{"id":8150,"date":"2019-08-28T07:28:00","date_gmt":"2019-08-28T07:28:00","guid":{"rendered":"http:\/\/www.firstlinepractitioners.com\/ransomware-attacks-on-cities-are-rising\/"},"modified":"2019-10-03T10:39:00","modified_gmt":"2019-10-03T10:39:00","slug":"ransomware-attacks-on-cities-are-rising","status":"publish","type":"post","link":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/","title":{"rendered":"Ransomware attacks on cities are rising"},"content":{"rendered":"<figure><img decoding=\"async\" src=\"https:\/\/images.theconversation.com\/files\/289666\/original\/file-20190827-184234-5kn0up.jpg?ixlib=rb-1.1.0&amp;rect=256%2C4%2C2692%2C1728&amp;q=45&amp;auto=format&amp;w=754&amp;fit=clip\" \/><figcaption><span class=\"attribution\"><a class=\"source\" href=\"https:\/\/www.shutterstock.com\/image-illustration\/computer-programming-code-detecting-virus-online-1209102469?src=-4-97\">Shutterstock.<\/a><\/span><\/p>\n<\/figcaption><\/figure>\n<p><a href=\"https:\/\/theconversation.com\/profiles\/david-wall-98233\">David Wall<\/a>, <em><a href=\"http:\/\/theconversation.com\/institutions\/university-of-leeds-1122\">University of Leeds<\/a><\/em><\/p>\n<p>A ransomware campaign that targeted <a href=\"https:\/\/www.nytimes.com\/2019\/08\/20\/us\/texas-ransomware.html\">23 US cities<\/a> across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks. These events come not long after similar attacks on <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/la-porte-county-pays-130-000-ransom-to-ryuk-ransomware\/\">governmental and business organisations<\/a> in Indiana, Florida and elsewhere. They reflect a <a href=\"https:\/\/theconversation.com\/hackers-are-making-personalised-ransomware-to-target-the-most-profitable-and-vulnerable-113583\">general shift in ransomware tactics<\/a> from \u201cspray and pray\u201d attacks on large numbers of individual consumers, to \u201cbig game hunting\u201d, which targets organisations, usually through people in positions of power.<\/p>\n<p>A recent report from cyber-security firm Malwarebytes <a href=\"https:\/\/blog.malwarebytes.com\/reports\/2019\/08\/labs-quarterly-report-finds-ransomwares-gone-rampant-against-businesses\/\">found a 363% increase<\/a> in ransomware detections against businesses and organisations (as opposed to individuals) from 2018 to 2019. Put simply, cyber-criminals see an opportunity to extort far more money from organisations than individuals. Although <a href=\"https:\/\/blog.malwarebytes.com\/reports\/2019\/08\/labs-quarterly-report-finds-ransomwares-gone-rampant-against-businesses\/\">the majority<\/a> of ransomware attacks were found to occur in the US, local governments around the world are equally vulnerable.<\/p>\n<p>Ransomware usually spreads via phishing emails or links to infected websites, relying on human error to gain access to systems. As its name suggests, ransomware is designed to block access to data, systems or services until a ransom is paid. At a technical level, cities tend to be fairly easy targets because they often have bespoke operating systems, with parts that are old and out-of-date, as well as ineffective back-up measures.<\/p>\n<p>Cities also tend to lack system-wide security policies, so if cyber-criminals gain entry through one system, they can then access others and wreak havoc by freezing essential data and preventing the delivery of services. But even if organisations have improved their technical security, <a href=\"https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0167404819301336?via%3Dihub\">my research with my colleague Lena Connolly<\/a> has found that few put equal emphasis on training employees to identify and resist attacks.<\/p>\n<h2>Target acquired<\/h2>\n<p>Employees in many small and medium-sized organisations, like local governments, often do not recognise their organisation\u2019s true commercial value to criminals, and commonly <a href=\"https:\/\/www.theguardian.com\/small-business-network\/2016\/feb\/08\/huge-rise-hack-attacks-cyber-criminals-target-small-businesses\">think they are unlikely to be targeted<\/a>. As a result, they might also develop bad habits \u2013 such as using work systems for personal reasons \u2013 which can increase vulnerability.<\/p>\n<p>Offenders will do their homework before launching an attack, in order to create the most severe disruption they possibly can. After all, the greater the pressure to pay the ransom, the higher they can set the tariff.