Skip to content
Close
Get Started
Get Started
VC3 is the bar

We Make IT Easy

With VC3, it’s never license this, per hour that. Instead, it’s good people. Good people who work tirelessly .

Learn More
"VC3 has made it easier than ever before for our local government to serve our citizens by providing us with modern web tools and a team
of talented and courteous professionals.
City of Valdosta, GA
Get out of the IT trenches

Municipal Disaster Recovery Checklist

Download the guide for real-life scenarios, containing data backup lessons and a checklist to help ensure you are ready for a disaster. 

Learn More

Municipal League Partnerships

VC3 is the IT partner that focuses on municipalities. We understand your budgeting cycles and critical
concerns.
Our Partners

2024 Managed IT Services Cost & Pricing Guide

You’ve probably heard about how managed IT services saves businesses money and are wondering if that’s possible for your organization too. This guide will help walk you through different pricing strategies and costs you can expect.

Get the Guide
Get Started
ransomware-2320941_1920-1

Ransomware Prevention Guide for Cities

 

 

Ransomware is a virus that encrypts your data with malicious intent. It’s a weapon used by a criminal who attempts to steal your money or destroy your property (in this case, your data) if you don’t pay a ransom. Once your files are encrypted by the virus, a screen will pop up on your computer with instructions about paying a ransom. 

If you pay, the criminals will hopefully decrypt your data—although there are no guarantees. Remember, these are criminals. Can I trust them? Will my data be restored? Is my restored data unaltered? Do they still have access to my computer? Will this happen again? 

As one of the scariest viruses out there, attackers use ransomware more and more often. The ransom price demands are increasing. According to ZDNet, “Global ransomware volume reached 206.4 million attacks in 2018 – an 11 percent year-over-year increase. SonicWall said this was down to malware authors mixing and matching components to create new variants, which are thus harder to identify and block.”

Quite simply, ransomware has become very profitable for very bad people. Many ransomware attacks have devastated local governments—from shutting down 911 systems to erasing years of criminal evidence. It’s putting communities at risk. Usually about once a week, we hear about yet another municipality devastated by such an attack. And these are only the ransomware attacks reported in the media. 

It’s likely that your city, town, or organization has a good chance of experiencing a devastating ransomware attack that leads to permanent data loss. However, following our seven best practices will help you anticipate, prevent, and recover quickly from a ransomware attack.

In this guide, you’ll learn: 

Seven best practices that will help you anticipate, prevent, and recover quickly from a ransomware attack.

  1. Regularly patch your software

  2. Update your operating system

  3. Modernize your technology

  4. Data backup and disaster recovery

  5. Monitor systems proactively

  6. Separate critical systems from less critical systems

  7. Never pay the ransom

 

Short on time?

Download the PDF to read later 👇

1. Regularly patch your software

So many organizations—including cities—do not patch their software on a regular basis. Excuses are plentiful. City staff have too much on their plates. Reactive IT vendors do not get paid to do proactive IT maintenance. Nothing appears broken, so why fix it? It’s not a priority. Et cetera.

But when you don’t regularly patch, you miss out on security updates. Software vendors plug holes that hackers can exploit. When you don’t apply patches, it’s like leaving a back door open in your house.

 
software Update
managing-flow-information-part-1
 
 

2. Update your operating system

In 2017, the WannaCry ransomware virus devastated organizations using outdated, unsupported operating systems such as Windows XP, Windows Server 2003, Windows 7, and Windows Server 2008. A newer operating system like Windows 10 wasn’t affected by WannaCry at all. 

If your city is running an outdated Windows operating system, consider that Windows 7 has not included full support since January 2015—with Microsoft providing only limited support until January 14, 2020. The older an operating system becomes, the more security issues it will have and there is less of a chance that Microsoft will provide security patching. 

Many organizations—including cities—stick with older operating systems because of poor practice, older software that’s only compatible with older operating systems, and an unwillingness to budget for the upgrade of operating systems.

 

3. Modernize your technology and get rid of legacy systems

There is no longer a “nice-to-have” argument about modernizing technology. Instead, modernized technology and cybersecurity are increasingly seen as one and the same thing. For cities, it will become more and more negligent to cling onto old legacy hardware and software that uses obsolete, unsupported, and unsecure technology. 

