County News

Ransomware — Both Terrible and Preventable

Cybersecurity and protecting gov't systems and info consistently the top priority for local government IT executives 

American companies, counties and cities are breathing a sigh of relief that there was minimum impact from one of the most wide-spread ransomware schemes in recent memory. WannaCry, as it was dubbed, infected hundreds of thousands of computers in more than 150 countries in mid-May.

Learn More

The Multi-State Information Sharing and Analysis Center (MS-ISAC)

Cook County hit by "Wannacry" malware attack

Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Old versions of Microsoft Windows operating systems that had not been updated were the ones at risk for this particular attack.

It would be easy to sit back and move on without using this incident as an important wake-up call. But the continuous threat of ransomware and other forms of malware exists at all times. And while 2015 was a bad year for ransomware attacks IBM reports that it increased 6,000 percent in 2016.

PTI recommends your cyber-security plan address each of the following areas 

  • Physical-Facility Security Personnel (qualifications, access, certifications)
  • Password and Account Management
  • Data Security
  • Network Security
  • Incident Response Policies
  • Communicating with the Public and Other Key Stakeholders
  • Disaster Recovery, and l Employee Awareness and Training

Most alarming is the fact that malware enters systems by someone opening an attachment or link that usually looks authentic. In the government sphere, most at risk are usually small counties and cities — including local police and hospitals.

That said: It appears that most local governments have been quite good at updating and protecting their operating systems. However, the risk is always present and the bad guys are constantly perfecting their craft. Some localities have held off updating their operating systems because of concerns that the newer systems were viewed as being incompatible with some major legacy software.

Organizations that have received ransomware threats were notified that all files will become encrypted and will be destroyed unless a payment is made —often in Bitcoins — not credit cards. This ransomware threat is also impacting personal PCs — some connected to public sector information systems. Most entities wind up paying the ransom as it often is relatively cheap compared with the time and cost of restoring systems.

But as bad as this threat is, it is highly preventable. Here’s what an IT staff can do, and keep in mind the following is generalized for county as well as personal computers:

  • Make sure that whatever operating system you have - all recommended updates are current.
  • All data must be backed up. While county IT staff do this religiously, many mobile and personal devices often get missed. A good practice is to use offline (not network connected) external drives or subscribe to the many online backup services that do this automatically.
  • Use reputable security software and of course, make sure that it is set for updates. 
  • Train all county staff on the importance of being ever so careful in opening attachments or clicking on links.
  • Encourage staff to quickly come forward when something doesn’t look right or they clicked on something they realized a moment later they should not have. Early reporting is far better than any shortsighted punishment.

Cybersecurity and protecting government systems and information consistently rank as the number 1 priority for local government IT executives.

This most recent attack shows just how vulnerable IT systems can be. And with the notoriety it has caused, WannaCry serves as a reminder that cybersecurity is no longer just for IT professionals. Being “security aware” involves everyone within the organization. This most recent scare should be viewed as an opportunity for local government officials to re-examine policies and procedures to protect government networks. When was the last time your security policies were reviewed? 


Cook County hit by "Wannacry" malware attack

Computers in Cook County, Ill., were hit May 12 by the “WannaCry” malware, a global cyberattack that took computer files in at least 150 countries hostage with ransomware. The WannaCry malware was tentatively linked to hackers in North Korea, the Associated Press and others reported.

“I can confirm that a small number of Cook County systems were impacted by the WannaCry malware attack last Friday,” said Frank Shuftan, a spokesman for Cook County Board President Toni Preckwinkle. “We initiated our standard security procedures to address the issue.”

No major county operations in Preckwinkle’s offices were impacted, he said. On Tuesday, the county was working to finish up restoring its computer systems that were hit with the malware.

There have been no reports of other U.S. counties being infected with the malware.
 

Contact the Editor

Bev Schlotterbeck
Executive Editor
(202) 942-4249
bschlott@naco.org