Sicura for State, Local, Tribal and Territorial Governments
Sicura empowers State, Local, Tribal and Territorial governments to meet the CIS Benchmarks, fix misconfigurations, and prevent breaches.
Ransomware Attacks on SLTT Government Agencies
and Prevention & Mitigation with Sicura
Ransomware: a Real & Growing Threat
Ransomware attacks are one of the top cyber threats to SLTT government
agencies. The past few months have seen major ransomware attacks on
Somerset County, NJ; Quincy, IL; Frederick, CO; and St. Mary’s, Ontario,
Canada. These attacks take down critical systems and infrastructure for
police, fire, healthcare and education departments. Employee and citizen
personal identifying information is released, agencies are forced to re-enter
critical data, and public trust is lost. These attacks ultimately cost millions in
ransoms and/or recoveries.
The Mechanics of an Attack
During a ransomware attack, an external group takes control of an
organization’s data, encrypts it, and holds it ransom, locking it up and
threatening to release it until a ransom is paid. Hackers first gain access to a
user account and then propagate through the network by exploiting
potentially insecure protocols such as SMB. Once propagated, the attack
software systematically steals and encrypts sensitive information,
preventing legitimate operators from being able to access it.
RaaS (Ransomware-as-a-Service) companies like LockBit sell ransomware
encryption software to hackers. These RaaS companies and their users often
target SLTT organizations because they have a large attack vector and large
quantities of sensitive citizen data to protect.