Cyber Security Solutions For Local Government
Home / Cyber Security Solutions For Local Government
February 2023 saw the City of Oakland in the USA become another local government victim of ransomware attacks. As well as infecting the local authority with ransomware, the attackers stole the personal information of current and former employees and left the City and its employees at risk of further attacks. Unfortunately, the City of Oakland is not the only victim of cyber-attacks that target local governments. The latest report from Sophos on, "The State of Ransomware in State and Local Government 2022," found that 58% of state and local government organizations were targeted by ransomware in 2021. Additionally, a recent report found a 95% increase in cyber-attacks targeting local and central government entities in 2022 compared to 2021.
Cyber security solutions for local governments offer a way to mitigate cyber-attacks and protect the government entity itself, employees, and citizens.
The Verizon Data Breach Investigation Report (DBIR) for 2022 provides a snapshot of public administration's leading threats. This snapshot reports some crucial findings: 81% of attack patterns involve System Intrusion, Miscellaneous Errors, and Basic Web Application Attacks.
Based on this data, the report recommends that the following controls are used to mitigate these risks:
The report also highlights the role of the insider in a security incident stating that "internal actors are about seven times more likely to make a mistake that causes a breach than they are to do something malicious."
The findings of the DBIR and other industry reports demonstrate that the cyber threats facing local governments are both malicious and accidental and lead to data breaches and cyber-attacks. In addition, reports such as the DBIR and Sophos point out that insider threats and ransomware attacks form the bulk of the cybersecurity issues in local governments. The examples below offer some perspective on these two core vulnerable areas:
Accidental insider threats include the misdelivery of emails and poor security hygiene, such as the sharing of passwords. There are numerous examples of accidentally exposed data in local government, but two examples show accidental data exposure from missent emails:
Trafford Council, UK: the council sent the names, addresses, emails, and voting preferences of residents, to another resident, by accident.
New Philadelphia City Schools, USA: the school treasurer accidentally sent the Social Security numbers of 383 current and former employees in a group email.
Local government is an attractive proposition for cybercriminals. Like other sectors, phishing is the most common malicious attack vector, usually sent via email. However, different types of attacks include Denial of Service and BEC, both of which may use phishing and social engineering to perpetuate the crime:
Phishing is the most used technique to steal credentials or other data and as part of an attack chain that leads to malware and ransomware infection. In addition, phishing may be tied to social engineering that manipulates the behavior of local government employees.
Business Email Compromise (BEC) results in severe financial losses. BEC fraudsters often use a mix of social engineering, phishing, and unauthorized access to trick finance employees into transferring large sums into a fraudster's bank account. In 2021, the FBI published a warning to state, local, tribal, and territorial (SLTT) governments in the United States, warning that increasing levels of BEC fraud are targeting the sector.
DDoS attacks can close local government websites, making it impossible for citizens to use online services. "DDoS-for-hire" sites are increasingly common; these sites offer hackers all the tools to carry out DDoS attacks easily. In 2021, the US Department of Justice seized 15 websites offering DDoS-For-Hire Services. Minneapolis City Council was a victim of a DDoS attack in 2020; the council's servers became flooded by DDoS traffic, causing them to crash.
Ransomware is just one form of cyber-attack that is used against local governments, with infections often associated with phishing. Some examples of real-world attacks on local government show the extent of threats against the local government:
City of Riviera Beach, Florida: in 2019, a phishing attack left the City of Riviera Beach unable to work for a week. Even paychecks had to be handwritten rather than directly deposited. The starting point of the attack was a phishing email received by an employee. The email contained an attachment infected with ransomware, executed when the employee opened the attachment. The cost to the City was around $1.5 million, including a $600,00 ransom payment.
Somerset County Government, USA: a cyber-attack in 2022 left Somerset County with no email and the public having to use temporary Gmail addresses to contact critical departments. This attack was another ransomware infection.
UK Local Councils: a Freedom of Information (FOI) by insurance broker Gallagher identified at least 2.3 million cyber-attacks against local councils in the UK during 2022. The report found that phishing attacks were the biggest threat to UK councils, with 75% of councils experiencing phishing attacks.
Gloucester Council, UK: a phishing email that contained malware caused £800,000 worth of damage to the council in 2021. Critical functions, such as benefits and house sales, were delayed as the council rebuilt its servers.
TitanHQ is a leading provider of cybersecurity solutions for local governments offering a comprehensive suite of powerful tools to defend against malicious threats. Talk to a TitanHQ security expert in a free demo.
Book Free DemoLocal government provides a variety of services to citizens. Many of these services, such as benefit distribution, business grants, and similar financial transactions, are of high value. Services also require the sharing and storing personally identifiable information (PII). Data and money attract cyber criminals. But local governments are typically under budgetary constraints and need more internal human resources to ensure comprehensive security measures. However, cybersecurity measures designed for local government can provide this comprehensive, cost-effective, and manageable cybersecurity.
Local government faces a mix of malicious and accidental cybersecurity issues. To mitigate this spectrum of cyber threats, an organization must be able to utilize solutions and measures that are multi-faceted and complimentary. The ideal blend of security for local government to mitigate both accidental and malicious threats should include the following:
PhishTitan uses layers of protection to ensure that emails are protected; PhishTitan uses advanced techniques such as AI-driven threat intelligence, "Time of click" protection to inspect suspicious emails before quarantine or release, and Real-time threat analysis to stop advanced phishing attempts.
Data Loss Prevention (DLP): TitanHQ's DLP solution prevents accidental exposure of data via email.
DNS Filter: WebTitan DNS Filter uses data from hundreds of millions of end-users to train human-supervised Machine Learning algorithms to stop employees from navigating malicious websites.
Email Archiving: One of the problems that many government bodies have when a cyber-attack occurs is access to email to locate information. ArcTitan forms an important part of a wider disaster recovery and business continuity strategy.
The comprehensive measures offered by the solutions above ensure that a cyber threat is stopped and vulnerabilities closed, whether accidental or malicious.
TitanHQ is a leading provider of cybersecurity solutions for local governments offering a comprehensive suite of powerful tools to defend against malicious threats. Talk to a TitanHQ security expert in a free demo.
Book Free Demo
