Ransomware continues to plague cities and their critical infrastructure, which is a shame because ransomware attacks are some of the easiest cyber attacks to defend from.  Many corporate and government level cybersecurity campaigns begin with phishing and ransomware awareness campaigns that significantly reduce the level of clicks on malware-laden phishing emails, and their more targeted cousins, spear-phishing or whaling attacks, that are specifically directed at people in governments and corporations with high-level security clearance, access to data, or high level administrative privileges in their respective organizations.  Both large cities and small communities have recently been targets for ransomware attacks, which are amounted by a wide range of cybersecurity threat groups, from small criminal gangs to larger, state sponsored groups with significant resources known as Advanced Persistent Threats (APT).

Ransomware attacks lock up computers and networks at all levels of infrastructure, from water treatment plants to networks of computers in government offices. They paralyze utility billing and payment systems, government administrative functions, transportation applications, and building automation networks. If the local government or utility refuses to pay, the run the risk of having their data permanently destroyed or exposed in the public domain.

The Cost of Ransomware to Cities and Infrastructure

What’s even more frustrating is the cost of ransomware. For small communities, the cost can be enough to drain the fiscal budget. Small communities also tend to outsource IT functions to third party providers that may or may not practice good cybersecurity. In 2019, a ransomware attack occured simultaneously in 23 predominantly rural communities at an estimated ransom of $2.5 million. The 2018 Atlanta ransomware attack is estimated to have cost anywhere from $17 to $19 million, but no final figures are available.

COVID-19 Creates a Wave of Ransomware Attacks

The arrival of COVID-19 has created a new and more intense wave of ransomware attacks as workers become increasingly vulnerable through remote work, thinly stretched resources, and by preying on people’s fear and paranoia about COVID-19. The latest cities to be hit include Knoxville, TN in June at an undisclosed cost. The cities of Torrance, CA and Florence, AL were also hit.

Preventing Ransomware Attacks

Obviously, having the right antivirus and endpoint protection solutions is a key step toward preventing ransomware attacks, but as I’ve seen in many end user presentations, implementing anti-phishing campaigns to raise awareness and get employees to avoid clicking that suspicious link in an email is one of the most effective ways to avoid getting snared in a ransomware attack. End users also need to vet their third parties to ensure that they are following good cybersecurity policy and that their outsourced IT infrastructure doesn’t present a risk.

Categories: Cybersecurity, Outsourcing, Remote Workers, Uncategorized