How state and local governments can fight cyberattacks
Government agencies can suffer from differences in funding, lack of standard policies, and other issues that affect security, BlueVoyant says.
State and local governments have made a major effort to digitize their systems over several years. Many consumer frontline services, such as voter registration, payment options, and license and permit applications, are now available online.
But that move towards digitization has also created more of an open target for cybercriminals, especially in cases where data is not or is not fully protected. The “State and Local Government Security Report” published on Thursday by security company BlueVoyant shows how governments are vulnerable to ransomware and other forms of cyberattack and how organizations can better protect themselves and their sensitive data.
SEE: Ransomware: What IT Must Have (Free PDF)
Hit by ransomware and other attacks, state and local governments are clearly aware of the need for strong cybersecurity. And they have taken special steps to ensure security.
Many local governments have hired key cybersecurity people and created more efficient teams. The Congressional Solarium Commission on Cybersecurity recently stressed the need for better security coordination among local governments, the federal government, and the private sector. The State and Local Government Cybersecurity Act 2022 legislation passed last year is designed to foster greater cooperation among the various parties.
But not all government agencies are alike, especially at the local vs state level. There are differences in funding and preparation. Security policies may vary from organization to organization. In addition, the effort to digitize systems and services at such a rapid pace means that security is sometimes left behind.
Looking at open source data on 108 cyberattacks on state and local cities from 2022 to the end of 2022, BlueVoyant found that the number rose nearly 50%. Over the same period, ransomware requests rose from a low of $ 30,000 per month to a high of nearly $ 500,000 in July 2022, according to the report.
Consumer testimonials and other information found in government databases are also hot products on the Dark Web. A recent study of cyberthreats targeting Wisconsin state and county governments found thousands of government employee testimonials for sale in underground forums. Much of this data came from a range of different breaches rather than just a few.
Attackers who deal in ransomware can decrypt the infected data in exchange for payment. But there are no promises. And even backing up the encrypted data will not solve the problem completely as many cybercriminals now threaten to release the information publicly if the cryptocurrency is not hacked. to pay. Some underground public auction sites even sell victim data to the highest bidder.
To help government agencies better protect themselves against ransomware and other cyberattacks, BlueVoyant urges the following measures:
- Perform cybersecurity risk assessments. Local government agencies can benefit from cybersecurity risk assessments that provide technical and detailed insights into how to improve the cybersecurity situation. Keep in mind that security vulnerabilities are exacerbated in times of rapid change, such as the rapid deployment of digital services emerging in many states and counties.
- Consider supervised security service. Managed risk services can provide significant cost savings and security against attacks and compromises. These fully integrated services monitor, mitigate, and warn users of vulnerabilities as well as potential real-time attacks and compromises, which greatly reduce the chances of costly cyber events.
- Look into your cyberinsurance. Cyberinsurance is an essential part of risk management and can offer cost savings. Completing a subscription application is a good first step towards identifying vulnerabilities and identifying areas for improvement. Once a policy is in place, funding is provided to respond to an incident, and cyber experts are usually available at lower rates. Cyberinsurance also demonstrates readiness and is a useful tool in the defense strategy for any emerging lawsuit or regulation.
- Investigate professional services such as incident response, treatment and mitigation. Unfortunately city governments are not very familiar with incident response and treatment processes. Experienced investigators, when called in immediately (and when combined with appropriate disclosure protocols), are the best way to avoid errors and implement the correct response and treatment measures.
- Prepare for sustainability. Above all, a third-party cybersecurity service or internal review will not suffice unless robustness is built into systems. Not only do local governments need to build defenses in depth, they also need to prepare for resilience and recover in the event of an attack. This means backing up data, with plans in place if systems or databases are offline, and preparing for recovery situations.