Ransomware attacks strain local governments and utilities

Ransomware attacks are straining US local governments and public services, the FBI says in a special notification.

They are the second most victimized group behind academia, based on victim incident reports to the FBI last year, it said in its notification released Wednesday.

Citing an unidentified independent research group commissioned by a UK-based company, the notification says remediation of ransomware attacks “often included financial liabilities related to operational downtime, people’s time, devices, network costs, lost opportunities, and in some cases paid ransomware.

The survey also found that local governments were the least able to prevent encryption and recover backups and had the second highest rate of ransomware payouts compared to other critical infrastructure sectors.

“The FBI does not encourage ransom payment,” which “does not guarantee that files will be recovered,” the notification reads. He said he encourages local government agencies to proactively initiate contingency planning in the event of a ransomware attack that renders systems inaccessible.

Its recommendation includes updating all operating systems and software; implement user training programs and phishing exercises; require a strong, unique password for all accounts with password logins; require multi-factor authentication; maintain offline data backups; ensure that all backup data is encrypted; securing and monitoring remote desktop protocols or other potentially risky services if you use remote desktop protocols; protect cloud storage by backing up to multiple locations; and if you are using a Linux operating system, use a Linux security module for defense in depth.