Ransomware attacks straining local governments, public services

Ransomware attacks are straining local U.S. governments and public services, the FBI says in a special notification.

They are the second-highest victimized group behind academia, based on victim incident reporting to the FBI last year, it says in its notification, which was issued Wednesday.

Citing an unidentified independent research group commissioned by a United Kingdom-based company, the notification said rectifying ransomware attacks “often included financial liabilities related to operational downtime, people time, device costs, network costs, lost opportunity, and, in some cases, paid ransomware.”

The survey also found local governments were the least able to prevent encryption and to recover from backups and had the second-highest rate of paying ransomware compared with other critical infrastructure sectors.

“The FBI doesn’t encourage paying ransom,” which “does not guarantee files will be recovered,” the notification said. It said it encourages local government agencies to proactively initiate contingency planning if there is a ransomware attack that leaves systems inaccessible.

Its recommendation includes keeping all operating systems and software up-to-date; implementing user training programs and phishing exercises; requiring strong, unique password for all accounts with password logins; requiring multifactor authentication; maintaining offline data backups; ensuring all backup data is encrypted; securing and monitoring remote desktop protocols or other potentially risky services if using remote desktop protocols; protecting cloud storage by backing up to multiple locations; and if using a Linux operating system, using a Linux security module for in-depth defense.