VRSA opened National Cybersecurity Month by hosting a presentation on cyber extortion at the Virginia Municipal League 2021 Annual Conference in Leesburg, Virginia.
The presentation, titled: Double the trouble: Increasing the pressure to pay cyber extortion, was facilitated by VRSA Director of Education and Training Thomas Bullock. Panelists included Partner Darius Crenshaw with Crenshaw, Ware & Martin; Special Agent Cary Scardina with the Federal Bureau of Investigation; and Deputy Secretary for Public Safety and Homeland Security Shawn Talmadge with the United States Department of Homeland Security.
The panel focused on “double extortion ransomware,” the newest wave in increasingly sophisticated ransomware attacks.
In double extortion, information stored on a user’s machine is stolen before remaining information on the machine is then encrypted.
The attacker then demands payment in exchange for decrypting the information in addition to demanding payment in exchange for not publicizing the stolen data on the dark web.
Is your entity prepared for ransomware attacks? Ask yourself these questions:
- What is your plan of action if your entity is a victim of a ransomware attack?
- Who makes up the Incident Response Team (IRT) and what is their role?
- Do you call your coverage provider?
- Does your information technology team know what to do?
- Do you pay the ransom?
- Do you communicate with the attacker?
- Do you contact law enforcement?
- What do you tell the media?
- What do you tell employees?
- How should you communicate with employees?
Prevention is Key
And the most important question – How can you prevent this from happening?
Your first lines of defense should be: user education, password complexity, firewalls, back-up systems and databases, and updated system patches.
VRSA members also have access to a variety of cybersecurity resources – in addition to sample documents such as a Cybersecurity and Social Engineering Incident Protocol, sample Cyber Inventory, and recommended Cyber Prevention Measures document, located on the VRSA member website.
Members also have access to YourCISO, a product of Risk Based Security. YourCISO provides information security resources and consulting services – like having your own Chief Information Security Officer. Benefits include:
- Awareness training;
- Consulting;
- Security program sample documentation and policies;
- Incident response; and a
- Security Health Check to benchmark your organization’s cyber risk.
Upcoming Training
National Cybersecurity Day is Tuesday, Nov. 30. Look for an upcoming virtual engagement focused on cybersecurity as well as an Emerging Risk Alert for VRSA in late November. For more information on accessing YourCISO or other VRSA resources, contact your member services representative.