While businesses regularly deal with the operational disruptions and financial ramifications of cyber-attacks, it’s a different situation in the public sector, where state and local agencies hit by ransomware can quickly transform into a matter of public and personal safety.
A State Trooper stops a suspected stolen vehicle but is unable to look up the license plate on his device when it freezes up.
A busy 911 operator attempts to dispatch law enforcement to the scene of a home invasion, but her system stops responding before the call goes out.
Prison guards lose sight of inmates when surveillance monitors go down and automated jail cell doors deactivate, forcing the facility into lockdown.
These aren’t imaginary scenarios; they are actual cyber-attacks waged against state and local agencies. While businesses regularly deal with the operational disruptions and financial ramifications of cyber-attacks, it’s a different situation in the public sector, where state and local agencies hit by ransomware can quickly transform into a matter of public and personal safety.
Ransomware Brings Dire Consequences
Consider hospitals and health care agencies. According to a Ponemon Research Report, the burden of Covid19 strained budgets across every facet of health care and gave hackers an opportunity to exploit cyber vulnerabilities. In fact, 70 percent of surveyed organizations reported that ransomware attacks resulted in longer hospital stays and delayed testing and procedures—all of which resulted in poor outcomes, including increased patient mortality. Internet-connected devices topped the list of vulnerabilities, with more than 50 percent of connected devices used by hospitals at risk of exposing patient, safety, or confidential data—or worse, putting device usability itself at risk.
In March of 2022, the FBI issued an alert, or a Private Industry Notification, on the increasing burden of ransomware to state and local governments and public service agencies. The FBI alert emphasized the threat posed to public infrastructure and safety, noting: "Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency services, educational facilities, and other services overseen by local governments, making them attractive targets for cybercriminals.” The FBI warned that underfunded public sector organizations had understaffed and outdated systems that swayed agencies to pay ransoms simply to get their data back, which is not an FBI-recommended strategy.
The Ripple Effects of Ransomware Attacks
The effects of ransomware on law enforcement are especially significant because the police department IT systems contain sensitive personal information—from 911 call recordings to investigation case files. For example, if a law enforcement agency is breached, defense attorneys question the validity of evidence, suggesting that files have been altered or intentionally lost. Plaintiff attorneys can accuse an agency that refuses to pay hackers of intentionally causing files to be deleted because they contained incriminating information. And if the attackers successfully delete or alter data that can’t be recovered, entire cases can be dismissed, and justice denied.
Stand Up to Cyber Attacks
With public safety on the line, public service agencies, including state and local governments, health care service providers, and infrastructure providers, must take a strong stance against ransomware. The Cybersecurity and Infrastructure Security Agency (CISA) offers the following best practices you can implement to help to safeguard your agency or municipality against ransomware attacks:
Establish a cybersecurity risk management process to holistically address cyber gaps and provide cybersecurity training and awareness campaigns for all personnel.
Adopt National Incident Management System resource typing for cybersecurity assets and standardize response resources and operational principles among partner organizations.
Conduct cybersecurity vulnerability assessments to proactively identify and resolve risk.
Employ routine audits of your network activity to identify suspicious behavior.
Obtain cybersecurity insurance and identify emergency funding mechanisms to cover cyber incident costs.
Coordinate with third-party vendors to limit network access and identify cybersecurity vulnerabilities from interconnected services.
Cyber-Resilience—Your Best Defense Strategy
A critical part of any cyber-defense strategy is identifying vulnerabilities and optimizing your cybersecurity environment against attacks. Our team can help you identify vulnerabilities and defend against ransomware attacks before you face an ultimatum that may jeopardize not only your agency but the public you serve.
Contact Solutions II to learn how our Security Survey can deliver a proactive, cyber-resilient roadmap for your agency.
CISO & Security practice Leader at Solutions II
Other recent articles by Jason Norred:
Download our eBook: "Security in Everything, Operating with a Secure Mindset."