Cybersecurity Roundup: Kaseya, Barracuda, Qualys, Arctic Wolf Networks

Louisiana is the latest state to be hit with a ransomware attack on multiple state agencies, with Gov. John Bel Edwards declaring a state of emergency.

Ten percent of the state’s 5,000 computer network’s servers that power operations across state government and 1,600 PCs were damaged by the attack. The state Office of Motor Vehicles was one of the agencies hardest hit by the attack.

This follows the trend of cyberattacks hitting local governments around the United States as nearly 150 government entities have been hit this year alone.

Kaseya’s Kevin Lancaster

To find out more about this trend, we spoke with Kevin Lancaster, Kaseya‘s general manager of security solutions.

Channel Futures: Why do ransomware attacks on local governments matter and what is the larger impact on society?

Kevin Lancaster: Ransomware attacks in local and state governments can have reverberating effects for residents. Both ransomware attacks in Louisiana ended up halting major state systems, including three school districts and the Louisiana Department of Children and Family Services. This meant that state residents not only risked their personal information being exposed, but they also potentially lost access to critical services they needed to live. Another example is the March 2018 ransomware attack against the city of Atlanta, where residents couldn’t pay their utilities or pay for parking tickets, police and other employees had to write out their reports by hand and court proceedings for people who are not in police custody were canceled for weeks. A lapse in services like these, even if brief, can negatively impact thousands of citizens.

CF: Is there anything unique or unusual about the ransomware attack on Louisiana state agencies?

KL: There is not anything particularly unique in the Louisiana ransomware attack as opposed to similar government ransomware attacks. The attackers utilized Ryuk, which was first seen in August of 2018. With the exception of their response, they didn’t stop the attack, but they had a plan and process in place to address and recover from the incident. State and local governments are rich targets because they are large and widely distributed, with aging and underfunded infrastructure that provides critical services expected to be available 24×7 to millions of individuals. The state initiated their cybersecurity response rapidly by shutting down their systems to stop the spread and recovered from good backups. The ability to execute this process across a large, multidepartment network demonstrates that proper planning can minimize the impact of a cybersecurity incident and should provide a lesson for other government offices.

CF: What aren’t local governments doing that they should be doing to protect themselves?

KL: Outdated IT systems and lack of employee training make local municipalities easy targets, and hackers know it. While it’s bad enough when…