A Cybersecurity Checklist for Law Enforcement
Across the United States, city governments and law enforcement agencies are being hit by ransomware attacks that lockdown not only data but also all web-based infrastructure. In Texas alone, some 20 agencies recently were hacked, causing untold damage in not only dollars but in reputation.
What is Ransomware?
Ransomware is software used by hackers to take computer systems and their data hostage.
In 2017, this screen, and others like it, showed up on 200,000 computers and caused billions in damages. Those who saw it had two choices: Lose the data, or pay whatever the hacker was asking.
How to Stop a Ransomware Attack at Your Agency
There are no fool-proof plans for stopping all attacks. However, there are some basic cybersecurity principles you should ensure are being practiced at your agency.
Reiterate Email Security. Don’t Open Suspicious Emails.
This seems like a no-brainer these days. However, email links are still the most common way malicious software gets brought into the system. And remember, anyone in the network can cause the problem.
Drill into your officers and staff the importance of email vigilance. None of your officers wants to be the one who inadvertently shut down the department or the city.
Utilize a Firewall.
Firewalls are an essential component of an agency’s cybersecurity plan. If you’re a small agency without a dedicated IT staff, there are reliable options out there to protect your internal systems from the unprotected external world of the internet. Check out this list of the best 2019 firewalls.
Use Antivirus Software.
Each computer in your network needs protection. If you have antivirus software already, make sure it is up-to-date, turned on and running on all computers. If you don’t have antivirus software, a Google search will help.
Update Windows and Other Applications.
One thing hackers look for are weaknesses in applications. Security patches made available by your software providers address known weaknesses. If you don’t update your software, you keep the weakness.
Setup automatic updates when possible. When not, check frequently for the latest updates.
Back Up Your Data.
The reality is that if you had a strong backup plan, a ransomware attack would merely be an inconvenience. You’d wipe your systems, load the backup, then get back to work. But many agencies either have no backup or have never tested theirs to see if it worked.
Consider both offline and cloud backups. Make sure the backup is separated from your network. Ransomware will attach to anything available in the network.
You always want to limit access when possible. This is common-sense management. Specifically, with WatchGuard evidence management, it’s a good idea to ensure only dedicated users have access.
Finally, use a Password Manager.
Most hackers are not trying to guess your password by manually typing your kids’ names and birthdates. They are running algorithms. These password software programs can guess short, simple passwords in a few seconds.
Use long, complex passwords that are different for each account. And ensure your officers and staff do the same. A good password manager can help you maintain a strong defense.
Remember, you’re only as strong as your weakest link. Cybersecurity is a team effort. So get to it.
Contact us to learn more about securing your network.