There’s only one road in and out of Valdez, Alaska. The nearest city is Anchorage, a 300-mile drive away, and not a direct one. So the 3,976 citizens of Valdez — that’s “Val-deez” with a long “e” — are used to handling emergencies on their own. According to police chief Bart Hinkle, the city was just about founded on disaster, famously hit by the Good Friday earthquake of ’64 and the Exxon Valdez oil spill. But Valdez had never experienced a disaster quite like this one. 

July 26, 2018, while the town’s new IT director Matt Osburn was out of town and his second-in-command was running a routine update, the Hermes 2.1 ransomware took hold of Valdez in the dead of night.

All records (including police), city administration, finance, planning and zoning, the port and harbor authorities, and “basically the entire city network” was locked down, Hinkle says.

And even though this small town was more prepared than most of the hundreds of others that have been felled by ransomware recently, and even though municipal leaders ultimately decided to pay the ransomware operators, there was no quick fix. The recovery process rolled into weeks, then months.

“Government is a different animal certainly than private industry,” says Reg Harnish, executive vice president of security services for the Center for Internet Security. “Because they’re spending taxpayer dollars, [municipal governments] have a lot of bosses.”

Not only is funding generally short, cybersecurity has stiff competition for those funds with other essential services.

“You have to have conversations like, ‘We can have cybersecurity or we can fix a bridge,'” Harnish says. How does a municipality translate the value of a firewall into the value of some addition to K-12 education, he says. “Politics plays a role … introduces a lot of different pressure,” Harnish says.

Ransomware can impact the availability of any one of these essential services, from court systems to payroll to water.

Omri Admon, cybersecurity expert from SOSA (the firm selected to create the Global Cyber Center in New York City), points out how ransomware can add insult to injury for cities that are already strapped for cash.

“It’s an additional loss of funding if they can’t process property taxes” and other sources of income, he says. “It’s another layer of complexity that puts them in a chokehold.

So here’s some realistic advice on how to avoid ransomware infections and what to do when one happens, courtesy of Valdez leadership and others who have witnessed municipal government ransomware infections up close. {Continued on Next Page}

(Image Source: stnazkul via Adobe Stock)

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad … View Full Bio