<\/p>\n<figure class=\"align-center \"><img decoding=\"async\" src=\"https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=45&amp;auto=format&amp;w=754&amp;fit=clip\" sizes=\"(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px\" srcset=\"https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=45&amp;auto=format&amp;w=600&amp;h=398&amp;fit=crop&amp;dpr=1 600w, https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=30&amp;auto=format&amp;w=600&amp;h=398&amp;fit=crop&amp;dpr=2 1200w, https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=15&amp;auto=format&amp;w=600&amp;h=398&amp;fit=crop&amp;dpr=3 1800w, https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=45&amp;auto=format&amp;w=754&amp;h=501&amp;fit=crop&amp;dpr=1 754w, https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=30&amp;auto=format&amp;w=754&amp;h=501&amp;fit=crop&amp;dpr=2 1508w, https:\/\/images.theconversation.com\/files\/289659\/original\/file-20190827-184252-uagnli.jpg?ixlib=rb-1.1.0&amp;q=15&amp;auto=format&amp;w=754&amp;h=501&amp;fit=crop&amp;dpr=3 2262w\" alt=\"\" \/><figcaption><span class=\"caption\">Held to ransom.<\/span><br \/>\n<span class=\"attribution\"><a class=\"source\" href=\"https:\/\/www.shutterstock.com\/image-photo\/ransomware-close-your-files-encrypted-on-668772517?src=-4-52\">Shutterstock.<\/a><\/span><\/figcaption><\/figure>\n<p>Attackers identify key individuals to target and seek out vulnerabilities such as computers which have been left switched on outside of working hours, or have not been updated. Once they\u2019ve worked out who to target, cyber-criminals deploy \u201csocial engineering\u201d techniques, such as phishing, which <a href=\"https:\/\/us.norton.com\/internetsecurity-emerging-threats-what-is-social-engineering.html\">psychologically manipulate<\/a> victims into opening an email attachment or clicking on a link, which allows the ransomware programme into the organisation\u2019s operating system.<\/p>\n<h2>To pay or not to pay?<\/h2>\n<p>Whether or not to pay the ransom is not a straightforward decision for city authorities with vital public services on the line. Most policing agencies instruct victims not to pay, but as Mayor Stephen Witt of Lake City, Florida, <a href=\"https:\/\/www.nytimes.com\/2019\/06\/27\/us\/lake-city-florida-ransom-cyberattack.html\">put it<\/a> after his ward was targeted:<\/p>\n<blockquote><p>With your heart, you really don\u2019t want to pay these guys. But, dollars and cents, representing the citizens, that was the right thing to do.<\/p><\/blockquote>\n<p>Another problem is that ransomware is not always deployed to extort money \u2013 so paying the ransom doesn\u2019t guarantee that data will be restored. Attackers can have varying motives, skills and resources \u2013 working out their motive (often with very little information) is therefore crucial.<\/p>\n<p>Rather than simply making money using ransomware, some cyber-criminals might seek to disable market competitors who provide competing goods or services. Or, they may use the attacks for political gain, to reduce public confidence in a local government\u2019s ability to deliver essential services. In such cases, the data is unlikely ever to be restored, even if the ransom is paid.<\/p>\n<h2>Seeking cover<\/h2>\n<p>Many cities are insured against attacks, and insurers often pay the ransom to retrieve stolen data \u2013 <a href=\"https:\/\/www.propublica.org\/article\/sting-catches-another-ransomware-firm-red-mosquito-negotiating-with-hackers\">sometimes employing third party negotiators<\/a>, against national advice. Ironically, the knowledge that cyber-criminals are likely to get paid justifies the time they spend researching their target\u2019s weaknesses, and leaves the door open for repeat attacks. This was one of the reasons why cyber-criminals changed tactics and started targeting organisations in the first place.<\/p>\n<p>This leaves city authorities a difficult choice, between paying to restore essential data and services (and encouraging cybercriminals) or admitting their systems have been compromised and facing up to social and political backlash. Even so, there are some measures city authorities can take to protect themselves, and their citizens, from ransomware.