The Federal Government: Ransomware’s Most Desirable Target

September 13, 2020

The year 2019 brought a plethora of ransomware attacks upon state, local and federal government agencies. Among the former targets we witnessed examples including Louisiana’s state of emergency to the disruption of Baltimore’s city systems, as hackers set their sights on government systems and continuously found success. And moving beyond these smaller targets, the federal government is no exception.  Unfortunately, federal government agencies are frequently targeted for such attacks–and because they serve a wider jurisdiction of people, the consequences are heightened. 

As threat actors enhance their arsenals and develop more strategic tactics to target government agencies, how do these agencies assess their risk? More importantly, how can we protect these vulnerable ecosystems? 

Ransomware Tactics Target Federal Government Government contractors 

Government agencies frequently contract private companies to provide goods and services, and as a result they typically share sensitive information with these institutions to perform their specific job functions. Threat actors will target well-known third-party government contractors at the federal level to infiltrate their networks in hopes to discover an entry point into harder to branch government systems, or to documents hosting classified data. 

This threat was demonstrated when the electronics company, Electronic Warfare Associates (EWA) suffered a Ryuk ransomware attack that resulted in encrypted files from the company’s web servers. The EWA is known for their contract work with federal agencies–including the U.S. Department of Defense, Department of Homeland Security and Department of Justice. Recent updates to Ryuk’s capabilities even included the ability to target files containing government and military-related data.

Critical infrastructure and operational technology

Not only do threat actors seek ways to advance their capabilities, but they routinely check up on technologies, networks, and systems for vulnerabilities they can take advantage of. Operational technology (OT) is notorious for being laden with security implications and boasts a history of vulnerabilities. OT networks and assets are still predominantly utilized in major federal government agencies, especially those revolving around U.S. national security. This has prompted the NSA, DHS and CISA to warn of foreign nation-state threat actors attempting to target critical infrastructure, specifically related to those of the federal government, through OT systems to deliver sophisticated strains of ransomware. 

Votiro Helps Federal Agencies Prevent Spread of Ransomware

As the United States government experiences more frequent attempts at targeted attacks, it’s essential that government agencies have the most advanced security measures in place to protect from sophisticated attacks, especially those involving ransomware. Votiro’s Secure File Gateway product line is best positioned to help government agencies protect the overwhelming amount of vital data they process and host. 

By leveraging Votiro’s Positive Selection Technology, the Secure File Gateway product line has the ability to neutralize file-borne threats and prevent malware from infiltrating corporate systems through email, web downloads, and web applications. This empowers governments to interact with all documents and attachments without risk of malicious activity. Votiro is able to ensure protection against file-borne threats by singling out the safe elements of each file without hindering business activity so government agencies can spend less time worrying about security incidents.