Continue to StateScoop.com

Public sector ‘outgunned’ on ransomware, experts say

On a StateScoop virtual roundtable, two cybersecurity experts from the private and public sector weigh in on how state and local governments are facing down the threat of ransomware.

Jake Williams
Bio
Jake Williams Associate Publisher & Director of Strategic Initiatives

Jake Williams is currently the Associate Publisher & Director of Strategic Initiatives for StateScoop, based in Washington, D.C., where h...

Ransomware is relatively new on the list of mainstream of cyberthreats for government, but even still, state and local agencies are struggling to catch up with how the malware continues to develop.

Peter Tran, the general manager and senior director for RSA Security’s advanced cyber-defense technologies practice, said agencies are definitely facing a larger-than-average threat when it comes to ransomware.

“We’re outgunned by the sheer speed and size by which ransomware is going to evolve,” Tran said. “What we want, from a security standpoint, is driving early detection, driving more of an analytics-based detection system so that we know typically what ransomware will behave like.”

Ransomware is such a threat to government, though, because unlike malware that preceded it, it’s driven almost exclusively by greed, Peter Liebert, California’s chief information security officer said in the roundtable.

“The money aspect is really a key component of why the ransomware issue has become really so big,” Liebert said. “From a criminal context, it’s cutting out the middleman. They’re able to impact the victim and get that victim to pay them directly.”

But the ransomware threat isn’t done evolving yet — Tran said the ransomware we know of now is just a few varieties of the 1.5 billion malware threats on the horizon. And with business models like ransomware as a service, and call and chat centers to support those infected with ransomware, the threat shows no signs of slowing down.

In recent history, a county in Indiana spent $20,000 to unlock systems after a ransomware attack. Washington, D.C.’s police department also was forced to take infected devices offline and wipe them.

Both Tran and Liebert agreed that good training and good backups are really the best thing state and local governments can do right now to cope with the ransomware threat — something officials from the Multi-State Information Sharing and Analysis Center have echoed as well.

In the discussion:

  • Peter Tran, General Manager & Senior Director, Advanced Cyber Defense Technologies, RSA Security
  • Peter Liebert, Chief Information Security Officer, State of California
  • Jake Williams, Manager of Strategic Initiatives, StateScoop

This StateScoop Virtual Roundtable was sponsored by RSA Security.

Join the Conversation

Related Articles