card payments, officials said.
Most cities prefer not to be named. Yet cities of all sizes have been targeted in recent years, including New Jersey, Atlanta, Baltimore and Savannah.
After a 2018 malware attack, the city of Savannah had to shut down traffic court for weeks. City permits were delayed, and emergency dispatch services were impacted.
Hackers tried to extort $76,000 in bitcoin from the city of Baltimore, who refused payment. Federal prosecutors indicted two Iranian men for ransomware attacks that netted $6 million from local governments and companies and the cost was estimated at over $30 million to repair the damage.
Some governments are purchasing cyber-security insurance to protect from this type of catastrophic damage. But this is not a panacea. Insurers require government agencies purchasing cyber-security insurance to take steps to protect their computer networks. This includes conducting regular backups, installing security patches and updates, maintaining and monitoring a strong firewall, and training employees on the risks of clicking unknown links. Organizations that fail to take these steps risk a denied claim after an attack
3Nines Can Help Protect from Cyberattacks and Ransomware
As hacking attacks become more sophisticated, the steps needed to protect your computers, servers and valuable data becomes increasingly more difficult. There is no one single solution that can stop ransomware. It takes a layered approach to security to stop and if needed mitigate the damage from these unwanted intrusions.
3Nines Technologies provides a 4-layered approach to security for local government agencies:
- Firewall security
The first line of defense for any organization starts with a properly installed, configured and monitored firewall system. A firewall sits between your private network and the public internet, where it blocks and filters unwanted traffic. 3Nines technical operations center monitors your firewall for unusual traffic, can reprogram and update your firewall to stop new threats, and build secure encrypted connections to remote offices and users traveling with a laptop or working from home. Our staff are experts at threat monitoring and firewall management so you can focus on your business rather than worry about the latest security threat.
- Managed Anti-virus software
The second line of defense is an artificial-intelligence based anti-virus software from SentinelOne that runs on each computer. This advanced AI-based anti-malware software detects intrusions based on behavior rather than anti-virus signatures. This means it can detect malware well before other signature-based anti-virus tools who require knowledge of the virus before stopping it.
Our Network Operations Center monitors the software and if an intrusion happens, the system will lock the computer from the network and notify our NOC of a problem so we can immediately take remedial action. You don’t want to depend on employee’s upgrading their own anti-virus software.
- Operating System patches and updates
Gone are the days of running the same operating system for years on end. With the constant changes in software and evolving cyber-security threats, your desktop and server computers must be kept up-to-date with the latest security patches. 3Nines can manage and monitor this process and ensure your systems are kept up-to-date and protected. We can provide management reports showing when patches were rolled out and if any computers were not updated in a timely basis.
- System backup and recovery
The final protection against ransomware is a good system backup. Sometimes even the best security protection can be compromised, and this is when you need good backups of your valuable data. 3Nines not only helps you set up your server and desktop backups, we monitor them daily to make sure they are valid and restorable. If there is a problem with any of your backups, we can remote into your system and repair the problem or notify you of a problem. This way you have system backup that works, has been tested and is regularly monitored for problems.