This blog is the fifth of six upcoming articles about the growing cybersecurity threat known as ransomware. GovLoop partnered on this series with Veritas Technologies, LLC, a data management software company and ThunderCat Technology, an IT solutions provider. Working together, we aim to explain what ransomware is and how federal agencies can prepare for, respond to and survive potential attacks.
A new survey conducted by Scoop News Group on behalf of Veritas Technologies suggests government IT officials have a false sense of security about a growing cybersecurity threat.
According to the poll released in December 2019, about half of federal and state respondents rate their agency’s ability to detect ransomware or malware at or above the level of their peers.
Despite this, 17% said they don’t know what security solutions their agency uses against ransomware and malware. Another 5% said that their agency can’t detect either ransomware or malware, which both rank among the most common cyberthreats.
The poll’s results additionally suggest a disconnect between agencies’ perception and reality on ransomware.
Ransomware is a strain of malware, which is malicious software created to purposely harm technologies such as computers and servers. Unlike other malware, ransomware attackers block access to or threaten to publish the victim’s data unless a ransom is paid.
Subsequently, ransomware presents agencies with one of today’s greatest cybersecurity dilemmas as there’s no guarantee paying a ransom will help recover their data or operations.
Across government, ransomware can disrupt public services, create unexpected budget costs and hurt citizens’ confidence in their agencies’ security.
According to Rick Bryant, National Healthcare Architect and Public Director at Veritas, ransomware is increasing as agencies’ data sprawls across multiple locations.
Currently, many agencies host their data in a mix of physical, virtual and cloud computing environments that their employees access on laptops, smartphones and other tools.
“All of these devices create additional attack vectors,” he said. “You’ve got to take more precautions to protect your organization.”
Kurt Steege, Chief Technology Officer (CTO) at ThunderCat Technology, also recommends using a data-centric lens as you approach the issues that surround ransomware. ThunderCat is an IT solutions provider that partnered with Veritas on its recent ransomware research.
“Understanding where your information is located and maintained is key to not only protecting it but also how best to share it and use it for the betterment of the agency’s mission,” Steege said.
However, in Veritas’ recent poll, 16% said they perceive their agency’s skill at detecting ransomware as superior to other agencies.
Another 35% said their agency’s ability was above average, while 31% rated it average when compared to their counterparts. Six percent ranked their agency’s capabilities below average, 3% called them deficient and 10% weren’t sure.
All the poll’s respondents were addressing their agency’s ability to find ransomware or malware before it encrypts or locks data.
Fortunately, most of the poll’s respondents said their agency uses at least some tools to combat ransomware and malware. The poll found that:
- 72% percent said their agency deploys data backups and recovery
- 71% said they utilize antivirus or endpoint security solutions
- 57% said their agency has email and web browser security monitoring
- 47% said their agency takes advantage of security or behavioral analytic tools
- 35% said their agency keeps whitelists of appropriate applications that its employees can have active or installed
Bryant said that although techniques such as data backup and recovery are useful, they’re not capable of fending off ransomware forever.
“A backup is not the end-all,” he said. “It’s the last-ditch approach. It must be coupled with user education, policies and processes.”
Steege agreed with this, adding that an agency’s ability to properly educate its teams on what to look for and how to protect information can take government agencies to the next level in terms of ransomware protection.
Federal, state or local, Bryant additionally recommends that agencies start with a unified plan for protecting their data regardless of where it resides.
Bryant also suggested agencies frequently test their ransomware recovery plans so that they’re ready to quickly recover from attacks at scale.
“It’s a matter of when,” Bryant said of ransomware incidents. “There are lots of moving parts. You’ve got to take more precautions to protect your organization.”
To learn more about how ransomware is influencing federal and state IT decision-makers, click here to read Veritas Technologies, LLC’s recent survey. And click here to hear Veritas and ThunderCat experts discuss ransomware during their podcast series about government technology.