CALL TO ACTION UPDATE – Doing your part about civic ransomware
Does the all caps “CALL TO ACTION UPDATE” get your attention? It’s supposed to.
- The call to action still stands.
- Our municipalities are still under siege.
- The ransomware threat has far from abated.
- Too many communities are under-prepared.
You aren’t powerless. You have options.
- You can sit there and do nothing, playing the victim.
- You can point fingers and complain, playing the critic.
- You can wait for somebody else to do something, playing the sluggard.
- You can be part of the solution by doing something constructive, playing the responsible citizen. In my opinion, this is the best option.
If you choose (or have chosen) option 4, pen an email to your local government officials. Respectfully ask them how they’ve prepared for an eventual ransomware attack. If you are willing and able, offer to help them if they need it. If you aren’t willing or able to help them, refer them to one of us who is willing and able to help them.
Follow the guidance in my previous CALL TO ACTION article or follow your own charge.
For those of you who choose to do nothing, you have no right to play the victim card or complain. You give up those rights, in my opinion.
Now for the update. Many of you have taken me up on the CALL TO ACTION. You have emailed your local government officials and you’ve shared some of their responses with us at email@example.com.
Kudos to you for choosing option 4 (above)!
Here are some of the responses that have been shared with us, protecting the names of the innocent/guilty.
Response from small city in a rural area:
We are familiar with these attacks on cities and we utilize network security professionals to protect our systems. We also utilize a firm to audit us and test for gaps or issues proactively as well as routinely backing up and storing our data off site to protect against ransom demands and other risks.
Not too bad. The resident followed up with the city to gain more insight and offer help. Nice work!
Response from a medium-sized U.S. county:
Thanks for reaching out. No organization can claim with 100% certainty that they are protected from any cyberattack. However this is a very front and center topic for <REDACTED> County, and many efforts have been taken to reduce our risk and exposure to various kinds of cyber attacks, including Ransomware.
The County does not have a defined policy regarding what they would do if faced with this decision (in fact none of the metro counties have one, last time I checked), but in my conversations with Administration I do not believe paying a ransom would be an option they would choose.
Hope that helps answer your question.
This is good to know, yes? Someone (why not us/you) should work with this county to address the issue, and while we’re at it, address the issue with all “metro counties”. Kudos to this county official for responding with some transparency!
Response from a mid-sized suburban city:
Thanks for the email. For the security of the City’s network and systems, we follow the recommendations set by the <REDACTED – state’s criminal justice system>. We also use a third party vendor that does penetration testing against our firewall to try to stay ahead of the malicious attacks. We conduct staff cybersecurity training with this third party vendor to ensure our staff is behaving appropriately as well.
OK, maybe not a great response, but a response nonetheless. Didn’t really address the ransomware preparedness question directly, but a conversation has begun. The resident will be following up. Making a difference!
Response from another mid-sized city:
Thank you for your email. The City of <REDACTED> has a multi-faceted approach to cybersecurity. We have improved security both internally and externally. While no system is immune from attack, we are actively scanning and patching for vulnerabilities. A specific key to protecting against ransomware is to have good, frequent, and tested backups. We maintain a healthy backup system and in the case of a ransomware attack being successful, could restore lost data as needed. It is our policy to not pay ransomware demands. Our <REDACTED> has made security a top priority, and has taken many steps to enhance the City’s security posture. This includes revamping the firewall and anti-virus infrastructure. We continue to take cybersecurity very seriously, and are constantly striving to keep our data secure and protected against attack.
Not bad. Another conversation starter and another difference made, even if a small one.
Final Words (for now)
Responses from good citizens continue to come in to our mailbox (firstname.lastname@example.org) and we’re encouraged by the actions some of you are taking! For those who haven’t yet reached out to your local government officials, get on it! Again, you can follow the guidance here if you want.
The problem isn’t going away. Here’s some recent news about ransomware and our local communities:
- Georgia court system struck by ransomware attack
- IT Director Fired Following Lake City Ransomware Attack – scapegoat? Information security is NOT an IT issue, it’s a business (organizational) issue.
- Get Ready For A Ransomware Tsunami – I don’t like the word “tsunami” to refer to ransomware attacks, but that’s just me. The fact is, there are many more attacks coming.