Ransomware attacks have been growing more common and more severe every year, and there’s no signs of the threat slowing down. The biggest ransomware attacks have seen hackers extorting huge ransoms of up to $40 million dollars from their victims in exchange for decrypting data.
This wave of cybercrime has threatened education, health care, and governmental institutions, as well as threatening critical infrastructure like the Colonial pipeline. It appears there is no end to the crisis in sight— most of the hackers are believed to be based in Russia or other former Soviet countries, and Russia refuses to extradite or prosecute most of the hackers. It seems that Russia, as well as China, North Korea, and Iran are using ransomware as a tool to hit America.
Tribal Businesses and Institutions Targeted by Hackers
A number of tribal governments and native institutions have gotten caught up in the crossfire of this geopolitical conflict.
The Quapaw Nation of Oklahoma was one of the first tribes to suffer losses due to ransomware in 2014, when a ransomware attack wiped out their entire tribal data archives.
Native American Rehabilitation Association (NARA) of the Northwest, located in Portland, Oregon, was hit by ransomware on November 4th of 2019. Systems were shut down for days, and confidential patient data as well as personal information was compromised.
Hackers know that tribal casinos make an attractive target because of their cash reserves, and numerous casinos have fallen victim to ransomware. The Nez Perce Tribe of Idaho was forced to close down its casinos after a ransomware attack in October of 2020. The same month, the Yocha Dehe Wintun Nation’s casino in California was struck as well.
Most recently, the Mandan, Hidatsa & Arikara Nations experienced a shutdown of the IT systems in May, 2021 as a result of a ransomware attack. In the same month, the Seminole Nation casino in Oklahoma was forced to shut down. In July, the Lucky Star Casino operated by the Arapaho and Cheyenne tribes shut down due to ransomware.
The Need for Action
The scale of the problem is growing, so the need for action is clear. This is especially true as many tribes moved government services online during the COVID-19 pandemic. Across the country, tribal governments are aware of the need for action, but updating cybersecurity measures to cope with this growing threat can be a challenging process.
Among the expenses associated with improving cybersecurity are:
- Updating outdated hardware and software which may no longer be supported, leaving vulnerabilities unpatched.
- Improving network architecture to make it more difficult for hackers to access sensitive data.
- Conducting phishing awareness programs to inform employees about the methods used by ransomware hackers.
- Implementation of air-gapped backups to minimize downtime in the event of ransomware attacks.
- Training employees in new security practices like using encryption and one-time-passwords (OTPs).
- Developing ransomware response plans and rehearsing them.
The federal government set aside funding for upgrading cybersecurity defenses to the tune of $1 billion dollars in the COVID Stimulus bill, but the current language of the bill requires that funding for tribal governments be passed through state governments. In the past, that has not always happened.
The National Congress of American Indians (NCAI) recently stepped up and requested that the language of the bill be changed so that 10% of total cybersecurity funding go directly to tribal governments.
It remains to be seen if the much-needed support will be forthcoming. In the meantime, it’s up to tribal governments to do what they can to improve cyber defenses. Implementing encryption, strong passwords, and 2FA are some measures which are not too costly or time consuming, and can make life much more difficult for ransomware hackers.