IAMU Informer
Follow IAMU!
  • Informer News Feed
  • IAMU Website

Ransomware: Is Your System Prepared for an Attack?

8/27/2019

0 Comments

 
On Aug. 16, more than 20 entities in Texas reported a ransomware attack with the majority of these entities being smaller local governments. The evidence gathered indicates the attacks came from one-single threat actor. If this happened in your community, are your prepared? Do you know how to respond?

If you are a member of the IAMU Safety Group Insurance Group, you can get coverage for such an event. Currently, only about 20% of all safety group members purchase the coverage. If your utility or municipality doesn’t currently have such coverage, be sure to ask your agent for more information.

According to the Department of Homeland Security (DHS) and its Cybersecurity and Infrastructure Security Agency (CISA), ransomware has rapidly emerged as the most visible cybersecurity risk playing out across the nation’s networks, locking up private-sector organizations and government agencies alike. And that’s only what is seen – many more infections are going unreported, ransoms are being paid, and the vicious ransomware cycle continues. Organizations are strongly urged to consider ransomware infections as destructive attacks, not an event where you can simply pay off the bad guys and regain control of your network.

According to CISA, ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Recovery can be a difficult process that may require the services of a reputable data recovery specialist, and some victims pay to recover their files. However, there is no guarantee that individuals will recover their files if they pay the ransom.

Helping organizations protect themselves from ransomware attacks is a chief priority for the CISA. The agency has assisted many ransomware response and recovery efforts, building an understanding of how ransomware attacks unfold, and what potential steps can be taken to better defend systems. But there is also a recognition that there’s no such thing as perfect cybersecurity, and ransomware infections can still happen. The agency has also developed recommendations to help organizations limit damage and recover smartly and effectively.

RANSOMWARE MITIGATIONS TO HELP YOU DEFEND TODAY AND SECURE TOMORROW

The CISA recommendations outline three sets of straightforward steps any organization can take to manage their risk. These recommendations are written broadly for all levels within an organization. It is never as easy as it should be, so if your organization needs help, the agency urges you to reach out for assistance – CISA is here to help, but so is the FBI, numerous private sector security firms, state authorities, and others.

  1. Backup your data, system images, and configurations and keep the backups offline.
  2. Update and patch systems.
  3. Make sure your security solutions are up to date.
  4. Review and exercise your incident response plan.
  5. Pay attention to ransomware events and apply lessons learned.

Actions to Recover If Impacted – Don’t Let a Bad Day Get Worse
  1. Ask for help. Contact IAMU immediately. You may reach Russ Saffell, Director of Member Security & Critical Infrastructure Protection at 515.289.1999 or 515.988.8686 (cell).
  2. Isolate the infected systems and phase your return to operations.
  3. Review the connections of any business relationships (customers, partners, vendors) that touch your network
  4. Apply business impact assessment findings to prioritize recovery.

Actions to Secure Your Environment Going Forward – Don’t Let Yourself be an Easy Mark
  1. Practice good cyber hygiene; backup, update, whitelist apps, limit privilege, and use multifactor authentication.
  2. Segment your networks; make it hard for the bad guy to move around and infect multiple systems.
  3. Develop containment strategies; if bad guys get in, make it hard for them to get stuff out
  4. Know your system’s baseline for recovery.
  5. Review disaster recovery procedures and validate goals with executives.

For more information on ransomware, visit the CISA Resource Page on Ransomware (www.us-cert.gov/Ransomware). Victims of ransomware should report it immediately to CISA at www.us-cert.gov/report, a local FBI Field Office, or Secret Service Field Office.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

      Subscribe To The Informer

      You can subscribe to The Informer by adding the RSS feed to your feed reader. Or, to request to be added to our weekly email blast, provide your information below.  NOTE-you must be an IAMU member (utility, affiliate, or associate) to receive the email blast.
    Submit

    Archives

    January 2023
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014

    RSS Feed

Picture

Copyright 2018 Iowa Association of Municipal Utilities