Ransomware in the Public Sector – Prevention
On May 7th, Baltimore City made the stark realization that they had become the victims of ransomware. City officials have told the public that it could take months of work to get all of their systems online. Many professionals in the field of cybersecurity believe that the attack was not targeting Baltimore specifically. This may bring comfort to some people but when you work in the field like I do, it worries me.
Governmental agencies do not have the best reputation for quickly adapting to the world in which we live. Technology evolves rapidly. That is why it is crucial for the public sector to find a way to address new vulnerabilities in a time sensitive manner. Baltimore City was not prepared for this attack and they are paying for it. What happens if a local municipality suffers the same fate?
I will be writing a series of blogs dedicated to ransomware. My aim is to design a checklist that town and city managers can look over to quickly assess the security of their network infrastructure. If you are a town or city manager of a small municipality I encourage you to follow these posts and make sure you are performing your due diligence.
This post is dedicated to Prevention.
System Updates
We all know that Windows updates can be annoying and for this reason many people put them off. This is a critical mistake. Many updates include security fixes that patch system vulnerabilities. That is why it is crucial to avoid putting these updates off. It is true that some updates can be time consuming. If this is an issue we recommend performing them at the end of the data and scheduling a reboot for after hours.
Antivirus Software
It should be common knowledge by now that having a proper antivirus program installed on your systems in essential to preventing malware infections of any type. It is also just as important to make sure your antivirus programs are up to date. The updates for antivirus software contain new definitions that help prevent the latest malware from compromising your system. It is also very important to understand that you get what you pay for. While there are many free antivirus programs available, we highly recommend purchasing enterprise grade antivirus software.
Security Awareness Training
You can invest a large sum of money into various countermeasures that can help reduce your risk of becoming a victim of a malware infection. Even the most complex and high-tech systems can become useless if one of your employees hand over the keys to the castle. That is why security awareness training is a critical.
The primary way that ransomware infects systems is through phishing attacks. You may be very familiar with this type of attack. The attacker attempts to get you to click on a link within an email or on a website. An unknowing employee clicks on the link and before they know it they have downloaded malicious code into their computer.
This is just one type of social engineering attack. There are many more and they are highly successful. That is why it is important to put your staff through security awareness training so they can better spot these types of scams. There is training that can be obtained online and there are even some companies that will send an instructor to your location to teach a class.
This type of training should be done routinely as new threats are constantly making their debut.
Here is a quick recap of what I went over in this post and a checklist for you to use:
- Do you consistently update your computers?
- Do you update your network devices?
- Routers
- Switches
- Servers
- Access Points
- Do you currently have enterprise level antivirus software installed on your computers? Are the subscriptions current and the antivirus up to date?
- Do you provide the employees within your organization with security awareness training?
If you need more information on how to perform the tasks listed in this post I highly recommend contacting a professional. If you do not feel like you have the time to make sure these tasks are completed routinely, hire a professional to do it for you. The best way to recover from a ransomware attack is to prevent one from happening in the first place.
Thanks for reading.