In a landscape fraught with ransomware attacks, it’s clear that ransomware protection tools are a necessity. And, as the recent articles about Wasaga Beach, the St. Louis Public Library, and the Atlanta Government have shown, it’s municipalities that are increasingly seen as a viable target for cybercriminals to go after. In fact, ransomware is becoming an imminent threat that municipalities need to address. So, what are some of the best ransomware protection tools that will make sure that your municipality doesn’t become the next target of a hacker?
That’s what this blog is all about.
Ransomware 101: An Overview
First, let’s take a look at what ransomware is, and what does it do?
Ransomware is a kind of malicious software that infects a computer and restricts the user’s access to their data by encrypting their files, locking their computer screens, or other various methods. The only way to decrypt the files or unlock the computer screen is to pay the hacker a ransom, typically in some form of cryptocurrency (like Bitcoin). In some cases, ransomware can also spread to other computers on the same network (as in the case of NotPetya or WannaCry).
There are many versions of ransomware out there. Some target and encrypt certain file types (like documents and media files), some infect other computers in the network, some use brute force attacks to try and crack a network, and some don’t encrypt your files, but instead they lock your screens so you can’t access anything.
Most Ransomware attacks happen when a hacker sends a Trojan disguised as a legitimate file. The user is then tricked into downloading or opening the file or attachment, and the ransomware infects the system. Some ransomware stays dormant in your system for several weeks or months before it activates.
Ransomware Attacks on Municipalities: In the News
The first thing you need to know is that ransomware doesn’t discriminate. It makes no difference to hackers what business sector you’re in, how big your organization is, if you’re a for-profit corporation or a nonprofit charity – money is money, and ransomware is a business that pays handsomely. But, as the introduction states, municipalities seem to be a particular target for cyberattackers, usually because they’re not as protected as corporations are.
Ransomware attacks are on the rise, and the reason for it is obvious: people will pay to decrypt their data! It is a profitable business, from a hacker’s perspective. In fact, an alarming cybercrime statistics show that the total revenue that cybercriminals were able to get out of their victims in 2017 alone equaled $1.5 trillion USD.
Municipalities need to realize that they are a part of that statistic. After their recent ransomware attack, Wasaga Beach had to pay almost $245,000 in decryption costs, consulting fees, and lost staff time. Also in April, the City of Atlanta had to spend $2.6 million USD in order to recover from a $52,000 ransomware scare that shut then down for nine days.
It’s clear by these examples that ransomware is not just an idle threat – with municipalities in the news, it’s important that municipalities, like yours, have certain ransomware protection tools in place. In the next section, we’ll talk about a few of those tools.
Ransomware Protection Tools: Protection for Your Municipality
There are a number of tools that can help protect your municipality from ransomware attacks, and, at ProServeIT, we’re familiar with several of them. Check out these three options below, and if you want to learn more, or see how these might work for you, give us a shout!
Enterprise Mobility + Security
A comprehensive Cloud solution, Microsoft Enterprise Mobility + Security (EM+S) is a comprehensive Cloud solution that can help your municipality to address the constantly-changing mobile cybersecurity landscape and protect you from ransomware attacks. EM+S safeguards your organization’s resources, especially mobile devices. It can also help track suspicious login activity, allowing you the ability to gain a deeper understanding of your user, device, or data activities. When necessary, EM+S can give you the power to change permissions, too.
Multi-factor authentication (MFA) provides a second layer of security to your Office 365 environment. With MFA, you are able to extend your municipality’s Office 365 security beyond just a password, compelling a challenge/response user authentication to take place when your employees and volunteers sign in. Authentication can be verified via a randomly generated pass code, a phone call, a smart card, or a biometric device (i.e., a thumbprint). This helps to provide your municipality with extra security features.
You can manage multi-factor authentication for your employees and volunteers from your Office 365 admin centre.
Office 365 Advanced Threat Protection
Office 365 ATP helps to protect emails, files, and Office 365 applications from any unknown malware or viruses (including ransomware), and has the capability to show you who in your organization is being targeted, which users are clicking on malicious links (so you can implement training opportunities for those users), and which messages have been blocked because they contain unknown viruses or malware.
Office 365 ATP has multiple capabilities that are designed to keep your municipality safer:
- Safe Links: Proactively protects your users from malicious hyperlinks in email messages.
- Safe Attachments: Protects your users from unknown malware or viruses within message attachments.
- Spoof Intelligence: Detects senders who are spoofing your domain by pretending to be someone in your organization.
- Quarantine: Helps detect and block files that are identified as malicious in team sites and document libraries, like SharePoint, OneDrive, or Microsoft Teams.
- Anti-Phishing Capabilities: Machine learning capabilities checks all your incoming messages for indication that it could be a phishing attempt, and flags those that seem harmful.
Best of all, Office 365 is available as an add-on to many of the Exchange and Office 365 subscription plans for just $2.40 CAD/user/month.
Don’t Be Another Ransomware Statistic – Secure Your Municipality Today!
The bottom line is that the threat to municipalities, just like yours, are real and imminent, and you need to take action now before you end up in the news as another statistic. Using the tools that we’ve talked about in this blog is a good start, but it’s only a small portion of the holistic cybersecurity landscape that you should be taking part in.
At ProServeIT, we have experts who can help you develop a comprehensive cybersecurity strategy. Are you prepared to face potential cybersecurity incidents that might arise? Start with our Cybersecurity 101 Assessment, where you’ll learn all about the first steps that you can take in protecting your municipality from cyberattacks. Want to protect and secure your devices to make sure your municipal data stays safe? Check out our Mobile Security Jumpstart for Municipalities and let us analyze your system and deploy the necessary security tools, like Enterprise Mobility + Security, ATP, and Multi-Factor Authentication, to quickly and effectively eliminate the ability for cyberattackers to pose a threat to your municipality. Need more help? Contact us today and we’ll get you started!