Wednesday, October 28, 00:36
Home security Government Services: Why are they vulnerable to ransomware attacks?

Government Services: Why are they vulnerable to ransomware attacks?

The Ransomware are one of the most important threats and despite the enormous damage they can cause, the governmental services are still not adequately protected.

According to Emisoft, by 2019, at least 948 public services, education providers and healthcare providers have fallen victim to ransomware attack. On the other hand, her analysis Recorded Futureshowed that 81 successful ransomware attacks on their government services took place USA resulting in many small towns being affected in the wider area.

Η FloridaThe LouisianaThe New Orleans and Texas are just some of the local governments affected by such an attack. If ransomware infiltrates a government network, can cause many problems, such as: disruption of service systems or even the whole city, loss of access to central government systems, financial losses etc

According to IBM, many US local and state governments feel very confident about their security against malware, but Deloitte says that in fact, governments are not doing enough to protect themselves.

On Wednesday, Deloitte published one report, which examines how ransomware can be implemented attacks and what government officials can do to meet this challenge and protect themselves.

According to researchers, local and state governments now provide their services online. This combined with its increased appearance Ransomware-as-a-Service (RaaS) offers to hackers more opportunities for attack.

“Πριν από λίγες δεκαετίες, υπήρχαν ελάχιστοι μόνο υπολογιστές στα κεντρικά γραφεία των τοπικών σχολικών μονάδων ή των αστυνομικών τμημάτων, αλλά today there are everywhere computers“, λέει η έκθεση. “Each of these computers is a potential access point for some malware“. Σύμφωνα με τους ερευνητές, αυτό σημαίνει ότι οι κυβερνητικές υπηρεσίες έχουν πλέον να προστατεύσουν πολλά περισσότερα συστήματα, however, no such investments have been made in cybersecurity.

But there is another key reason why governments are vulnerable to ransomware and others hacking attacks. That is the reason the use of old, outdated and out-of-date systems and software. All of these systems may have vulnerabilities exploited by hackers.

“Ακόμα και τα τρέχοντα, ενημερωμένα δίκτυα απαιτούν συνεχή προσπάθεια για τη διατήρηση των διορθώσεων και των ρυθμίσεων ασφαλείας, έργο που ακόμη και το πιο άρτια στελεχωμένο και εκπαιδευμένο προσωπικό βρίσκει δύσκολο”, λέει η Deloitte.

However, research highlights that the most important factor in the success of ransomware attacks is the person and not systems. If it does not exist specialized staff and overall sensitization on cyber security, hackers can launch successful attacks. The Phishing and social engineering are two commonly used techniques and their success depends on their treatment users.

A survey conducted by NASCIO and Deloitte found that in government services, μόνο το 2% του συνολικού IT προϋπολογισμού χρησιμοποιείται για την ασφάλεια στον κυβερνοχώρο.

So there is no proper infrastructure, and governments have to pay ransom if they fall victim ransomware attack. Many times there are no backups either.

In the meantime, not paying the ransom can prove to be significantly more expensive.

One example is the city of Baltimore, which refused to pay ransom ($ 76.000) but lost more than $ 18 million due to lost revenue and investment to restore the systems.

Ransomware is not going to disappear anytime soon. Therefore, ways to deal with them must be found.

So what can state and local governments do to tackle the problem?

Modernization of systems: Modernizing computer systems is important. The systems, the services they use must be up-to-date and up-to-date to prevent the major problems that ransomware can cause them.

Employees training: Education and training staff is crucial, as we said, the human factor plays a role in the success of ransomware attacks.

Patch and updates: Services must constantly update their systems. They also need to segment their data and networks.

Cyberinsurance: While cyberinsurance services can cover the cost of ransomware attacks, their use should be carefully considered. These services usually encourage clients (victims of attack) to pay ransom. Hackers know this, so they are getting more and more money.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Among Us: players were hit by a spam attack

InnerSloth, creator of the popular game Among Us, faced an attack that affected its players last week. More specifically, some ...
00:01:47

Data breach in a law firm exposes data of Google employees

Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP revealed that it suffered a data breach that led to the leakage of personal data ...

How to install a .watchface file on Apple Watch

The Apple Watch lets you customize the faces of the watch to display all kinds of useful information. But did you know ...

The five biggest data breaches of the 21st century

Data is becoming more and more sought after as our daily lives become more digitized. The technology giants that monopolize data are ...

Microsoft is limiting the availability of Windows 10 20H2

Microsoft is currently restricting the availability of Windows 10 20H2 to provide all users who want to ...

How to enable the new Chrome Read more feature

The latest version of Google Chrome browser, v86, released earlier this month, contains a secret feature called Read ...

How to choose a custom color for the Start menu

Starting with the October 2020 update, Windows 10 is the default on a theme that removes bright colors from ...

NASA telescope discovers drinking water on the moon

Eleven years ago, a spacecraft changed our view of the moon forever. The data collected by ...

Microsoft: Enhances password spray attack detection capabilities

Microsoft has significantly improved the ability to detect password spray attacks in the Azure Active Directory (Azure AD) and has reached the point ...

How to prevent companies from finding our phone number

In the age of advertising, the more user information is known the more convenient it is for companies. And in particular, the ...