The Threat: Ransomware, a well-known threat whereby a typically untargeted attack exploits poor patching practices and weak policies and procedures. Ransomware attackers are simply seeking targets of opportunity where they can make sometimes just a little bit of money for very minimal effort.
Vulnerabilities: Unpatched systems, overly permissive user rights, weak security controls, poor backup solutions (threat actor force multiplier)
Impact: With vulnerable systems, weak security controls, and poor backup solutions the threat actor can easily gain complete control of the information technology environment with little recourse save paying the ransom
Risk: The City of XXXX, the University of YYY, ZZZ County, AAA Community Hospital, etc., etc., is critically vulnerable to untargeted threat actors and ransomware variants. Historically underfunded and overtaxed IT and Information Security programs fall farther and farther behind every year.
Some basic housekeeping measures can keep these organizations ahead of the pack and likely reduce their risk of being targeted in the first place and/or being less beholding to paying the ransom. More reliable and tested methods for recovering vital systems and data can be implemented without paying a ransom for an encryption key that they may never receive or that may not even work.