December 1, 2021
Local governments may figure they are too small to be a ransomware target. However, they are the perfect size because of the value of the data they hold, such as personally identifiable information (PII) in tax records or the disruption hackers can cause by locking down a 9-1-1 system or bringing down an election system. Ransomware is the primary way municipal assets are attacked.
Not only is the number of attacks growing exponentially (studies show that between 2018 and 2019, known attacks on local governments rose 58.5%), but the ransom demand rose from a monthly average of $30,000 to nearly $500,000 within the past few years. Even when cities don’t pay, the recovery costs can be staggering. For instance, the 2019 ransomware attack on Baltimore cost the city more than $18 million in damages in remediation.
Although we all laugh about having “123Password” as a password, many municipalities haven’t implemented strict password rules. At a minimum the password should be:
Several second factors can be used to verify a user’s identity, from passcodes to biometrics. Requiring a second form of identification decreases the probability that an attacker can impersonate a user and gain access to your employee’s computers or mobile devices. The options depend upon the available budget and protection level needed.
Enable logging and ensure logging mechanisms to capture remote desktop protocol logins. Keep the logs for a minimum of 90 days. Review the logins to ensure only those with access are using them. In addition, ensure that ports are closed after employees’ finish using them to reduce the risk of an attack.
As hackers become more sophisticated, municipalities must also adopt cybersecurity approaches, including detection and response, should an attack occur. Our upcoming blogs will focus on evaluating and improving your cybersecurity posture and steps to take if an attack does occur. Remember, your cybersecurity is only as good as your weakest link. Dewpoint is here to help you identify and mitigate your risks. Contact us today to find out ways to increase your security posture