Every day that you turn on the news, there is another story or article about a Ransomware attack that has taken place. Most recently, these stories are focused around healthcare organizations where significant ransoms have been demanded. What we haven't heard much about, but is just as significant, is the threat that Ransomware poses to Government Agencies. From local municipalities to state agencies to federal government agencies, none of these are immune from Ransomware attacks. Before we dig into the details, lets give an overview of what Ransomware is, what the goals are, and how to handle these instances.
Ransomware is a specific form of Malware that installs code on your computer and encrypts any files that are on that specific machine. When that machine connects to a network, the Ransomware can spread throughout the network to other machines. These other machines can be servers that contain billing/payment/client information that can make it hard for you to do business. Ransomware can also spread to your backup, especially if it is stored locally and not offsite which would make your recovery efforts more difficult. Once these files become encrypted, the organization that created or distributed the Ransomware demands a payment, usually in BitCoins, to unencrypt your data. These payments can range from several hundred dollars all the way up to millions of dollars, depending on the size of the organization.
When hackers install Malware on machines and systems, the goal is usually to steal some form of sensitive information from the company they are targeting. That is not the goal of Ransomware. The goal of Ransomware is to "lock up" your information, demand you pay for the key to get access to your data (the ransom), and then move on to the next company. Ransomware is a numbers game, pure and simple, designed to make quick money through the ransom payments.
Ransomware is a numbers game. I know that I already said that but it is true. The faster they can send these emails and create these malicious links, the more cash they can make. In the second 1/2 of 2014, 29 different Federal Agencies saw 321 Ransomware targets. Unfortunately the Federal Government will not discuss if those attacks were successful or not, but, 321 targets is a large number. This has to beg the question: Why are Government Agencies a great target for Ransomware through Phishing Emails? There are a variety of reasons that this takes place, some of which include:
The Ransomware risk isn't going anywhere. In fact, it is becoming more and more prevalent on what feels like a daily basis.
This is the next obvious question. Ransomware and Phishing Emails are our there, what can we as an organization do to protect ourselves, especially if we are a Government Agency. Here are some steps to take:
Ransomware is out there and is more prevalent than ever before. With Government Agencies being a prime target for these hackers, we will see more stories come out about these types of attacks in the coming months. Check out the infographic below for some tips to protect your self from Ransomware. Download it. Print it. Hand it out. Train your staff.