State and city governments are in cybercriminal crosshairs because they tick a lot of boxes. Many government divisions have been dealt with the mandate of digital transformation, but this road to increased efficiency is pockmarked by hybrid systems, a sprawling ecosystem of third-party applications, and processes that arguably privilege current productivity over lasting security.
The result? Not one day seemingly goes by without a local government falling prey to a cyberattack. The attack vector? A majority of the time, email is the Achilles heel.
Ryuk runs riot
Over the past year, the ‘Ryuk’ strain of ransomware has caused widespread havoc across state lines. Last June, the city council of Riviera Beach, Florida, voted to pay $600,000 in ransom after attackers shut down the city’s website, employee email accounts, VoIP (Voice over IP) phones, and even the local water utility division’s capacity to collect online payments. In July, La Porte County paid $130,000 after Ryuk got into their backup servers. In December, the city of New Orleans declared a state of emergency and shut down more than 4000 computers and servers in yet another Ryuk-related compromise.
Research published by Recorded Future last year found that publicly acknowledged ransomware attacks against state and local governments jumped 39% in 2018, with a total of 169 attacks going back to 2013. And while it’s easy for our eyes to snap towards the actual ransomware with Sauron-like intensity, there’s one other thing common across all these attacks: email.
The attack on Riviera Beach began when an employee in the city’s police department opened an email. Afte ..
Support the originator by clicking the read the rest link below.
