The Rise of Municipal Cyberattacks: Becoming Proactive
By Brittany Demendi / Adlumin, Inc.
Mar 17, 2022
Municipalities are expected to respond to the demanding needs of maintaining and sustaining vital sectors within our communities, so cities carry a heavy burden of responsibility; now more than ever, they must take cyber threats into account. It is no secret that the municipality industry operates under strict budgets that limit their resources, making them vulnerable and prime targets to cybercriminals. In 2020, 44% of global ransomware attacks targeted municipalities, according to InfoSecurity. This blog will explore four prevention methods your organization can implement to avoid cyberattacks and reduce costs.
Reducing Cost: How to Prevent Cyberattacks on Municipalities
The best way for municipalities to protect themselves from attacks is to prevent them from happening in the first place. Sounds simple, right? It can be. There are solutions to deal with malware infections, but most require more technical skills than the average computer user, so prevention is critical. Let’s start with the easy wins for prevention.
- Implement Robust Cybersecurity Training: One of the most significant risks for breaches can be the government’s employees. We are only as strong as our weakest link, and cybercriminals know this. A great way to start building awareness is to create a best practices guide and require consistent cyber awareness training for your employees.
- Know the Warning Signs: The first step to combatting malware is recognizing that your computer may have been affected, and it can only be removed if it is appropriately identified. Below are 10 warning signs to look out for:
- Your computer is freezing or crashing.
- Your computer runs slow and takes longer to start up/shut down.
- Ads start popping up.
- Emails you did not write are being sent on your behalf.
- New icons are appearing on your desktop or toolbar.
- Software is difficult to remove or will not allow removal.
- The battery won’t last.
- Computer locks and ransom is demanded.
- Your browser is getting redirected.
- Everything is normal – this is the most dismaying non-warning sign of them all.
- Create Secure Backups: Backups make for an easier recovery after being attacked by malware. There have been ransomware attacks in the past where confidential files could never be recovered—remember when the City of Atlanta’s data was held for ransom in 2018? As a result, years’ worth of confidential police dashcam footage was never recovered. Malware attacks are inevitable, so preparation is vital.
- Patch Management: Developers are consistently working on discovering vulnerabilities in their software. Once they are found, patches or updates to fix those vulnerabilities are released. It is crucial not to procrastinate on software updates. When a security network is outdated, cybercriminals see these flaws and attack within those holes. The more out-of-date security is, the more risk you put on sensitive data and information. Investing in Continuous Vulnerability Management (CVM) will not only help with finding vulnerabilities but fix them by discovering and assessing them in real-time. Here is a breakdown of CMV:
- CMV Lifecycle
- Asset Management allows known and unknown assets to be automatically discovered, categorized, identified, and managed.
- Vulnerability Management includes real-time vulnerability and misconfiguration detection within each industry’s most comprehensive range of devices, operating systems, and applications.
- Threat Detection & Prioritization automatically prioritize the vulnerabilities posing the most significant threats to an organization.
- Patch Deployment deploys patches across any size environment, keeping systems up-to-date reducing the vulnerabilities operating teams must chase down.
- CMV Lifecycle
Focusing on the Bigger Picture
Anti-virus programs are not enough to protect municipalities or businesses when constant monitoring is necessary. Regardless of size or location, municipalities’ cybersecurity is a critical issue. Focus on the basics first, teaching password and email security, best practices within any organization, and implementing a cybersecurity platform that includes managed services. Mitigating the level of destruction from malware attacks will reduce costs in the long run.