What is ransomware, and why should I care?
Ransomware is a kind of malicious software (malware) that criminals use to deny access to data or computer systems until a ransom is paid.
You should care because cities are a major target for ransomware attacks, and cities also happen to be the level of government people interact with most, and that impact our day-to-day lives. If cities suffer, so do individuals.
Why are hackers targeting cities?
Municipalities are enticing for a few reasons: their IT departments are small to non-existent; their employees usually aren’t trained in avoiding phishing emails and other common avenues for attacks; they don’t have the resources that higher levels of government do to prevent and combat attacks; and because many of their systems are so specialized — such as parking and payroll — patching and keeping software up-to-date is seen as more hassle than it’s worth.
Is online extortion rare?
Short answer: No! Stratford, ON is just the latest in a string of small Canadian cities forced to pay hefty ransoms (we’re talking hundreds of thousands of dollars) to criminals who hold important public data hostage. On April 14, part of Stratford’s server system was hijacked, locking out some municipal employees. The police chief confirmed it was a ransomware attack, and the hackers wanted to be paid in bitcoin.
Stratford Mayor Dan Mathieson said it’s a common occurrence, and that if mayors across the country don’t band together to deal with the ransomware problem, more communities could be hit.
What will it take for cities to ramp up their security?
Cities who fall victim tend to point the finger at other levels of government or talk about their lack of resourcing without taking any real action. It makes sense that cities are overwhelmed — these attackers are international and organized, and police or RCMP often don’t have the time or resources to help.
Unless there’s a disruption in essential services like sewage, water and power, it’s going to be tough for these towns to take the problem seriously.
What can cities do about it?
Municipalities can be proactive about their cybersecurity by:
1) Using standard security controls such as antivirus, firewalls and good digital identity controls such as two-factor authentication — but being aware that these can’t catch all sophisticated attacks.
2) Teaching people what a cyberattack looks like and how to report it. Beauceron works with municipalities around the world, and security education has a dramatic impact. With proper training, we’ve seen the rate of clicking on links in phishing emails drop from as high as 34% to as low as 5%.
3) Building resiliency — many organizations under-invest in IT and neglect cyberattack “fire drills,” leaving themselves wide open to hacking. Cities should be strengthening their IT teams and prepping for worst-case scenarios by practising cyber incident response plans.
It’s open season on municipalities, but together we can protect ourselves against ransomware attacks!
To figure out how your team/organization can reduce cyber risk, reach out to the Beauceron Security Team @ firstname.lastname@example.org or 1-877-516-9245.