The roughly 345,000 residents of Somerset County continue to feel the effects of a ransomware attack earlier this week that forced local officials to shut down all network-linked computers. County email accounts and websites used by residents to contact key agencies remain inaccessible.
The incident began on Tuesday and disrupted all county services that rely on internet access, the county said in a statement, adding that emergency cybersecurity response operations had been activated. In a follow up statement, the county informed residents that temporary Gmail accounts had been created to help people reach critical county departments.
Details Remain Scarce
Few details have been released about the type of ransomware deployed in the attack and how it penetrated the county’s IT networks. The damage so far has left phone lines and emergency service systems intact, according to county officials.
Nathan Rudy, Somerset County’s director of public affairs told CNN the attack disrupted a web form used to request replacement mail-in ballots for next month’s elections. He added that ballots could still be requested by phone or in person.
County Administrator Colleen Mahr said Somerset officials were working hard to keep vital services available to the public. She added in the statement that county IT staff were “working around the clock to evaluate our situation, prevent further damage, and ultimately recover.”
A Growing Problem
Local and state governments in the U.S. have become a frequent target for ransomware gangs. Local governments often lack the cybersecurity resources available to federal government agencies. The attack in Somerset County is the 22nd of its kind this year alone, according to Allan Liska, a senior intelligence analyst at cybersecurity firm Recorded Future cited by CNN.
Earlier this year, the FBI issued a Private Industry Notification warning that ransomware attacks were straining the resources of local U.S. governments. The notification warned Government Facilities Sector partners that ransomware attacks on local governments “have resulted in disrupted operational services, risks to public safety, and financial losses.
The FBI’s warning also included results from “The State of Ransomware in Government 2021,” prepared by an independent research group. The survey found that “local governments were the least able to prevent encryption and recover from backups, and had the second highest rate of paying the ransom compared to other critical infrastructure sectors.”
SecureData – A Trusted Cybersecurity Partner
Government and private-sector IT security analysts agree that offline encrypted backup storage, remote management capabilities, and hardened security at all network endpoints is crucial to prevent ransomware infection. SecureData’s storage solutions provide a remotely managed solution to portable data security that also prevents ransomware infection at one of the most common sources: your network endpoints.
Our hardware-encrypted external storage devices allow users to authenticate with a secure mobile app or onboard keypad and PIN. Our newest drive, the SecureDrive® DUO, offers both authentication methods in a drive that combines the best security features of our keypad-authenticated (KP) and Bluetooth-authenticated (BT) product lines.
In addition to providing maximum data protection, our hardware-encrypted drives come remote management-ready and through our online console. IT admins have full control of how, when, and where drives can be accessed. For added protection, we offer access to our SecureGuard USB port blocker, which limits computer access throughout an organization to authorized devices only.
Simply Smarter Security
The threat of ransomware attacks remains potent, and the sophistication of attacks continues to grow. Despite comprehensive and costly cybersecurity measures, even the most heavily defended organizations can be compromised.
Several recent studies have shown that human error remains the leading cause of data breaches. Comprehensive and regular education about existing and emerging cybersecurity threats gives employees the information they need to avoid common phishing email scams.
SecureData gives organizations the tools they need to more closely manage how employees access networks and how data moves internally and externally. Making sure critical data is safe in motion and that backups remain encrypted, offline, and beyond the reach of infected networks can dramatically reduce the likelihood of a successful ransomware attack.