US cities urged to take action on ransomware

US state and local government agencies have been urged to take immediate action to safeguard against ransomware in light of the growing number of attacks on city and state systems.

The US Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing and Analysis Center (MS-ISAC), National Governors Association (NGA) and National Association of State Chief Information Officers (NASCIO) have recommended three steps to improve resilience against ransomware.

These include conducting daily backups of all critical agency information and storing these backups offline, as well as conducting regular employee training on recognising cyber threats, phishing and suspicious links.

Agencies have also been urged to develop, revisit and refine cyber incident response plans for when attacks occur, including protocols for requesting assistance from external cyber first responders following an attack.

"Through this collective action, we can better protect ourselves and our communities, and further advance the cyber preparedness and resilience of the nation," the four organisations said in a joint statement.

Earlier this month, the US Council of Mayors unanimously adopted a resolution not to pay ransomware, following a string of attacks on county, city and state government systems.

According to the resolution, at least 170 county, city or state government systems have been compromised by ransomware since 2013, with 22 of these occurring this year alone.

Image credit: ©stock.adobe.com/au/Lasha Kilasonia

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.