prevention

Critical infrastructure, such as water utilities, energy grids, healthcare systems, manufacturing plants, education platforms, and transport networks, have become primary targets of ransomware groups. In late April and early May 2026, for instance, Shinyhunters, a hacking group, breached Instructure, an education platform used by K-12 schools and universities across the US, and claimed for ransom. In the report published on CNN, the hacker group said it had breached 275 million personal data and had access to billions of private messages, an action that has affected thousands of schools, causing learning disruptions. Cybercriminals target critical infrastructure because downtime means communities don’t get access to essential services. So, operators or service providers have no option but to pay ransom to restore services quickly. Security gaps also influence the growth of these attacks. Too often, organizations focus on recovery efforts and ransomware encryption instead of prevention. This post highlights ways to prevent ransomware at its early stages, including the use of zero trust architecture and AI.

Promote Cybersecurity Awareness

Ransomware incidents start with malicious malware being injected into tech infrastructure. It then encrypts data and systems, restricting organizations any access to their operations until a ransom is paid. For these attacks to be successful, however, threat actors rely on social engineering attacks like spoofing and phishing, which target employees. An attacker will send a phishing email, impersonating an executive or trusted source like a bank to trick the victim into sharing credentials. Today’s spam emails, especially those generated by AI, are flawless, meaning staff can easily open and click on malware links without suspecting any threat. So, it’s crucial that employees receive adequate training on how to spot and respond to phishing texts or emails and malicious links.

Workers should also know how to generate hard-to-hack passwords. Weak passwords or using the same password for multiple accounts creates an entry point for ransomware. Encourage the use of password phrases, which are a string of unrelated, random words, symbols and numbers. For example, a password like purplegiraffesingstomorrow@17 prevents brute-force logins because a hacker will have a hard time guessing. Alongside passphrases, emphasize the importance of multi-factor authentication, where staff use two or multiple authentication methods to gain permission to accounts. 

Enhance Threat Detection and Monitoring Systems

Detecting ransomware at its early stages helps prevent full encryption of sensitive data and infrastructure. And it entails identifying subtle behaviors of the threat, such as lateral movement across networks and devices, data exfiltration, and privilege escalation. Look out for unusual login or data access, increases in CPU usage, and abnormal network traffic to command-control servers. Modern attacks powered by AI and machine learning bypass legacy security systems by using legit utilities like PowerShell scripts and MimiKatz. So, check if there are attempts by script-based systems like PowerShell to inject suspicious code into running processes. Also, inspect if endpoints and firewalls are still running. Attackers often switch them off or configure settings without authorization to create a weak point for malware injection. 

Note: lateral movement and zero-day variants aren’t always easy to spot. You need to integrate multiple security tools to detect and mitigate attacks. Use endpoint detection and response tools to catch harmful scripts and abnormal file access before all your data is encrypted. Take advantage of AI-assisted behavioral analytics to learn data access patterns, set a baseline for normal user behavior, and send alerts when there’s unusual or irregular file access patterns to protect against infostealers. Since infostealers act as the initial access for attack vectors, stopping them eliminates the entire kill chain. You can also reinforce your security measures by working with a 24/7 AI-centric SOC. These security experts don’t just distinguish legitimate logins from malware injections. They isolate the host to stop further compromise.

Network Segmentation and Zero Trust Framework

The goal of these two security measures is to limit a hacker’s ability to infect an entire network. Segmenting your networks entails dividing your networks into smaller, isolated sub-networks that make it difficult for cybercriminals to navigate critical network infrastructure. In a situation where a device is compromised, segmentation locks the attack within the specific zone, ensuring it doesn’t access databases or other sub-networks. What does zero trust entail and how does it mitigate ransomware? This tactic works on one strict principle: ‘never trust, always verify’. It doesn’t matter if you’re an authorized user or the devices you’re using are inside the organization. With zero trust in place, every access request is authenticated continuously. Also, users are granted permission to data and tools based on their roles to minimize privilege. Even if an attacker stole credentials, they would be limited to access systems. When combined, zero trust architecture and network segmentation strengthen an organization’s cyber safety strategies.

Hackers know that when they infect essential infrastructure with ransomware, victims will act fast to settle the ransom required to get encryption keys. But service providers shouldn’t wait until an attack has occurred to secure infrastructures. Prevention is the most effective strategy, and it revolves around simple hacks like educating workers about common threats and using strong pass phrases alongside MFA. By detecting threats, implementing zero trust, and network segmentation, organizations can minimize ransomware-related risks.

With California facing increasingly destructive wildfires, experts and officials have long urged the strategic removal of dense, flammable vegetation that can erupt into particularly destructive flames from a lightning bolt or the spark of a power line.

But after years of record investment by the state in such wildfire risk mitigation, two key money sources are drying up, potentially reducing the state’s annual budget for vegetation removal by hundreds of millions of dollars.

