Cyber exec: States should prep for ransomware attacks

Cyber exec: States should prep for ransomware attacks

Although the number of malware attacks against state governments have trended downward over the past few months, ransomware has made up a larger portion of those overall attacks, according to data from the Multi-State Information Sharing and Analysis Center.

“When I first saw this graph a few months ago I figured there was a problem with the signature system,” MS-ISAC chair Thomas Duffy said, when discussing IT threats at the National Association of State Technology Directors annual conference in Washington, D.C.

One piece of ransomware that jumped to the top of the list of most common malware threats is Locky, which differentiates itself from other attacks by deploying via email attachments; others are more commonly activated through links.

Hackers take advantage of three main browser-side weaknesses in vulnerable versions of Adobe Flash, Java and Silverlight. These are the “low hanging fruit that they look for,” Duffy said.

“Ransomware was pretty predictable; it has been evolving with stronger encryption.” These newer versions of ransomware haven’t appeared in many attacks against state or local government yet, “but they probably will,” according to Duffy.

He cited four ways to deter ransomware attacks:  securing configurations, securing coding, patching and vulnerability scanning. The most important of those four, he suggested, is patching.

“We spend a lot of time just patching systems,” he said, “but if you don’t do it you’re going to be toast.”

About the Author

Matt Leonard is a former reporter for GCN.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected