Why Focus on Ransomware?
Yes,
ransomware is not the only thing that cities and towns have to worry about.
There can be a massive breach of city connected systems that has nothing to do
with ransomware. Nevertheless, ransomware is our focus. Thus far, it is the
most prevalent kind of attack on cities and towns. And, most municipal agencies
need some time to decide whether they are going to negotiate with cyber terrorists
who attack them. They need to think through their strategy before they are
attacked.
Ransomware Attack
This attack is mostly done with the help of the Malware ( software designed to cause destruction) which encrypts the user's data leading to no access to the user of his own data and demanding some "ransom" money for re-gaining the access to the data.
Key Take-aways from Cyber-Security problems
- 1.
Cyber attacks on urban infrastructure
are increasing.
- 2. the federal government takes responsibility for defending America's defense establishment and all of the private suppliers that that establishment depends on from the cyber attack, but it leaves to the states and local government responsibility for protecting critical urban infrastructure. In times of attack, the FBI might help a local government, but cities are pretty much on their own.
- 3.
Cyber-attacks occur along with a number of
different attack vectors and involve a range of attack mechanisms. By far, the
largest number of attacks thus far involve ransomware and distributed denial of
service.
- 4.
Some of the attacks on critical urban
infrastructure in the United States have been traced back to attackers based in
Russia, China, North Korea, and Iran.
- 5.
ransomware attackers are increasing
the amount of money they are demanding to release the data that they're holding
hostage. Thus, the cost of ransomware is increasing, but the money that's asked
in ransom is less than 20% of the total cost to a city that it has to figure
out how to cover when there is service disruption that extends for a period of
time and when they have to put all their systems cleaned up back online. Many
attackers are glad to collect ransoms, but they are as interested in creating
chaos as they are in collecting money.
- 6.
the Baltimore case study shows what
an attack feels like from inside City Hall. It also demonstrates that public
officials, once they have been attacked, are eager to take defensive action. We
are hoping that the clinic can bring a lot more cities to the point of being
interested without having to actually experience an attack.
- 7.
The job of the clinic is to provide an independent assessment of a city agency's vulnerability to cyber-attack and to
recommend specific defensive social engineering moves that the public agency
can take to keep residents and businesses safe.
0 Comments