<\/p>\n<p>Today, authorities need to assume that it\u2019s a matter of when \u2013 not if \u2013 an attack will happen. They should install back up systems for protected data that have the capacity to replace infected operating systems and databases if need be. For example, in the UK, research found that <a href=\"https:\/\/securitybrief.eu\/story\/more-quarter-uk-councils-infected-ransomware\">27% of local government organisations<\/a> were targets of ransomware in 2017. Yet 70% of their 430 respondents had backup systems in place, in preparation for the EU\u2019s <a href=\"https:\/\/en.wikipedia.org\/wiki\/General_Data_Protection_Regulation\">General Data Protection Regulation (GDPR)<\/a>, and could therefore recover from a ransomware attack much faster than their counterparts in the US.<\/p>\n<p>Local authorities need to separate their data systems where possible and install appropriate levels of security. They also need to train employees about the nature of the threat and the impacts of their own actions when working within the organisation\u2019s systems. They should also be aware of international schemes to prevent and mitigate ransomware (such as <a href=\"https:\/\/www.nomoreransom.org\/en\/index.html\">nomoreransom.org<\/a>) \u2013 which provide advice and publish the keys to some ransomware online.<\/p>\n<p>Public organisations must be able to think quickly and adapt to these new security threats \u2013 especially since cyber-criminals are <a href=\"https:\/\/www.computing.co.uk\/ctg\/opinion\/3078977\/cyber-security-think-like-the-enemy\">always coming up<\/a> with new techniques. Local governments need to be prepared to simultaneously prevent cyber-attacks, mitigate their effects when they do happen and bring cyber-criminals to justice.<!-- Below is The Conversation's page counter tag. Please DO NOT REMOVE. --><img decoding=\"async\" loading=\"lazy\" style=\"border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important; text-shadow: none !important;\" src=\"https:\/\/counter.theconversation.com\/content\/122347\/count.gif?distributor=republish-lightbox-basic\" alt=\"The Conversation\" width=\"1\" height=\"1\" \/><!-- End of code. If you don't see any code above, please get new code from the Advanced tab after you click the republish button. The page counter does not collect any personal data. More info: http:\/\/theconversation.com\/republishing-guidelines --><\/p>\n<p><a href=\"https:\/\/theconversation.com\/profiles\/david-wall-98233\">David Wall<\/a>, Professor of Criminology, <em><a href=\"http:\/\/theconversation.com\/institutions\/university-of-leeds-1122\">University of Leeds<\/a><\/em><\/p>\n<p>This article is republished from <a href=\"http:\/\/theconversation.com\">The Conversation<\/a> under a Creative Commons license. Read the <a href=\"https:\/\/theconversation.com\/ransomware-attacks-on-cities-are-rising-authorities-must-stop-paying-out-122347\">original article<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A ransomware campaign that targeted 23 US cities across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks. <\/p>\n","protected":false},"author":9,"featured_media":7147,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[155,135],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Ransomware attacks on cities are rising - FirstLinePractitioners.eu<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ransomware attacks on cities are rising - FirstLinePractitioners.eu\" \/>\n<meta property=\"og:description\" content=\"A ransomware campaign that targeted 23 US cities across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/\" \/>\n<meta property=\"og:site_name\" content=\"FirstLinePractitioners.eu\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-28T07:28:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-10-03T10:39:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.firstlinepractitioners.com\/wp-content\/uploads\/2018\/02\/takedown18-e1523531912564.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1333\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Florian\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Florian\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/\",\"url\":\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/\",\"name\":\"Ransomware attacks on cities are rising - FirstLinePractitioners.eu\",\"isPartOf\":{\"@id\":\"https:\/\/www.firstlinepractitioners.com\/el\/#website\"},\"datePublished\":\"2019-08-28T07:28:00+00:00\",\"dateModified\":\"2019-10-03T10:39:00+00:00\",\"author\":{\"@id\":\"https:\/\/www.firstlinepractitioners.com\/el\/#\/schema\/person\/b34843a12defd8503efa62cbb39edbd3\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.firstlinepractitioners.