This blog is the final of six articles about the growing cybersecurity threat known as ransomware. GovLoop partnered on this series with Veritas Technologies, LLC, a data management software company and ThunderCat Technology, an IT solutions provider. Working together, we aim to explain what ransomware is and how federal agencies can prepare for, respond to and survive potential attacks.
According to a new poll, released in December 2019 by Scoop News Group on behalf of Veritas Technologies, LLC, about one third of government IT officials say their agency doesn’t employ data backup and recovery to combat two serious cybersecurity threats. The survey was conducted to see how the two threats – ransomware and malware – are influencing agencies’ decisions.
The survey also discovered that 17% of federal and state IT decision-makers don’t know what security solutions their agencies use against ransomware and malware.
Malware is malicious software which purposefully damages such technologies as computers, networks and servers. Ransomware is a malware variation that vows to block access to or release the victim’s data unless a ransom is paid.
“Federal agencies have lots of services that they’re responsible for,” said Rick Bryant, National Healthcare Architect and Practice Director at Veritas. “Not having access to critical data could lead to bad decisions for them.”
Bryant added that although ransomware can hurt federal, state or local agencies, it presents unique problems for each level of government.
“It could disrupt our national security,” he said of federal agencies. “State and local agencies have budgets that are so tight they have little to no ability to pay the ransom.”
In recent years, attackers have repeatedly used ransomware on state and local agencies nationwide during incidents that have attracted significant media attention.
Fortunately, most participants in the recent poll said their agency has at least one or more weapons for combating ransomware and malware. The results included:
- 72% said their agency uses data backup and recovery
- 71% have antivirus or endpoint security solutions
- 57% said their agency utilizes email and web browser security monitoring
- 47% possess security and behavioral analytics tools
- 35% said their agency keeps a whitelist of applications its users can adopt or operate without threatening its cybersecurity
Bryant said that ultimately, agencies need a mix of cybersecurity technology, education and talent to withstand ransomware. According to Bryant, agencies should initially back up their critical systems and configurations on a separate device every day.
Next, he continued, they should train their employees to recognize suspicious links and phishing attempts in their email and other tools. Phishing consists of fraudulent efforts to obtain sensitive information such as passwords by disguising attackers as trustworthy entities in electronic communications.
Lastly, Bryant added, agencies should revise their incident response plans so that cyberattacks are treated like disasters.
ThunderCat Technology is an IT solutions provider that partnered with Veritas on its recent ransomware research. ThunderCat believes that a structured, multifaceted approach to information security is the key to protecting its public-sector partners. It has also made security expertise a primary focus of its business, with an emphasis on understanding the possibilities that exist for protecting critical information from threats, internally or in the cloud.
Solutions such as Veritas’ NetBackup ransomware protection, for example, can help agencies recover from cybersecurity disasters by combining unified data management and strong defensive tools into a powerful shield.
“When you invest in a platform like Veritas, you get more than just backup,” Bryant said. “You’re going to have built-in data security and confidence you can recover.”
For instance, NetBackup ransomware protection can help agencies administer and shield all their data regardless of where it resides. Currently, many agencies have data spread across multiple physical, virtual and cloud computing locations, making it difficult to monitor and understand.
In terms of recovery, Veritas’ suite can help agencies backup their data and quickly rebound from cybersecurity mishaps.
“We can help them recover as fast as humanly possible,” Bryant said of Veritas. “Our recovery time is five to eight times faster than the competition.”
Bryant added that even though NetBackup ransomware protection fiercely defends agencies, they’d be even safer with healthy cyber hygiene, cybersecurity training and recovery plans.
Steege added that agencies need confidence that their platforms are resilient and can recover from attacks. In turn, he continued, agencies can focus on mission-critical activities instead of security.
“We’re an important part of an effective ransomware response,” he said. “We give you insights, so you can eliminate the ransomware before it can actually happen.”
To learn more about how ransomware is influencing federal and state IT decision-makers, click here to read Veritas Technologies, LLC’s recent survey. And click here to hear Veritas and ThunderCat experts discuss ransomware during their podcast series about government technology.