JOHNSON CITY, Tenn. (WJHL) — After several cyberattacks across the country, most notably one shutting down the Colonial Pipeline, the White House has taken note and is urging for “immediate steps” to better protect against ransomware attacks. Local governments have taken measures to boost cybersecurity.
“In the past one year, cybersecurity attacks on hospitals, healthcare, and local government sites have increased 300% which shows you the magnitude of cybersecurity attacks on the rise,” said ETSU professor of computing Dr. Gaith Husari. “Should people be worried? Absolutely. The rise of the technology that we have, for example, smart microwaves, fridges, smart cars, and smart TVs is always on the rise. The cybersecurity cannot keep up with that because it’s an unfair game.”
In 2019, Johnson City had to replace almost 300 computers after a ransomware attack which cost the city more than $215,000.
“We’ve added a number of things to our budget in the last year that deals primarily with cybersecurity…different technical solutions as well as policies, procedures, security assessments, penetration assessments, both internal and external,” said the city’s assistant director of technology security, Michael Mingle.
The city now has four layers of backups, including a cloud and storage area network.
“That allows us to have a disaster recovery site which we have separate from our main site here where all of our servers live that we can basically restore from and the backups are completed daily,” Mingle said.
Mingle says the city now operates on the “Zero Trust” model.
“The zero trust model effectively says assume that you’ve already been breached,” explained Mingle. “Assume that there is an attacker in your system and put layered defenses in place to ensure that even if they do get access to a user’s username and password they can’t get any further up to access higher level secure servers.”
The 2019 attack on the City of Johnson City and more recent attacks across the country have led to concern by local officials.
“All of our records are mostly public property and available to the public so in the ransomware the attempt would be to deprive us of working with our records,” Sullivan County Mayor Richard Venable said. “We have I think two different backup systems, so if anyone hacked our system we might lose a day or half a day. We have cybersecurity insurance that protects the citizens from any loss.”
Dr. Husari says the best way to avoid having to pay a ransom is to back it up and protect yourself on the front end.
“If you have a backup of that data and you have it safe and somewhere then you can actually restore it and you don’t need to pay the ransom,” he said. “If you did not implement the correct type of security defense or cyber defense measures then that can be the only option to continue on your business.”
Husari suggests people and companies implement multi-factor authentication for passwords, avoid clicking on links, and invest in ransomware and cyber protection as well as training for employees.