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ransomware attacks on cities are rising\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.firstlinepractitioners.com\/el\/#website\",\"url\":\"https:\/\/www.firstlinepractitioners.com\/el\/\",\"name\":\"FirstLinePractitioners.eu\",\"description\":\"Curricula - Knowledge - Navigation\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.firstlinepractitioners.com\/el\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"es\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.firstlinepractitioners.com\/el\/#\/schema\/person\/b34843a12defd8503efa62cbb39edbd3\",\"name\":\"Florian\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.firstlinepractitioners.com\/el\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5193b32cfd0b1df3bedd57dc497af30e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5193b32cfd0b1df3bedd57dc497af30e?s=96&d=mm&r=g\",\"caption\":\"Florian\"},\"url\":\"https:\/\/www.firstlinepractitioners.com\/es\/author\/florian\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ransomware attacks on cities are rising - FirstLinePractitioners.eu","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/","og_locale":"es_ES","og_type":"article","og_title":"Ransomware attacks on cities are rising - FirstLinePractitioners.eu","og_description":"A ransomware campaign that targeted 23 US cities across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks.","og_url":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/","og_site_name":"FirstLinePractitioners.eu","article_published_time":"2019-08-28T07:28:00+00:00","article_modified_time":"2019-10-03T10:39:00+00:00","og_image":[{"width":2000,"height":1333,"url":"https:\/\/www.firstlinepractitioners.com\/wp-content\/uploads\/2018\/02\/takedown18-e1523531912564.jpg","type":"image\/jpeg"}],"author":"Florian","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"Florian","Tiempo de lectura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/","url":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/","name":"Ransomware attacks on cities are rising - FirstLinePractitioners.eu","isPartOf":{"@id":"https:\/\/www.firstlinepractitioners.com\/el\/#website"},"datePublished":"2019-08-28T07:28:00+00:00","dateModified":"2019-10-03T10:39:00+00:00","author":{"@id":"https:\/\/www.firstlinepractitioners.com\/el\/#\/schema\/person\/b34843a12defd8503efa62cbb39edbd3"},"breadcrumb":{"@id":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.firstlinepractitioners.com\/es\/ransomware-attacks-on-cities-are-rising\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.firstlinepractitioners.com\/"},{"@type":"ListItem","position":2,"name":"Ransomware attacks on cities are rising"}]},{"@type":"WebSite","@id":"https:\/\/www.firstlinepractitioners.com\/el\/#website","url":"https:\/\/www.firstlinepractitioners.com\/el\/","name":"FirstLinePractitioners.eu","description":"Curricula - Knowledge - Navigation","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.firstlinepractitioners.com\/el\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"es"},{"@type":"Person","@id":"https:\/\/www.firstlinepractitioners.com\/el\/#\/schema\/person\/b34843a12defd8503efa62cbb39edbd3","name":"Florian","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.firstlinepractitioners.com\/el\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5193b32cfd0b1df3bedd57dc497af30e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5193b32cfd0b1df3bedd57dc497af30e?s=96&d=mm&r=g","caption":"Florian"},"url":"https:\/\/www.firstlinepractitioners.com\/es\/author\/florian\/"}]}},"_links":{"self":[{"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/posts\/8150"}],"collection":[{"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/comments?post=8150"}],"version-history":[{"count":1,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/posts\/8150\/revisions"}],"predecessor-version":[{"id":8159,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/posts\/8150\/revisions\/8159"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/media\/7147"}],"wp:attachment":[{"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/media?parent=8150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/categories?post=8150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.firstlinepractitioners.com\/es\/wp-json\/wp\/v2\/tags?post=8150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}