In what appears as a highly coordinated attack by a single actor, 23 local government agencies in the state of Texas were hit with ransomware. This extends the recent trend where local government entities were targeted, some of which have led to the attackers being paid millions of dollars via crypto-currency.
A first line of defense is user training; often the attackers gain access because a user clicks on an email, or opens an attachment of an email. Most, if not all, of the major hosted email providers have built in protection that will help screen out suspicious links. At this point, there is no real reason for an organization to host their own email, let Google or Microsoft handle the nastiness. Using a third party does not guarantee you will not be phished, it does make it more difficult. In addition, please double check your backup policy to ensure that you are making regular copies of your documents and those copies are stored offline.
Some victims of ransomware attacks have decided not to pay the attackers, most notably the city of Baltimore, and the costs of recovery far surpass paying the ransom. Paying is a topic of an ongoing debate.
The Perficient team can help with determining which hosted email provider is right for you, and we can help recommend other defenses against ransomware.
Additional coverage of the incident is at ARStechnica