Comment
How government entities can combat cyber threats
By David Canellos
Aug 06, 2019
It's no secret that all organizations must be on high alert for cyberthreats. But attacks on government agencies have been particularly relentless, resulting in 99 government and military data breaches in 2018 in the U.S. alone. In May, Baltimore was attacked by unknown actors -- city email service was shut down, online payment processing ground to a halt and real-estate transactions could not be recorded. The hackers demanded 13 bitcoins, an estimated $100,000.
Government agencies, especially on the local, municipal and state level, have limited resources. Cybersecurity functions are underfunded and understaffed, with staffing at one-sixth the level of similar-sized financial service organizations. For this reason and others, these entities are perceived as easy targets that offer a wealth of sensitive and private data that malicious actors can sell or hold for ransom.
How should government agencies respond to a cyberattack?
So, when hit by ransomware, should agencies hand over the money, or fight to re-establish control of what is rightfully theirs?
Unfortunately, there is no right answer, and government organizations often receive conflicting advice. Law enforcement officials maintain that ransoms generally shouldn't be paid, since payment encourages me-too attacks. Security consultants, charged with helping clients reclaim control of their systems and data, often recommend payment as the fastest, least expensive way to get systems back up and running.
Even if victims opt to pay ransom, there are no guarantees that agencies will be able to re ..
Support the originator by clicking the read the rest link below.
