Cyber exec: States should prep for ransomware attacks
- By Matt Leonard
- Aug 23, 2016
Although the number of malware attacks against state governments have trended downward over the past few months, ransomware has made up a larger portion of those overall attacks, according to data from the Multi-State Information Sharing and Analysis Center.
“When I first saw this graph a few months ago I figured there was a problem with the signature system,” MS-ISAC chair Thomas Duffy said, when discussing IT threats at the National Association of State Technology Directors annual conference in Washington, D.C.
One piece of ransomware that jumped to the top of the list of most common malware threats is Locky, which differentiates itself from other attacks by deploying via email attachments; others are more commonly activated through links.
Hackers take advantage of three main browser-side weaknesses in vulnerable versions of Adobe Flash, Java and Silverlight. These are the “low hanging fruit that they look for,” Duffy said.
“Ransomware was pretty predictable; it has been evolving with stronger encryption.” These newer versions of ransomware haven’t appeared in many attacks against state or local government yet, “but they probably will,” according to Duffy.
He cited four ways to deter ransomware attacks: securing configurations, securing coding, patching and vulnerability scanning. The most important of those four, he suggested, is patching.
“We spend a lot of time just patching systems,” he said, “but if you don’t do it you’re going to be toast.”
Matt Leonard is a former reporter for GCN.