Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

The Cybersecurity 202: Ransomware is wreaking havoc on U.S. cities

Friday, September 10, 2021

Categories: ASCF News Cyber Security

Comments: 0

Source: https://www.washingtonpost.com/politics/2021/09/07/cybersecurity-202-ransomware-is-wreaking-havoc-us-cities/

Computers at a public library in Wilmer, Tex., are out of order following a 2019 ransomware attack. (Tony Gutierrez/AP)

When hackers struck Collierville, Tenn. with a ransomware attack in 2019, the city’s IT staff worked around the clock to recover.

Vital services for the small city of 50,000 were back online within a few days. But, behind the scenes, the full recovery was far more complicated. It included rebuilding some digital systems from scratch and rigorously restoring others from backups. It took the city roughly a year and more than $100,000 to get all of its technology back where it was before the attack, the city’s IT project manager Don Petrowski told me.

“People were very patient, but it was an all-hands-on-deck situation,” Petrowski said. “We worked until we got it done.”

Stories similar to Collierville’s have played out in more than 400 cities and counties across the United States in recent years.

As I reported this weekend, the scourge of ransomware attacks – in which hackers lock up computer systems and demand a payment to unlock them – has impeded emergency responders, stalled tax payments and forced government offices back to pen-and-paper operations for weeks on end.

There are plenty of local examples, as our colleague Karina Elwood recently reported.

“In April, D.C.’s police suffered an attack, with a group posting purported department data after making demands for money," she wrote. "In the fall, Baltimore County Public Schools and Fairfax County Public Schools faced similar attacks, causing online classes in Baltimore County to stop for a brief time. And the Hampton Roads Sanitation District and Bristol Police Department in Virginia became victims last fall and winter.”

The recovery costs have run to millions of dollars for many cities.

Cities that are unable to recover on their own have been forced to pay hundreds of thousands of dollars to cybercriminals to unlock their computers. The FBI discourages such payments, but officials acknowledge they may be necessary in some cases.

Public attention has focused mostly on ransomware attacks against critical infrastructure, such as an attack that hit Colonial Pipeline in May and hampered gas supplies to the southeastern United States. But attacks on cities have been among the most damaging and difficult to recover from.

That’s partly because cities’ information technology has often been underfunded for years or decades, constantly losing out to seemingly more immediate priorities such as policing and social services. Cities also struggle to retain top-shelf IT staff who can attract far higher salaries in the private sector.

“The money just isn’t there and even if the money is there, the people aren’t,” Allan Liska, director of threat intelligence at the cybersecurity firm Recorded Future, told me.

The increase in ransomware attacks is driven by the rise of cryptocurrency.

That has made ransoms far easier to pay and tougher to track.

The past few years have also seen a rise in ransomware-for-hire gangs based mostly in Russia that have made it far easier for other cybercriminals to conduct ransomware attacks with only minimal skills.

“That’s attracted a lot of cybercriminals that want to make money. Ransomware-as-a-service has been a force multiplier,” Liska said.

The coronavirus pandemic has also supersized the problem.

The reliance on remote working has made it tougher for cities to protect against ransomware attacks. When attacks do hit, city IT staff are faced with the double problem of getting city services functioning again while also dealing with a workforce that’s often still mostly working remotely.

When New Orleans was hit with a ransomware attack in December 2019, the IT staff worked seven days a week through February 2020 to ensure police communications and other city services were sufficiently restored to maintain public safety during Mardi Gras, Chief Information Officer Kim LaGrue told me.

They had planned to slow the pace after that. But when the coronavirus struck in force days later, the seven-day weeks returned as IT staff struggled to manage a string of covid-related crises using technology that was still hobbled.

“We’d established a cadence with the cyberattack that allowed us to roll into the pandemic cadence so we could deliver what the city needed at the time,” LaGrue said.

It would take roughly one year and more than $5 million before New Orleans was fully recovered from the attack and confident the city wasn’t vulnerable to reinfection.

In other cases, IT staff must return to city buildings to manage the recovery from a ransomware attack, despite the pandemic.

That happened when a ransomware attack hit Tulsa in June.

One piece of luck is that the attack struck in a narrow window when many city staff had already received coronavirus vaccines but the more-contagious delta variant hadn’t yet spread widely in the United States.

“Everyone came from basically working from home and being isolated to all of a sudden being in a building and working together,” Chief Information Officer Michael Dellinger told me. “We tried to rotate people, make sure they weren’t working too many hours so they didn’t burn themselves out. You can push yourself too hard, mentally and physically, in an emergency like this.”

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search