Attacks on government agencies in the USA affected around 173 million people, and resulted in damages valuing approximately $52.88 billion. Implementing a cloud-based disaster recovery solution can enable government organizations to drop over to a secure cloud and continue providing services to people.

There has been a rise in ransomware attacks the threat to government organizations.

Even before COVID-19 hit, there were 246 ransomware attacks carried out against government entities in the US alone, from 2018 to  2020. An NPR article stated that the 2019 cyberattack on Baltimore's government organizations was "only one of over 20 made on municipalities this year” — and cybersecurity experts said it likely would take months for the city to recover."

‍

Attacks on government agencies in the USA affected around 173 million people, and resulted in damages valuing approximately $52.88 billion, and An NPR article states that the 2019 cyberattack on Baltimore's government organizations is "only one of over 20 made on municipalities this year — and cybersecurity experts say it likely will take months for the city to recover."

The ransomware attack on Baltimore's local government used some of the newest ransomware of 2019, such as an algorithm called Robin Hood that is assumed to be impossible to crack.

Unlike large corporations and small organizations, government agencies didn’t take precautions after the Target incident in 2013. Now more than ever, government agencies are rapidly expanding their use of services and technologies that rely on Internet connectivity, and they are often doing so without properly protecting their sensitive data.

It opens new vectors of attack for cybercriminals and hostile governments. Cybercriminals see ransomware as a promising additional revenue stream that raises the stakes.

Challenges to Government Organizations in combating Cyber Attacks

Government agencies face a few challenges in combating cyberattacks, which are usually are ignored because of time constraints or the lack of awareness, such as:

• Maintaining the integrity of the organization's systems, software, and data in the face of documented and advanced persistent threats.
• Identifying, reacting to, and correcting vulnerabilities without unnecessary complexity (e.g., extra tools and agents).
• Controlling cost while preparing for attacks.
• Understanding the security of workloads, clouds, networks, and endpoints.

Without a thorough understanding of its endpoints, network access, and servers, state and local government agencies wouldn’t be able to detect ransomware in its early stages or isolate compromised hosts in a timely manner. While most organizations would benefit from investing more in ransomware detection and prevention, they simply don't receive the funding from higher authorities (again—lack of awareness) or resources to do so.

What countermeasures can departments take to prevent further ransomware attacks on the government? How can vulnerable local governments like those in smaller towns and areas where funds are usually tight take precautions?