Ransomware defense

Local Government Agencies Urged to Practice Stronger Ransomware Defense Measures

The Federal Bureau of Investigation is urging local government agencies to prepare for ransomware attacks. The bureau said doing so could help avoid unnecessary exposure, financial loss and other risks.

According to the FBI, it expects ransomware and malware attacks on local governments to continue in 2023 as hacker tactics evolve. The organization published a private industry notification that highlights recent attacks against smaller government entities and issued several recommendations to mitigate hacks.

The recommended practices include applying software patches, performing awareness campaigns and deploying encrypted backups to fend off attacks, GCN reported.

The FBI report also recommended that smaller government agencies regularly update software, automated security scanning and cloud-based applications. They should also invest in workforce training and cybersecurity awareness programs to allow employees to spot phishing emails, cyber breaches and other indicators of compromise.

The notice also recommended investigating abnormal network traffic activity and applying artificial intelligence-enabled network intrusion detection systems.

According to a global survey, local government agencies are considered prime targets for hacking groups because of budget and staff limitations and legacy systems. The survey revealed that local governments had the second-highest rate of ransomware payment and were the least able to recover from backups and prevent encryption.

The FBI said it does not encourage paying ransoms because it does not ensure that the victim will get access to their data. However, the bureau pointed out that agencies that pay their hackers should report the activity to local FBI field offices.