Baltimore's Three-Week Ransomware Is a Warning for Other Local Governments to Prepare for Cyberattacks
Friday, May 31, 2019
Baltimore's Three-Week Ransomware Is a Warning for Other Local Governments
Print Mail Download i

The Baltimore city government's email and other systems have been offline for more than three weeks as the result of a ransomware attack in early May. This is not the first local government to have been the victim of such malware, and it won't be the last.

These attacks can risk human life by hobbling first responders, including police, fire, and ambulance services. If nothing else, the financial cost of these attacks is staggering. An estimate released this week in the Baltimore Sun put the cost of the Baltimore incident at over $18 million. A similar attack on the city of Atlanta cost an estimated $17 million. These costs can stem from the investigation and response to the attack, as well as lost revenues where payment systems are offline.

Of course, these costs could be in addition to civil liability associated with the attack. That civil liability may be — but is not always — limited by sovereign immunity or statute. At a minimum, these attacks typically carry with them significant political fallout.

Local governments are favorite targets for cyberattackers, because those governments often do not have as robust cyber defenses as private organizations or are running outdated or unpatched operating systems and software. Further, local governments may not have adequate backup systems, which may compel them to pay the ransom.

Given all of this, city and other local governments, as well as administrative agencies, should take these steps to mitigate their risk and prepare for these attacks:

  • Ensure that they have sufficient backups in place, that those backups are made regularly, and that the backups are "air gapped," or separated, from systems that can be infected with malware.

  • Limit access to the organization's most sensitive networks to those employees who need that access to perform their job functions.

  • Deploy strong email and systems passwords, changed often, with multifactor authentication for employees with more expansive system privileges.

  • Draft and test an incident response plan that outlines roles and responsibilities in the event of a cyberattack.

  • Work with risk managers and insurance brokers to determine whether they have sufficient coverage for cyberattacks and computer-based fraud.

©2011-2024 Carlton Fields, P.A.

Current Legal Analysis

More from Carlton Fields

Construction Contractors Take Note: OFCCP’s Industry-Focused Technical Assistance Guide (TAG) May Prove Helpful in Preparing for Anticipated “Compliance Check” Reviews
by: Rae T. Vann
Suitability Model Crosses the Finish Line
by: Ann Young Black , Jamie Bigayer
Massachusetts High Court Upholds Consent-to-Settle Provision, Protecting Insurer Who Did Not Have the “Final Say"
by: Kelley C. Godfrey
Big Changes for Small Business Bankruptcies
by: David L. Gay , Yolanda P. Strader
You've Been Served: The Legal Effects of Games as a Service
by: Steven Blickensderfer , Nicholas A. Brown
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses [PODCAST]
by: Kevin McCoy , Joseph W. Swanson
NAIC Life Insurance and Annuities (A) Committee Ends 2019 With a Big Bang
by: Ann Young Black , Jamie Bigayer
Round and Round – Will 2020 Bring the End to Inconsistent Anti-Rebating Prohibitions?
by: Ann Young Black , Jamie Bigayer
Innovation and Technology at the NAIC 2019 Fall Meeting
by: Ann Young Black , Jamie Bigayer
Life Insurance That Benefits the Living
by: Ann Young Black , Megan K. Dhillon

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins