Ransomware Attacks on the Rise Means Organizations Require a Crisis Plan

State & Local Government Agencies can Follow IT Best Practices to Create a Cybersecurity Crisis Plan

The term: “Everything is bigger in Texas” now includes randsomware attacks, according to a CPO magazine article publish on September 2, 2019. Over the Labor Day holiday weekend, 22 Texas municipalities were hit with ransomware attacks that crippled key city services.

Unfortunately, these attacks are becoming more common place and during our Security Week at Cradlepoint I want to address how municipalities and cities can be prepared and create a cybersecurity emergency crisis plan — much like an emergency management disaster recovery plan — for virtual crisis events.

The perfect place to start is to ensure that I.T. best practices are followed. A great reminder of best practices can be referenced here: Mitigating Network Security Risk Infographic. This infographic outlines the top ten best practices:

  1. Educate end users
    From passwords to phishing, educating a company’s staff early and often is one of the most effective ways to mitigate cyber security risks.
     
  2. Deploy Parallel Networks
    Distributed enterprises create Parallel Networks by designating each application to its own isolated network (also known as air-gapped networks). This physical separation prohibits attackers from using a compromised device to pivot to servers and networks that hold sensitive data.
     
  3. Ensure all facets of your systems are PCI Compliant — and CJIS, HIPAA and any other governing auditing body
    Organizations that process credit card, criminal justice, or healthcare information must make sure every aspect of their operations meets compliance guidelines. 
     
  4. Remotely manage the network’s edge from the cloud
    A remote cloud management tool automates network security configurations and checklists and provides geo-fencing and location services — even for remote branch offices and vehicle fleets. 
     
  5. BYON — require partners and contractors to “Bring Your Own Network”
    Companies that invite kiosks, partner retailers, or temporary pop-up entities into their stores can reduce risk by requiring such groups to “Bring Your Own Network” (BYON). 
     
  6. Vigilantly update and patch software; use live threat intelligence solutions
    Consistently updating and patching software is a proactive component of risk management at your company. Additionally, utilizing a threat intelligence solution that monitors global threats increases real-time protection against advanced persistent threat attempts.
     
  7. Regularly perform penetration testing
    Robust, frequent penetration testing by an outside company provides an unbiased look at potential weak areas in your network infrastructure. Also, verify that applications within your network have completed their own “pen testing.” 
     
  8. Focus on detection and response — not just prevention
    Because no security software solution can successfully prevent every attack, rapid detection and proper response are essential layers of network security. 
     
  9. Implement IPS/IDS via routing solutions at the network’s edge
    A comprehensive intrusion prevention and detection system (IPS/IDS) via routing solutions at the Network’s edge defends against evasion attacks, improves network availability, and protects sensitive data. 
     
  10. Implement two-factor authentication (2FA)
    Risk of breaches are greatly reduced when a company’s staff login process requires a verification code along with the username and password.

The next place is the State Cyber Disruption Response Plans issue brief by the National Governors Association that was released in July 2019. This report outlines how experienced public safety and emergency management teams prepare, respond, and recover from human-made disasters. It also examines state cyber disruption response plans. City, county, and local agencies can leverage this report to know what resources they have to respond to an incident, their roles and responsibilities, and how they can coordinate resources. These plans also align with the U.S. department of Homeland Security (DHS) National Cyber Incident Response Plan (NCIRP).

Smart Cities and Smart States can only be smart when their agencies prepare for digital transformation and cybersecurity crisis events. Network security and network onramps should be part of the planning process and not an afterthought — that clearly is not working for agencies being held ransom — don’t be next.

Discover more methods to keep your agency's network secure in this white paper: "Cradlepoint Provides Connectivity for CJIS Security Policy Compliant Environments".