A new report from the Government Accountability Office (GAO) found that Federal agencies are successfully helping state, local, tribal, and territorial (SLTT) governments prevent and respond to ransomware attacks; however, there is still room to improve collaboration. The GAO offered three recommendations for Federal agencies to improve collaboration.
On a positive note, the GAO found that most SLTT entities are “satisfied with the agencies’ prevention and response efforts.” However, many SLTTs cited “inconsistent communication during attacks” as a problem.
In the report, the GAO cited the Department of Homeland Security (DHS), FBI, and Secret Service as being tasked with helping SLTTs prevent or respond to ransomware attacks on systems like emergency services. The GAO also noted that other Federal agencies, including the Federal Emergency Management Agency, National Guard Bureau, National Institute of Standards and Technology, and the Department of the Treasury, have a more indirect role in helping SLTTs deal with ransomware attacks.
In addition to reviewing Federal agency documentation for the report, the GAO also interviewed officials from government organizations receiving Federal ransomware assistance. These officials represented governments from four states, eight localities, and one tribal nation. In addition, GAO interviewed officials from six national SLTT organizations.
Further delving into the GAO’s findings, officials from government organizations had “generally positive views” on ransomware guidance, detailed threat alerts, quality no-cost technical assessments, and timely incident response assistance provided by Federal agencies. However, the GAO did note that respondents identified challenges related to awareness, outreach, and communication.
The report offered three recommendations to the Departments of Homeland Security and Justice to “address identified challenges and incorporate key collaboration practices in delivering services to state, local, tribal, and territorial governments.” The GAO noted that the agencies have concurred with their recommendations.
For the first two recommendations, GAO found that the DHS secretary should direct both the director of the Cybersecurity and Infrastructure Security Agency and the director of the Secret Service to evaluate how to best address concerns raised by SLTTs and facilitate collaboration with other key ransomware stakeholders taking into account its leadership of the new joint ransomware task force and improve interagency coordination on ransomware assistance to SLTTs.
As with its recommendations for DHS, GAO recommended that the attorney general direct the director of the FBI to evaluate how to best address concerns raised by SLTTs and facilitate collaboration with other key ransomware stakeholders, as well as improve interagency coordination on ransomware assistance to SLTTs.