Wildfire resiliency advocates are warning that the loss of these funds will leave the state vulnerable to devastation, and are calling on California’s next governor to take that threat seriously.

Currently, California relies heavily on two funding sources for wildfire mitigation work: A state program that charges polluters for their emissions and a climate bond approved by voters in 2024.

Late Friday, however, state officials adopted a new structure for the emissions program, called cap-and-invest, that analysts say will likely reduce wildfire mitigation funding by $200 million per year. At the same time, the governor’s latest budget proposal puts the state on track to allocate the majority of the climate bond’s $1.5 billion in wildfire prevention money within just three years.

As a result, California could go from routinely pulling more than $600 million a year from these sources, to just $150 million, according to an estimate from the Wildfire Solutions Coalition — a group of more than 80 organizations representing conservationists, business owners, fire officials and tribal leaders.

The coalition is urging the state to find new sources of funding for the work.

“We have the scientists, we have the technicians, we have the advocates,” said Michelle Decker, who is on the coalition’s executive committee and serves as president and CEO of the Inland Empire Community Foundation. “We see this problem. We can get ahead of this problem. It is a revenue issue.”

California wildfires have become increasingly costly. The 2025 L.A. fires alone caused an estimated $250 billion in damage and economic loss. Insurance companies have already paid out $22.4 billion.

In attempt to reduce the risk of damage to communities and ecosystems, the state has employed a wide range of tactics. These includes fortifying homes against wildfires, replanting fire-ravaged forests and thinning out vegetation with prescribed burns, goat grazing and manual thinning with heavy machinery to reduce the intensity of potential fires.

Research suggests wildfire mitigation work pays off. A recent analysis of 285 fires in the western U.S. found that every dollar spent on landscape projects saved about $3.75 in wildfire damage.

But as funding from cap-and-invest and the climate bond dwindle, the state must increasingly turn to Cal Fire, which devotes only a small portion of its budget to mitigation work.

“This is not an issue that can be pushed off to a timeline based solely on politics,” said Steve Frisch, a founding member of the coalition and president of the Sierra Business Council. “Fire happens whether we want it to or not.”

After a series of destructive wildfires in Northern California and the 2017 Thomas fire in Southern California, the state legislature began to explicitly focus on funding wildfire mitigation.

In 2018, lawmakers directed $200 million per year of cap-and-invest funds to wildfire mitigation projects.

As the Woolsey fire in Southern California and the Camp fire in Paradise raged later that fall, Trump accused the state of “gross mismanagement” of forest lands and threatened to cut off federal funds unless it was corrected.

Gov. Gavin Newsom and the legislature, with a significant budget surplus, began earmarking even more funds, leading to a peak of $1.1 billion in wildfire mitigation investments during the 2021-2022 fiscal year.

After the surplus dwindled, the legislature opted in 2024 to put a $10-billion climate bond in front of voters — $1.5 billion of which was dedicated specifically for wildfire mitigation work.

Newsom has since pointed to this high state funding to call on the federal government to step up its own investments into forest management work.

The federal government manages 57% of all forests in the state. While the U.S. Forest Service spent $3.1 billion mitigating wildfire conditions in the state over the last few years, California spent $4.3 billion, according to the California Forest Resilience and Wildfire Task Force.

However, the state has already allocated about $600 million of the climate bond’s wildfire mitigation pot for the 2024-2025 and current fiscal years. The latest budget proposal would allocate more than $300 million for this upcoming fiscal year. While many advocates support allocating the money quickly, it leaves little for future years.

Once that money is spent, California has to pay off the $10 billion bond with interest. The result is an estimated price tag of $16 billion, paid in roughly $400 million increments every year, for 40 years, according to the state’s Legislative Analyst’s Office.

As for the cap-and-invest funds, a fraught months-long debate at the California Air Resources Board on how to extend the program beyond 2030 resulted in a compromise that will cut the revenue it generates in half, the Legislative Analyst’s Office estimates.

Since other projects get priority — including $1 billion every year for California’s high-speed rail project — the new proposal would “likely leave no funding” for the wildfire and forest resilience line item, the Legislative Analyst’s Office found.

Cal Fire still holds a modest annual budget for wildfire mitigation work. In the 2024-2025 fiscal year, the agency had $500 million for forest management and fire prevention that was not directly tied to cap-and-invest or the bond — up from about $65 million two decades prior.

As for the federal government, independent analyses by Grassroots Wildland Firefighters and NPR found that Forest Service wildfire mitigation work is on the decline amid federal staffing cuts. The Forest Service claims the decrease in work was primarily due to poor weather conditions for activities like prescribed burns and staff being occupied with firefighting.

Both the state and federal government’s investments pale in comparison to the spending of California’s investor-owned utilities. In 2025 alone, the utilities planned to spend more than $9.2 billion on preventing their equipment from sparking the next devastating wildfire, primarily funded by Californians’ electricity bills.

Times staff writer Hayley Smith contributed to this report.