- The Washington Times - Thursday, June 20, 2019

Hackers across the country increasingly are holding hostage the data in cities’ computer networks.

The attacks, fueled by ever-evolving ransomware, disable a broad range of government services from emails and voicemails to property tax portals, comptroller finance systems, and even water pumping and testing stations.

This week, Riviera Beach, Florida, agreed to pay $600,000 to hackers to release its data, but Baltimore is still refusing to pay $76,000 in bitcoin and instead is spending $18 million to retrieve its data and secure its system.

According to a top Department of Homeland Security’s cybersecurity official, the issue is a major national concern because, despite the increasing frequency of such attacks, the federal government lacks a general understanding of how secure more local level networks actually are.

“We don’t have good visibility in the state and local dot-gov [domain],” said Rick Driggers, DHS’s Cybersecurity and Infrastructure Agency deputy assistant director.



Speaking at the Washington cybersecurity summit FedScoop’s FedTalks, Mr. Driggers added that city-level hacks present uniquely different problems from attacks on federal systems because threat awareness and cyber budgets differ greatly.

Experts say foreign adversaries have clearly figured this out.

In 2018, ransomware attacks against state and local governments jumped 39%, according to a report by Recorded Future last month. The cybersecurity firms’ researchers identified 53 ransomware incidents involving state and local governments in 2018 compared to 38 in 2017.

Considered the first overall measurement of local incidents, the survey found that since 2013, at least 170 county, city and state government systems have reported ransomware attacks, including at least 45 police and sheriff’s offices.

Funding, experts say, is a major issue — not just the smaller overall amounts at the local level — but smaller portions of budgets. Most states commit just 1% to 2% of their information technology budgets for cybersecurity, a figure far lower than most federal agencies report, according to a Deloitte report commissioned last year for the National Association of State Chief Information Officers.

The ransomware behind the attacks is also rapidly evolving. From 2013 to 2016, cyberforensic specialists say CryptoLocker and a so-called Trojan horse virus known as CryptoWall, were behind most efforts to hold data hostage.

More recently malware called SamSam attacked Atlanta, Georgia, and Newark, New Jersey; the Port of San Diego; and the Colorado Department of Transportation, then disappeared last fall, when the Justice Department filed charges against two Iranian citizens accused of using it.

The Ryuk virus struck rural Jackson County, Georgia, in March, forcing officials there to pay a $400,000 bounty to regain access to encrypted files.

The ransomware that infected Baltimore is called RobbinHood.

Earlier this year, The New York Times reported that cybercriminals gained access to Eternal Blue, a program originally developed by the National Security Agency.

Amit Saha, CEO of Saviynt, a Los Angeles-based cybersecurity firm focused on protecting government networks, said that those who pay ransoms inspire more cybercriminals to take more data hostage.

“To fight this, local governments must better manage the access that they allow to their systems,” Mr. Saha told The Washington Times.

While the challenge is formidable, he added, the future is bright because cloud-based technologies are increasingly allowing local governments more secure data storing options. Additionally, better identity and password security options are emerging and they are affordable.

“Ultimately, it comes down to local systems being vigilant about who can enter their networks,” he said.

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide