The cyberwar is in our own back yard. Recent news about ransomware attacks against city governments in Florida has made the financially motivated cybercrime — where an attacker uses malicious software, or malware, to hold a computer hostage — famous. Last month, Lake City officials agreed to pay almost $500,000 to a ransomware gang. Riviera Beach and Key Biscayne also were hit this year, leaving taxpayers with the bill and two lingering questions: Should we have paid the criminals?; and how do we prevent this from happening again? The harsh truth is, No, we should not pay ransom for our hostage technology. And we can be better prepared.
Cyber criminals are hitting us in Florida and disrupting systems that we rely on to operate the infrastructure of our cities. Resource-strapped government offices have become a popular target as they struggle to get by with outdated technology. It’s common to find that protecting digital infrastructure with modern solutions is deprioritized until there is an issue. Ransomware attacks are an imminent threat. We live in a world where anyone can grab a cyberweapon’s code and reuse it.
Business and governments must join together to protect critical systems, which are vital to the functioning of our communities and have real-world implications for citizens’ health and safety.
My advice on the trend of paying ransom to these attackers: Do not do it. Paying ransom has profound negative consequences, not the least of which is that it incentivizes and fuels the criminal cyber economy. Besides, even if you pay, there is no guarantee that you’ll get your data back. If you are attacked, immediately engage law enforcement and work with cybersecurity experts who can help recover your systems.
More important, protect systems proactively. Offense is the best defense. Focus on improving cyber resiliency and work with experts to harden your systems before you’re on the wrong end of a crippling attack. More specifically, in addition to practicing good cyber hygiene (make sure patching and anti-malware protection is up to date, set up appropriate access controls, etc.) organizations should consider the following:
Understand what systems and data are critical for the organization to function.
Ask the simple question: “If all of our systems and data becomes encrypted by ransomware, how would we recover?” If the answer is, “We couldn’t” or “I don’t know,” there is work to do.
Assume that your network will be under constant attack and employ a “Zero Trust” framework.
Develop a network that is cloud and hybrid native to reduce a centralized checkpoint.
We are calling on all municipalities to urgently inspect their networks and systems and to work with cybersecurity experts to protect them. Consider this a wake-up call — no one is exempt from the cyber battleground and now is the time to ensure that we’re prepared to defend our systems and data.
Manuel D. Medina is founder and CEO of Cyxtera, based in Coral Gables.