This blog is the first of six upcoming articles about the growing cybersecurity threat known as ransomware. GovLoop partnered on this series with Veritas Technologies, LLC, a data management software company and ThunderCat Technology, an IT solutions provider. Working together, we aim to explain what ransomware is and how federal agencies can counter and survive it.
A new survey of government IT officials suggests that a rising cybersecurity threat may present roughly the same risk to federal agencies as it does to state and local agencies.
According to the poll released in December 2019, 30% of federal IT decision-makers said that ransomware had affected their agency in the last three years.
In comparison, 32% of state IT decision-makers said that their agencies had also been impacted by ransomware during the same time.
The 2-point difference implies that ransomware may be an equally grave danger for agencies at every level in 2020 and beyond.
The recent survey was conducted by Veritas Technologies, LLC, a data management software company, to draw more attention to ransomware threats across government.
Ransomware is malicious software that blocks access to or threatens to publish the victim’s sensitive data unless a ransom is paid. Although a string of devastating ransomware attacks in recent years has made this issue more high-profile, many agencies from the federal level down are still learning about it.
To date, most media coverage about ransomware has focused on incidents involving state and local agencies. State and local agencies are especially vulnerable to ransomware as they often have less funding and smaller staffs to deal with attacks. Further complicating matters, their IT infrastructure and technology is frequently spread across multiple locations rather than nestled safely under one roof.
Federal agencies aren’t immune to ransomware, however, and it can severely hinder their mission success much like their state and local counterparts.
For example, the Treasury Department (USDT) announced in September 2019 that North Korean state-sponsored hacking groups had conducted ransomware campaigns.
Underscoring how ransomware can threaten national security, USDT added that the campaigns ultimately helped fund North Korea’s missile and weapons programs.
North Korea has long threatened to use its missiles and other weapons against nations its government considers hostile, including the U.S.
More recently, the Homeland Security Department’s (DHS) top cybersecurity official said in January 2020 that agencies should remember how Iranian state-backed hackers operate.
“Pay close attention to your critical systems,” Chris Krebs, Director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA) component, tweeted.
Krebs’ tweet followed America’s targeted killing of Iran’s Gen. Qassam Soleimani, Iran’s top general, earlier that month.
Iran’s state-based hackers are infamous for their worldwide aggression, and ransomware is one of the many weapons they have for potentially disrupting public services in the U.S.
Whether they’re federal, state or local, ransomware can disrupt agencies’ operations, damage their public reputations, encumber their ability to serve citizen needs, and cost them millions of dollars in unexpected costs to recover from an attack.
Even worse, ransomware that successfully corrupts federal data can endanger America’s national security.
Over the last three years, federal and state IT decision-makers said that they’ve encountered four types of ransomware, according to the recent poll.
- 48% said they suffered from ransomware that encrypted their files before requiring a key to unlock them and restore operations.
- 41% said they encountered ransomware that restricted access to their files and data without encrypting them.
- 9% said they were victimized by leakware or extortionware, which are types of ransomware where the attack exfiltrates an agency’s data and threatens to release it if a ransom isn’t paid.
- 2% said they were affected by another type of ransomware, hinting that this menace might be evolving too fast for agency awareness.
The wide variety of ransomware demonstrates the challenge it might present government in the coming years.
In terms of federal IT decision-makers, the survey proposes that they’re starting to take ransomware seriously. For instance, 33% said that ransomware will be a bigger concern in 2020, while 45% more said that it will be as much of a concern as it was this year.
With three in four federal IT decision-makers predicting that ransomware will be an equal or greater problem in 2020 than it was during 2019, it seems this cyberthreat isn’t going away anytime soon.
To learn more about how ransomware is influencing federal and state IT decision-makers, click here to read Veritas Technologies, LLC’s recent survey.