Serving Colorado's Counties

Technical Update 40 - Ransomware

July 30, 2020

Garmin Ltd., a GPS device and service provider, was the latest company to be hit by a ransomware attack. Ransomware has infected thousands of computers and networks across the United States, including a 2018 attack on the Colorado Department of Transportation (CDOT) that cost $1.5 million to undo. Ransomware is a virus or type of malware that locks users out of their computers or data unless they pay a “ransom”.

Tempting Targets

Ransomware attacks, especially on government systems, have become a large-scale criminal industry. In a three-year period, the two men indicted in the CDOT attack targeted more than 200 schools, government agencies, hospitals, and businesses across the U.S. and Canada. While CDOT did not pay the ransom, other victims paid more than $6 million. Ransomware attacks can be devastating and costly, often requiring the services of a data recovery specialist. Even if victims pay the ransom, something the FBI advises against, there is no guarantee that access to data or systems will be returned.

Phishing

Most ransomware attacks happen through phishing—emails that appear to be from a trusted source designed to trick people into clicking on a link or opening an attachment. For more information about phishing, refer to Technical Update vol. 23 no. 17 Phishing: What you Need to Know.

Taking Precautions

The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the U.S. Department of Homeland Security, recommends that organizations take the following precautions:

  • Update software and operating systems with the latest patches. Outdated applications and operating systems are the targets of most attacks.
  • Never click on links or open attachments in unsolicited emails.
  • Backup data on a regular basis. Keep it on a separate device and store it offline.
  • Follow safe practices (i.e., use strong passwords and two-factor authentication, be suspicious of unexpected emails, etc.) when browsing the Internet.
  • Restrict users’ permissions to install and run software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
  • Use application whitelisting to allow only approved programs to run on a network.
  • Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound emails to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.

What This Means for Counties

Ransomware attacks are a rising threat for local governments. While CAPP does provide network liability coverage of varying limits for network extortion and other network security incidents, taking steps to prevent ransomware attacks is the best defense. The CAPP Network Liability policy is available at ctsi.org. For more information, contact CTSI at (303) 861 0507.

A PDF of this Technical Update is available here.

News & Updates

Technical Update vol. 25 no. 8 -Use of Drones

Inquiries about the liability in the use of drones (unmanned aerial vehicles) continue to grow as interest in the use of drones rises. Members of the Colorado Counties Casualty and Property Pool (CAPP) should be aware that your CAPP coverage excludes aircraft operations, and the use of drones falls under this language. So, if you […]

Read More
Technical Update vol. 25 no. 7 - Healthy Families and Workplaces Act Coverage Broadens in 2021

The Healthy Families and Workplaces Act (HFWA, S.B. 20-205, July 12, 2020) signed into law by Governor Polis last year contains provisions that expand paid sick leave in 2021. Who is Covered? The HFWA applies to all Colorado employers with 16 or more employees in 2021. Coverage expands to employers of any size in 2022. […]

Read More
Technical Update vol. 25 no. 6 - Colorado Healthy Families and Workplaces Act Extends Paid Sick Leave for COVID-19

Colorado passed SB20-205, also known as the Healthy Families and Workplaces Act (Healthy Families Act), in July 2020. The Act made changes to Colorado’s paid sick leave statutes and provided for COVID-19-specific sick leave. The Act consists of two COVID-19 related sections. First, it requires Colorado employers to comply with the federal Emergency Paid Sick […]

Read More
Technical Update vol. 25 no. 5 -Take Steps to Prevent Winter Slips and Falls

According to the Occupational Safety & Health Administration (OSHA), slips, trips, and falls cause the majority of general industry accidents and 15% of accidental deaths. Each winter, CTSI receives multiple incident reports about county employees being injured by slipping and falling while working in icy conditions. Many of these injuries could be prevented by wearing […]

Read More
January: Glaucoma
Read More