https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Events
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • Magazine
    • Back
    • Digital Editions
    • Reprints & Reuse
    • Advertise
  • About Us
    • Back
    • About Us
    • Contact Us
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
  • Resources
    • Back
    • Webinars
    • White Papers
    • Events
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • Magazine
    • Back
    • Digital Editions
    • Reprints & Reuse
    • Subscribe to GovPro
    • Manage GovPro Subscription
    • Advertise
  • About Us
    • Back
    • About Us
    • Contact Us
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
acc.com

Commentaries


Image via Unsplash

Article

Responding to ransomware: Questions government business and tech leaders should ask

Responding to ransomware: Questions government business and tech leaders should ask

Answering the following questions can provide insights into how governments, large and small, can protect themselves from insidious ransomware attacks
  • Written by Doug Powers
  • 7th December 2020

When confronted with ransomware attacks that hold government data hostage, public leaders are forced to decide between paying the ransom or being without government services until they can be restored or rebuilt. At a time when COVID-19 requires a government of any size to function at the highest level, ransomware can bring public services related to utilities, law enforcement, and emergency response to a jarring halt.

Though it’s hard to say which city or town might be next, it’s nearly certain that ransomware attacks will continue to target governments around the country. Answering the following questions can provide insights into how governments, large and small, can protect themselves from these insidious attacks.

Questions for government business leaders

Are we prepared?

The first question for senior government leaders is whether you are prepared. Reverse planning can help answer this question. For example, in the event of a ransomware attack, which systems can the city not function without, and are those sufficiently protected? More than physical IT systems, being prepared is also about people. Do you have the right talent in place to thwart a ransomware attack or respond appropriately in the event of one? Do all government employees have the right training to avoid letting ransomware in?

Having an IT recovery back-up system and routinely testing it to confirm it works is also essential. Cyber wargaming exercises have become commonplace within the federal government and the commercial sector. State governments would do well to embrace these leading practices.

If attacked, can we recover, and if so, how long will it take?

The pervasiveness of ransomware attacks is often due to the increasing number of attack surfaces. Every city computer, connected police car, and employee email account are all possible access points through which ransomware can enter. So, while being prepared can potentially stave off and lessen the severity of attacks, there are simply too many entry points to assume confidently that a ransomware attack won’t make its way into a city or town’s network. This makes knowing if and how recovery occurs imperative. Understanding recovery means knowing the likelihood of success and the options available for the best chance of successfully regaining access to encrypted systems and files. It means knowing what systems the city can go without and for how long so that leaders can communicate the effective recovery to stakeholders and citizens. It also means having a decision-making process in place to evaluate whether to pay the ransom.

How do I secure funding for cyber resiliency?

Ensuring the municipality’s systems are properly resilient requires funding: training for staff, back up and security measures that need to be assessed and implemented, cyber insurance, and potentially new systems or support services. One helpful step to securing funding is to ensure budget leaders are properly educated on the risks and challenges of ransomware. Do they know how pervasive it is or how costly it can be to clean up? Partnerships with neighboring counties, cities, or at the state level can also help. While any city or town will have to budget, it’s imperative that the case is made for securing the IT systems necessary for the government to function and provide services.

These three simple questions can be difference makers for protecting governments against ransomware, but they aren’t the only questions that should be asked. Government technology leaders also have questions to ask.


Questions for government technology leaders

Do I know our network?

But really, do you know your network? Do you have a catalog of all endpoints or understand where vulnerabilities exist and why? Do you know which systems are critical, like those for emergency response, or where information is stored and where it is backed up? Do you have the right skills within your team to perform updates and administrative tasks? Knowing your network can keep IT leaders informed of their IT needs; it’s also necessary for answering the next question.

Am I confident of restoring systems from secure backup?

What may seem like a straightforward question may be less so when examined in detail. A city or town has several necessary servers, software tools, back-ups, and other IT systems, all of which may have unique requirements for protection. For example, how you protect and service an air-gapped system backup server is likely different than how you protect other IT systems. Knowing how each system needs to be defended and why is a critical second step. Deciding how to allocate limited resources depends on an honest appraisal of what is required to be confident in your ability to restore from backup.

Do I understand how to respond after an attack?