Older software has more likelihood of containing security vulnerabilities and crumbling under a security issue. Many cities often have older versions of software that lack vendor support or security features to protect against new forms of viruses like ransomware. In addition, many software platforms are often not regularly patched and updated by cities. Altogether, this leads to situations where software becomes extremely vulnerable to ransomware when it spreads. 

While budget is always a concern, the costs of a cyberattack—financially, legally, and politically—can be far worse. States such as Arkansas have even passed laws threatening to revoke a city’s charter if they don’t comply with the law through using appropriate, secure technology. 

 
 
is-aging-technology-costing-you
aws-backup-data-protection-1-1

4. Build a highly available data backup and disaster recovery solution

Your employees pose the biggest risk for allowing ransomware into your organization—so you need to first prepare for the worst. 

Modern data backup and disaster recovery solutions allow you to create “snapshots” of your data and systems at a given point in time. If the ransomware began to affect your organization at 2:30 p.m. on a Tuesday, you can restore all your data to a point in time before the infection hit that moment on Tuesday. 

5. Monitor systems to proactively detect and contain damage

The earlier you catch ransomware, the likelier you can contain damage to a single computer, server, or area. Ways to prevent such widespread damage include:

  • Proactive monitoring and alerting of systems: When IT professionals— with the help of 24/7/365 automated software—monitor your systems and get alerts when something is wrong, then you are more likely to detect a virus or ransomware. Suspicious activity usually sends up a red flag if you’re proactively monitoring systems—and you can catch an incident much sooner.
  • Endpoint detection and response (EDR): Relying only on antivirus is not enough anymore to fully protect you from dangerous ransomware. EDR uses machine learning (a form of AI) to detect anomalous behavior inside your computers, servers, and devices. IT professionals can manage the platform to receive alerts in real-time, more effectively block attacks, and contain ransomware to a specific endpoint instead of having it further infect your systems.
 
 
Closeup of young man in glasses with beard making blueprints on computer
Data-Backups-Feature

6. Separate critical systems from less critical systems

If departments share servers or systems and they go down, everyone goes down with the ship. When possible, segment and separate critical systems. This way, ransomware may have limited impact on fewer systems.

7. Never pay the ransomware ransom

There are three reasons you should never pay a ransomware ransom, despite other cities doing so:

  1. It is never guaranteed that criminals will unencrypt your data. Criminals often ask for thousands of dollars in ransom. Would you take thousands of dollars from your city treasury and then flip a coin to see if you keep it? That’s essentially what happens when you pay criminals. According to SentinelOne’s Global Ransomware Report 2018 (reported in KnowBe4), “45% of US companies hit with a ransomware attack last year paid at least one ransom, but only 26% of these companies had their files unlocked.” Yes, only 26 percent! With such a low chance of your ransom actually unencrypting your data, it’s not wise to throw thousands of dollars at criminals. Plus, if you pay, criminals may also ask for more money or target you again—viewing you as a nice source of revenue.

  2. It is never guaranteed that criminals will restore your data as it was. Once you get your data back, do you know for sure that it’s unaltered? If criminals had access to it, they could do anything with it. Delete some of it. Corrupt it. Implant malware into it. Who knows? These are criminals. You can’t trust them. In some cases, ransomware attacks are led by sophisticated nation states or professionally organized criminal syndicates with deep pockets and resources. Who knows what they’ve done with and to your data before they give it back.

  3. It is never guaranteed that criminals will no longer have access to your data. Remember, these criminals held your data hostage. By paying a ransom, you are trusting a criminal to perfectly return your data back to its previous state. And maybe they’ll also nicely clean up the mess they made to your data, computers, and network—and lock the door behind themselves on the way out? Don’t bet on it. How do you know they don’t intend to still use the data they held hostage? You don’t know for sure if criminals accessed your data, still have your data, and intend to use your data for malicious purposes.

close up of hands using laptop and holding credit card as Online shopping concept

While ransomware attacks might look scary, they really only affect cities that fail to implement basic IT best practices. If your city isn’t following the seven best practices in this whitepaper, you are at risk for a ransomware attack. To learn more about cybersecurity best practices that can help protect your city, town, or organization, read about the 3Ps: passwords, patching, and people.

How VC3 Can Help Protect Your City from a Ransomware Attack

VC3 guards against cyberattacks by keeping your computers patched, protected, and healthy. Includes always on monitoring and alerting for issues, enterprise-class cybersecurity protection, automated computer maintenance, ongoing software patching to keep you secure, and regular training to keep you and city staff on guard and alert.

Contact us today to learn more about our managed security services