Kidnapping computer’s and system’s data; latest hacker gig

County computers, systems, personnel are vulnerable to ransomware; NACo offers resources to help

A few years ago, the word ransomware was not in existence. Today, however, the term is becoming quite common in the computing world, as computer users find out about it in very unpleasant ways.

The Department of Homeland Security defines ransomware is a type of malicious software, or malware, designed to block access to a computer system until a ransom is paid. Ransomware is typically spread through phishing emails or by unknowingly visiting an infected website.

This kind of crime is growing very quickly because it is easy and it pays. Like many private individuals, organizations and businesses, counties are finding themselves victimized, and just like other victims, some counties are reluctantly paying the ransoms to free their systems from the disabling crypto-locks applied by the invading ransomware.

On June 9, the Nightly News on NBC4i TV in Cincinnati reported that a Morrow County, Ohio computer being used by a government official fell victim to one of these crimes, rendering the computer unusable.  A phone number appeared on the computer screen with instructions to call in in order to restore the computer to usability.

Luckily, the ransom was only $200, which was quickly paid by the official, and the computer was soon restored to its original condition.

The FBI, one of the main agencies fighting to stop cybercrimes such as ransomware, recommends that these incidents be reported to them. It, like other law enforcement agencies, strongly advises against paying the ransom since success tends to perpetuate the crimes. Ironically though, law enforcement agencies are not immune from attack and demands for ransom.

On an April 26 NBC News report, Lincoln County, Maine Sheriff Todd Brackett said, “We are cops, we don’t pay ransoms,” but pay they did, as they found themselves unable to function when their computers were rendered inoperative due to ransomware.

Many other police departments are finding themselves in similar conundrums. Their principles demand these payments not be made, however, their need to have access to their data to effectively protect and serve their counties, compels them to violate those principles and pay the ransoms.

And they’re not alone in disregarding their own advice. Other ransomware victims, including counties, find it more expedient and cost effective to simply pay up. The damage to their reputation and the public’s trust, plus the cost to restore their systems, overrides any principled stance against the perpetrators. Until that changes, ransomware criminals are likely to continue in their success.

Ralph Johnson, the chief information security officer for King County, Wash., is a long-time cybersecurity trainer for local technology professionals. He advises that the most effective way to protect one’s county from this kind of crime is by being prepared and following basic best practices.

It is very important to keep all systems up to date and have regular reliable backups. Patching — keeping systems software up to date — minimizes vulnerabilities that crypto-malware can exploit, and an effective backup strategy allows the organization to restore files in the event that an organization is impacted in this manner. Backup files must also be stored in a location that is logically separated from the main system so that it does not fall victim to the same ransomware’s crypto lock.

For several years, cyber professionals have been advocating for intense and regular training for all computer users in cybersecurity awareness. Though much can be done with firewalls, antispam, anti-phishing and other sophisticated defensive systems, the best cyber protection is always the well-informed user.

This will remain true, Johnson said, as long as human nature leads humans to click on dangerous links and visit dangerous websites. Many organizations are heeding that advice in order to protect their users and their organizations from these kinds of malware and other dangers.

---

Cybersecurity Awareness Month Events

This month, NACo and the Department of Homeland Security (DHS) are recognizing National Cybersecurity Awareness Month to spotlight the challenges and solutions for county governments in addressing cybersecurity.

Over the course of the month, join us for a variety of events highlighting how counties and individuals are enhancing cybersecurity.

Oct. 3

Oct. 3 Edition: County News Exclusive —Cybersecurity at the Local Level: How Congress is Trying to Help

On March 10, Sen. Gary Peters (D-Mich.) introduced the State and Local Cyber Protection Act of 2016 (S. 2665), which would direct the Department of Homeland Security to provide training and resources to both state and local governments. Learn how these changes could bring assistance to you community

Oct. 5

Webinar: Cyber Readiness: Going Beyond “Awareness” and Building a Culture of Security | 1 p.m. – 2 p.m. EDT

This webinar, presented by Symantec, will discus building a strong culture of security and ensuring users do the right thing when it comes to security.

Oct. 13

Facebook Live Conversation: Cyber Hygiene for County Employees

3 p.m. EDT

This conversation will feature Michael Dent, Fairfax County, Va. CISO and a DHS representative in a live interview moderated by Jake Williams of StateScoop. They will be responding to live Facebook questions and comments. Follow NACo on Facebook to watch the event.

Oct. 20

Webinar: Online Extortion, Ransomware and other Cybercrimes: How to Protect Yourself and Your County | 2 p.m. – 3:15 p.m. EDT

Cybercrime is becoming more prevalent in today’s computing environment, mainly because more and more, this crime pays. With growing sophistication, internet criminals are luring users into clicking on nefarious links, which expose them to malware. They’ve developed systems to monetize their dark activities by holding individual and organizational systems hostage to financial demands. Victims of these and other common cybercrimes suffer financial loss and often loss of data. Join us for an informative session on how to protect yourself and your county from being their next victim.

Every Thursday in October

Twitter chat hosted by Department of Homeland Security, focusing on the month’s theme, Stop.Think.Connect, DHS will also be hosting weekly Twitter chats each Thursday using #ChatSTC.

Every Week

NACo Blog post on the critical issues and challenges counties face in cybersecurity.

NACo County News and guest writers will publish a blog post every week on the most interesting cybersecurity issues facing county governments.