Firefighters have preplanned responses that manifest as muscle memory in the event of an emergency call. While IT admins may not have sirens to indicate they are responding, their response to a ransomware attack should be muscle memory, nonetheless. Understanding what steps to take quickly can have major implications for how bad a ransomware attack becomes; but in some cases, government leaders don’t have plans in place. The ones that do are often outdated or not specific enough, and they aren’t exercised frequently to create muscle memory.  Setting a plan in place to inform IT leaders and government employees at all levels — and routinely rehearsing it — is necessary to achieve success.

Answering these questions can seem like an academic exercise, but being unable to answer them can put a government at risk. When ransomware strikes, unprepared leaders may feel no other alternative but to pay the ransom, which not only doesn’t guarantee a return of encrypted systems, but our research indicates that it may in fact fuel further ransomware attacks. The only way to break the cycle of ransomware is for governments to be prepared.

 

Doug Powers is a managing director in Deloitte & Touche LLP’s Cyber Risk practice specializing in providing managed security services to help clients protect and defend their Internet of Things (IoT) and operational technology (OT) ecosystems. Contact him at dpowers@deloitte.com.

Tags: homepage-featured-3 homepage-featured-4 Smart Cities & Technology Commentaries Article

Related


  • Florida county announces successful test of Motorola Solutions’ cloud-based P25 core technology
    A Florida county recently announced the completion of a successful test of Motorola Solutions’ CirrusCentral Core, the cloud-based secondary core for ASTRO 25 P25 systems that is designed to provide redundant reliability to the land-mobile-radio (LMR) network without the costs associated with a physical secondary core site. In Sumter County, Fla., the absence of a […]
  • Person working on laptop computer
    Embracing digital within local government in 2021
    While COVID-19 has brought on a litany of challenges, it has also shown government leaders the need to employ the right digital solutions for their constituents
  • FirstNet Authority releases new details about impact of Nashville explosion on broadband system
    Public-safety subscribers to FirstNet responding to the Dec. 25 massive explosion near the AT&T network hub in Nashville experienced a four-hour outage when some services were not rerouted prior to deployable cell sites becoming operational at the scene, according to a FirstNet Authority blog. Released Friday evening, the FirstNet Authority blog reiterated several facts previously […]
  • In challenging year, working with public safety to move FirstNet forward
    It has been a challenging year for the nation, especially for the first responders who are on the front lines of wildfires, hurricanes, and the COVID-19 pandemic. During this historic year, the First Responder Network Authority (FirstNet Authority) remained committed as ever to helping first responders save lives and protect communities. As part of our […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Modernizing state and local IT to meet new demands and drive long-term financial efficiency
  • Despite budget squeeze, state and local governments must shore up cyber posture
  • Breaking barriers in local government tech innovation
  • Facing the controversy of facial recognition technology

Twitter


AmerCityCounty

The latest episode The Young Leaders Podcast focuses on Cyril Jefferson. Cyril is the youngest African American to… twitter.com/i/web/status/1…

27th October 2020
AmerCityCounty

Hillsboro, Oregon is pioneering a new #renewableenergy generation technology through a partnership with… twitter.com/i/web/status/1…

27th October 2020
AmerCityCounty

The impact of the #COVID19 pandemic on #telework was swift and profound. Now, the big question is whether – and to… twitter.com/i/web/status/1…

26th October 2020
AmerCityCounty

Get ready for the can't-miss webinar on how to kickstart your efficiency improvement plan with Luke Anderson of… twitter.com/i/web/status/1…

26th October 2020
AmerCityCounty

Among all states headed into the 2020 general election, which ones have voting populations that are the most demogr… twitter.com/i/web/status/1…

26th October 2020
AmerCityCounty

We want to hear from you! Share your thoughts in our readership survey to help us shape future content so that we c… twitter.com/i/web/status/1…

23rd October 2020
AmerCityCounty

See how cities different approaches to distribute masks in their communities >> spr.ly/6010GAPLa

23rd October 2020
AmerCityCounty

While #facialrecognition is a powerful tool that can improve law enforcement efficiency, that doesn’t necessarily t… twitter.com/i/web/status/1…

23rd October 2020

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X