Despite all the protesting and rioting in the world, it’s more important than ever to keep your eye on the cybersecurity ball. While the world events are overwhelming and it’s hard to stay focused, unfortunately, you can’t let the world news distract you. The fact is while we are all focused on these events, the bad guys are using this opportunity to snake their way into computer systems to create cyberattacks.
More specifically, knowing that millions of people are connected, cyber criminals are creating cyberattacks focused on cities and governments. The most recent victim is Knoxville, Tenn. This city suffered a pretty serious ransomware attack. If you didn’t hear the story live on Tuesday on my radio show, you can catch up listening to my podcast on Thursday, as I give some details of what has happened in Tennessee at The Peggy Smedley Show.
So, what’s been happening around country? First, the City of Knoxville experienced a cyberattack a couple of weeks ago. The city’s computer network was hit with ransomware, which forced the city to shut down its system. The perpetrator or perpetrators have asked for a ransom, but most of the details have yet to be disclosed. At this point, the damage appears to be minimal. A full investigation is underway, and it typically takes quite a while for victims to figure out the full extent of an attack’s impact.
According to the city’s COO, David Brace, so far, no personal or financial information was compromised. The shutdown affected the Knoxville police department operations. Interestingly, the police department tweeted out that officers will not be able to respond to minor traffic accidents due to technical issues as a result of the cyberattack.
From what has occurred in other cities, it appears that city governments are often particularly vulnerable to cyberattacks because their operations are mission-critical, but it all too often has inadequate cyber-defense systems.
Let’s hope in this case that Knoxville is correct, and the impact was minimal. These attacks seem to happen pretty regularly. And in fact, we’ve seen cyberattacks in the past couple of years in Atlanta, Baltimore, New Orleans, Medford, and Oregon … and this list is just scratching the surface.
So, what is ransomware and how does it work? Usually a ransomware attack is delivered via an email attachment that, once opened, is deployed on the user’s system. Alternatively, ransomware can be launched after a device user visits a website that has planted malware. Deployed on a device or computer system, the malware operates silently in the background until it is engaged. It should be noted that once this happens, a dialogue box appears threatening the user with deleted files, or worse—as claims to make the data public—until the ransom is paid.
When it comes to cities that have sensitive data, city managers, CIOs, and others are looking to be very proactive and that means being prepared and having a solid strategy in place for backing up files and recovering lost data before bad guy create havoc and disaster strikes.
Now if looking at a couple of the most recent ransomware attacks, Atlanta was asked to pay $51,000 as a ransom to unlock its system, but the city didn’t pay. However, the attack caused so much disruption that the city spent well over $2 million recovering from the breach.
Authorities ended up charging two Iranian citizens for this particular cyberattack.
This past January, New Orleans confirmed that it spent more than $7 million recovering from a cyberattack that occurred in December 2019. The city also estimated it could take as much as eight months to fully restore its computer systems. Sometimes, the criminals actually get their money, but it doesn’t always get the bad guy as noted earlier. Florida was hit in Lake City and in Riviera Beach in 2019, and both cities paid the ransom within weeks of each other.
All told, there were dozens of publicly reported ransomware attacks against state and local governments last year. The end of 2019 was particularly nasty, with at least four U.S. cities being hit with ransomware during the month of December alone. The rough year definitely captured attention.
The FBI released a notice saying it is committed to meeting cyber challenges head on and imposing consequences on the criminals responsible for these cyberattacks. A bipartisan bill was introduced that would provide grants to help states strengthen their resilience against cyberattacks and help them recover from attacks. City mayors are also talking to each other about the problem.
At the last U.S. Conference of Mayors, more than 225 mayors signed a resolution not to pay ransom to hackers in the event of a breach in their cities. Even though paying a ransom could be cheaper in the short run, these mayors are basically saying no, this madness won’t stop if we keep giving these people money.
We need to take a stand. It’s a noble sentiment, but the reality is that recovering from cyberattacks cost cities and taxpayers a lot of money. But the bigger question is what is less expensive than either paying a ransom or paying to recover from a cyberattack? Maybe the real answer should be never getting attacked in the first place.
The most recent Deloitte survey of state government CISO’s demonstrated that a lack of sufficient cybersecurity budget is the top barrier for states in addressing cybersecurity challenges.
In fact, Deloitte says almost half of states (48%) don’t have a separate budget line item for cybersecurity. The second top barrier is inadequate cybersecurity staffing. And the third top barrier is the increasing sophistication of cyber threats. Funding is clearly a huge issue, and, in 2020, I question, how much progress will be made here, since so much focus and so many resources have been rerouted to handling the pandemic and the resulting economic turmoil.
Staffing concerns, too, are unlikely to get better this year because of the pandemic. Deloitte is set to release its biannual survey in 2020, and I’m really curious to see what the data will ultimately reveal, since it’s been such a tough start to the year. Time will tell.
Want to tweet about this article? Use hashtags #IoT #sustainability #AI #5G #cloud #edge #digitaltransformation #machinelearning #infrastructure #bigdata #cybersecurity