Small, local governments have become the target of choice for ransomware, according to a study cited by TechRepublic. Over the past 12 months, 45% of global ransomware attacks targeted local governments and municipalities. Further, the study found that 41% of ransomware attacks were combined with data breaches, indicating a rise in double extortion, a technique where cybercriminals steal data in addition to encrypting networks. The cybercriminal then threatens to publicly release or sell the data if the ransom is not paid.
Why are local & municipal governments being targeted?
Cybercriminals’ focus on local and municipal governments for ransomware is part of a larger trend of targeting small and medium-sized businesses (SMBs) in lieu of large enterprises. Small government agencies have a lot in common with private-sector SMBs, including:
- Very small or no cybersecurity budget. According to the National Association of State Chief Information Officers (NASCIO), nearly half of all U.S. states have no dedicated cybersecurity budget. In most states that do have one, cybersecurity represents 3% or less of their total budget.
- Inadequate IT staffing levels and a lack of in-house security expertise. Just like SMBs, small governments and municipalities struggle to attract and retain both general IT and cybersecurity talent. Qualified workers are scant, and large enterprises can offer them much higher salaries and additional perks.
- Rapidly growing attack surface. As local governments implement cloud computing and offer more services through digital channels, cybercriminals have more avenues through which to compromise networks.
- Inability to absorb considerable downtime. On average, a ransomware attack results in nearly 10 days of downtime. That’s a big financial hit for any organization to take, but government agencies have an additional burden. Their systems impact the health, welfare, and even the lives of local citizens, incentivizing them to pay the ransom as soon as possible.
Password security helps prevent ransomware infections
Most ransomware infections happen as the result of brute-force cyberattacks, where cybercriminals attempt to access networks using weak or previously compromised passwords. Weak or stolen passwords are also responsible for the overwhelming majority of data breaches.
Shoring up employee password security is easy, inexpensive, and goes a long way towards preventing ransomware and other cyberattacks:
- Require that employees use strong, unique passwords for all accounts.
- Require that employees use multi-factor authentication (2FA) on all accounts that support it.
- Require that employees use a password manager.
- Subscribe to a Dark Web monitoring service. These services scan Dark Web forums and notify organizations in real-time if any of their employee passwords have been compromised, allowing IT administrators to force password resets right away.
To help organizations defend themselves against ransomware attacks, Keeper has launched a new Ransomware Resources Hub, which includes an informative whitepaper and shareable infographic. While you’re visiting our new resources hub, make sure to register for our upcoming webinar, How to Mitigate the Risk of Ransomware Attacks, to be held on Tuesday, September 15, at 1:30 p.m. CT.
Get Keeper & Get Protected from Ransomware Attacks
Keeper’s zero-knowledge password management and security platform takes only minutes to deploy, requires minimal ongoing management, and scales to meet the needs of any size organization.
Keeper gives IT administrators complete visibility into employee password practices, enabling them to monitor password use across the entire organization and enforce the use of strong, unique passwords, 2FA, role-based access control (RBAC), and other security policies. Fine-grained access controls allow administrators to set employee permissions based on their roles and responsibilities, as well as set up shared folders for individual departments, project teams, or any other group
Employees will appreciate the convenience of having Keeper keep track of all their passwords.. Every employee receives a private, encrypted digital vault that they can access from any device using one master password — the only password they’ll ever have to remember. Keeper’s password manager generates strong, unique passwords for every account and automatically fills in login fields on websites and apps.
For enhanced protection, organizations can add Keeper BreachWatch™, which scans Dark Web forums and notifies organizations in real-time if any of their employee passwords have been put up for sale. BreachWatch seamlessly integrates with the Keeper password management platform, enabling IT administrators to force password resets right away.