10 Steps Florida Government Can Take to Combat Ransomware Attacks

Cybersecurity experts predicted 2019 would be a record-setting year for ransomware attacks, stressing the importance of being prepared. In early October the FBI issued a high-impact cyber-attack warning to U.S. businesses and public sector agencies, noting three common attack techniques:

• Email phishing campaigns,
• Remote desktop protocol vulnerabilities
• Software vulnerabilities

By the end of 2021, global ransomware damage costs are predicted to reach $20 billion with an attack happening every 11 seconds, according to Cybersecurity Ventures

How can agencies practice good security hygiene?

One of the simpler preventative measures an agency can take is to assign dates to data and system backups in case they need to restore compromised systems with the most current information. While fully restoring systems may take months, New Bedford, Massachusetts is a great example of city officials deciding not to pay their $5.3 million ransom (the largest demand recorded to date), and instead rebuilding their systems from restored backups.

Even those who do pay the ransom are not guaranteed that their systems will be accessible or usable afterward. There is no one solution or product that’s going to make a city’s infrastructure 100% impenetrable. It’s about having a multi-layered approach in place to reduce the number of attacks that occur and lessen their impact.

10 steps government agencies can take today to strengthen security resilience:

1. Train your employees to recognize and report phishing attempts when they occur.
   • You may even want to correlate the results of security awareness training with levels of employee access.
2. Improve your email filters to recognize spoofed addresses and links to blacklisted sites.
   • Network security technologies that should be implemented include email and web security, malware protection, user behavior monitoring, and access control.
3. Use embedded browser security that can recognize phishing sites.
   • We recommend upping your security and firewall protocols.
4. Enforce multi-factor authentication.
   • This is especially important when you have a large contingency of remote workers or guests requesting access to your network or into your data.
5. Conduct regular penetration tests.
   • We recommend every six months to help keep your patching and vulnerability management programs accountable.
6. Apply security patches when they are released.
   • Security patch releases are a significant source for hackers to compromise those who have not yet applied the security update.
7. Secure your user and user devices.
   • Making the right investments in endpoint security to stop the malware at the point of entry is critical. 
8. Avoid traditional backup techniques.
   • Backup strategies must now take full site restores into consideration, and traditional methods can take days to restore this amount of data. 
9. Invest in cyber insurance.
   • With cyber insurance rates still being very reasonable, it could be your best bet for an expedient ransom payout should you have the need. 
10. Find a trusted partner with internal skills and experience to build a unified front against threat
    • R2 Unified Technologies has been partnering with public sector agencies for more than a decade to build, secure, and manage local government IT infrastructures. We believe that micro-segmentation is the first line of security and administrators should aggressively segment their internal networks to restrict even legitimate users and authenticate them at every opportunity. Solutions like DNA, SDA, and ACI which utilize machine learning, behavior modeling, and automation lead to a smarter, more resilient network allowing agencies to detect and respond to advanced threats faster.

We know that skilled hackers can enter your building’s HVAC unit before they walk through your front door. How to unify and secure both the wireless and wired infrastructure is the forefront of every conversation we’re having with public sector IT professionals today.

Don’t leave a back door open to your city’s cyber network. Schedule a Security Vulnerability Review with R2. We’ll have an old fashion conversation about everything from your current policies, preventative measures, and employee training practices and build recommendations for reinforcing your environment, physically and virtually. Unfortunately, we are at a point where the stakes are that high—it’s prepare now, or pay later.