Responding to ransomware: Questions government, business and tech leaders should ask
When confronted with ransomware attacks that hold government data hostage, public leaders are forced to decide between paying the ransom or being without government services until they can be restored or rebuilt. At a time when COVID-19 requires a government of any size to function at the highest level, ransomware can bring public services related to utilities, law enforcement, and emergency response to a jarring halt.
Though it’s hard to say which city or town might be next, it’s nearly certain that ransomware attacks will continue to target governments around the country. Answering the following questions can provide insights into how governments, large and small, can protect themselves from these insidious attacks.
Questions for government business leaders
Are we prepared?
The first question for senior government leaders is whether you are prepared. Reverse planning can help answer this question. For example, in the event of a ransomware attack, which systems can the city not function without, and are those sufficiently protected? More than physical IT systems, being prepared is also about people. Do you have the right talent in place to thwart a ransomware attack or respond appropriately in the event of one? Do all government employees have the right training to avoid letting ransomware in?
Having an IT recovery back-up system and routinely testing it to confirm it works is also essential. Cyber wargaming exercises have become commonplace within the federal government and the commercial sector. State governments would do well to embrace these leading practices.
If attacked, can we recover, and if so, how long will it take?
The pervasiveness of ransomware attacks is often due to the increasing number of attack surfaces. Every city computer, connected police car, and employee email account are all possible access points through which ransomware can enter. So, while being prepared can potentially stave off and lessen the severity of attacks, there are simply too many entry points to assume confidently that a ransomware attack won’t make its way into a city or town’s network. This makes knowing if and how recovery occurs imperative.
To read the complete article, visit American City & County.