NASHVILLE, Tenn. (WKRN)- According to the FBI, ransomware attacks are becoming more targeted and sophisticated.
Ransomware attacks are when hackers enter computer systems, steal and block access to data until a ransom is paid.
Government agencies are among prime targets for electronic blackmail. In addition, ransomware attacks are increasing on critical infrastructure organizations.
According to a spokesperson for Tennessee’s Finance and Administration Department, the agency that oversees the state’s central technology division, ransomware attackers are, “Constantly monitoring our systems and making changes in response to, and anticipation of, attempts to gain access to information.”
The goal from hackers is to cause disruptions.
“The hackers come in and they manage to get in the system, and then they will encrypt the data and then they will essentially hold the data hostage,” Douglas Schmidt, a Computer Science professor at Vanderbilt University said.
They also reportedly work with state agencies to “assess their risk and strategize to minimize risk.”
“Oftentimes government agencies have information that’s very valuable. Things like social security numbers, addresses, tax records, property records, all kinds of other information that might be personal or confidential that could be used for other purposes,” Schmidt said.
Another vulnerability found among government entities is the lack of funding that could lead to hacks.
“Sadly to say oftentimes governments, especially state governments and local governments, don’t have very much of a budget to support advance information in cyber security protection,” Schmidt said.
Cyber experts say security begins with the individual. They advise people not to open unsolicited emails and links and only give information to trusted places.
“Don’t fall for things; double-triple check everything. When in doubt, hold off. Get a family member who may be more tech savvy than you are to help you,” said Schmidt.
Tennessee requires cybersecurity training for all employees each year, with an emphasis on “phishing” attempts.