The Robbinhood ransomware hit the city of Baltimore recently, and locked down numerous essential public services. The hackers used the ransomware to shut down almost ten thousand computers and demanded 13 bitcoins (equivalent to $100,000) towards ransom to unlock these computers.
Increase in Vulnerability
Robbinhood is not the first ransomware that has held government systems hostage for money, and certainly it is not going to be the last. Although, in this instance while Baltimore has taken a bold stance, refusing to pay the ransomware, it highlights how vulnerable the government systems are to ever-increasing and evolving cyber threats. Globally, governments are pushing for smart city projects and there is a greater uptake of IoT-enabled smart devices. However, the security framework for smart devices is all but rudimentary, which makes them an easy target for hackers.
To make matters worse, it’s not just the use of ransomware but various other tactics as well that have resulted in a multi-fold increase in the threat to governments systems. Social engineering, DDoS, brute force, and data breaches are becoming all too common. Today, hackers are not only technically savvy, but they also have access to sophisticated tools and techniques. The dark web is replete with the latest criminal tool kits at ridiculously low costs that help place the hackers far ahead of the public sector—largely using legacy system software and patchy software updates. These create loopholes that hackers can easily exploit and gain access to government systems.
Drive Security Strategy
That brings us to the moot question of what can governments do to protect their digital assets and the citizens in an interconnected, digital-first world? Greater investments and deployment of technology-driven smart security solutions is not enough. Governments need trained cyber security professionals to drive strategic initiatives in order to ensure security. Partnering with reliable and reputed third party vendors can be considered to enhance the security posture.
Setting a Precedent
Baltimore, for now, has refused to give in to the demands of the hackers. The outcome of this incident will likely set a precedent and provide governments, globally, with the insights to respond to such situations.
The article has been written by Neetu Katyal, Content and Marketing Consultant
She can be reached on LinkedIN.