The Wall Street Journal recently reported that municipalities are increasingly being targeted for ransomware attacks by criminals. Most municipalities, especially in New Jersey, resemble a small business. With state contracting rules and constant leadership changes from elections, the turnover in IT companies at municipalities is high. Combine low budgets, high IT company turnover, and staff that receive little to no training on cyber security and you have a perfect incubator for ransomware infections.
Ransomware attacks cost more than just the ransom. Victims must also consider the cost of the IT firm or department restoring the files as well as the lost staff time while they wait for their data to be restored. Both the IT time and the lost staff time far exceed the typical ransom payment.
Here are some keys to avoid ransomware infections:
- Employ a third party spam filter, like ProofPoint, to screen emails before they hit your inbox.
- Make sure your spam filter includes a feature that allows it to check any embedded URL for safety.
- Employ an AV software, like Webroot, that looks at every e-mail as it is opened.
- Employ a third party scanning tool, like HitmanPro, to scan for bad software independently of the primary software.
- Use a DNS service that blocks potentially evil URLs.
- Employ a canary system that monitors selected files for changes.
- MOST IMPORTANT: Train your employees on Cyber Security.
So don’t be surprised if you visit your local town hall and they can’t pull up your tax records.