KEY TAKEAWAYSMore than 20 targeted ransomware attacks have affected US municipalities in 2019. Unlike Baltimore, many cities and towns opted to pay the ransom to regain access to their systems and data quickly. In March 2019, Jackson County paid over S$500,000 in ransom; in June 2019, Florida cities Riviera Beach and Lake City paid over S$800,000 and S$600,000 respectively. The willingness of municipal organisations to pay the ransom will likely incentivise would-be attackers to undertake further attacks against municipal organisations – already attractive targets as they typically operate legacy systems, with lower cybersecurity standards.
The rise of targeted ransomware attacks illustrates the need for all organisations – globally and in Singapore – to devote more attention and resources to manage cyber risks. In particular, it illustrates the importance of not only preventing, but also detecting and responding to cyber-attacks. Such measures include:
- Deploying robust backup systems which are tested regularly, with multiple versions saved and stored offline;
- Developing incident response and crisis communications plans which include physical or manual workarounds; and
- Having the expertise to operate these systems/plans in times of crisis.
SOURCES INCLUDE: Engadget, Wired, BBC, BankInfoSecurity, Twitter, Norsk Hydro, Bloomberg, ZDNet, Talos Intelligence, Reuters, DoublePulsar, Symantec