https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Commentaries


Commentary

Three ways to protect your city government from a ransomware attack

Three ways to protect your city government from a ransomware attack

  • Written by Gus Evangelakos
  • 11th September 2019

A ransomware attack on the city of Baltimore took place on May 7, 2019, and left citizens unable to pay parking fines and some tax and utility bills online. In its aftermath, city government employees are struggling to provide citizens with even the most basic of digital public services. City officials depend on IT systems to collect much-needed resources, but they also rely on them for the record-keeping needed to process real estate transactions and issue building permits.

These attacks have slowed city operations to a crawl.

Baltimore is merely another victim in a long string of recent ransomware attacks targeting city and state governments. Atlanta residents still shudder at the memory of 2018’s SamSam attack, which disrupted the delivery of city services to more than 6 million people and ultimately cost taxpayers over $9.5 million. More than 169 state and local governments are reported to have been victimized by ransomware within the past five years.

As a city government official, what can you do to ensure your computer systems won’t be harmed by this sort of attack? With ransomware seemingly growing more dangerous each year, it’s important to take these three key steps.


1. Back up, but also test your ability to restore.

It has happened in the past: organizations with complete off-site backups ended up paying hefty amounts to criminals who encrypted their systems. Why? In the case of one healthcare provider, it was because the amount of time it would have taken to complete a full restore from the backups was too long. And operating without access to critical patient health records during that period would have put lives at risk.

Simply put, a disaster recovery plan isn’t complete unless it includes a process for recovering essential files quickly enough to maintain continuity of operations. If you don’t know how long a full restore would take, you don’t know whether or not the backup systems you have in place will meet your real recovery needs.


2. Educate your employees.

Security awareness training is one of the most cost-effective investments you can make into improving your municipality’s overall cybersecurity risk profile, but only if the training you implement is memorable, and your employees take it seriously.

Teach all employees best practices for identifying phishing emails and show them how to disconnect infected devices from the network quickly (including turning off WiFi connections). More importantly, make security awareness a part of the culture your employees share as public servants and professionals.


3. Treat every file as a potential threat.

Some strains of ransomware remain dangerous even though they’ve been identified and can be detected even by simple signature-based anti-malware programs. Others use familiar or weak encryption methods that may be bypassed, sometimes even with free tools available online.

But, the most dangerous strains of ransomware are those that are novel. If you’re relying on cybersecurity tools that permit unknown files to execute on endpoint devices within your network environment, you simply have no protection against these dangerous threats.

The most effective technologies offer active breach protection, allowing you to adopt a Zero Trust approach to all incoming network traffic and unknown files. Ransomware threats are always evolving, and no single technology can guarantee protection against tomorrow’s threats. Instead, your municipality should adopt a multi-layered approach incorporating email security, data loss prevention, a secure web gateway and an advanced endpoint protection solution designed not to trust unknown executables until they’ve been proven safe.

Ransomware is a serious and significant problem. But by taking a holistic, multi-layered approach to information security overall, municipalities can do a great deal to reduce their city’s risk.

 

Gus Evangelakos is the Director of North American Field Engineering at Comodo. Gus commenced his career managing IT infrastructure. For the past 10 years, Gus has applied this experience as an implementation consultant, field engineer and in managing field engineers for global brands within the Enterprise Cyber Security market segment.

Tags: Smart Cities & Technology Commentaries Commentary

Most Recent


  • MSPs
    The MSP downstream cyberthreat paradox: Understanding the city and county connection
    Recently the Cybersecurity and Infrastructure Security Agency (CISA) along with the FBI, NSA, and international cyber authorities issued a cybersecurity advisory aimed at protecting managed service providers (MSPs) and their customers. This high-level advisory has been gestating for some time ever since the SolarWinds and Kaseya supply chain cyber-attacks. A software supply chain attack occurs […]
  • As ransomware threat increases, a shift in minimum cyber insurance standards is hardening digital defenses
    In the last decade, the threat of ransomware and other cyberactivity has increased dramatically—more than ever, targeted organizations are paying the criminal perpetrators to have their information restored.  “Over the last year there has been an almost threefold increase in the proportion of victims paying ransoms of $1 million or more: up from 4 percent in 2020 […]
  • EV chargers
    Cities steadily adding more EV chargers for public to use
    Local governments are making headway as they develop their electric vehicle (EV) infrastructure. “Progress varies depending on what stage governments are at in the electrification strategy and funding availability,” says Brandon Branham, assistant city manager and chief technology officer for Peachtree Corners, Ga., which is part of the Atlanta metro. Its 2022 population is estimated […]
  • infrastructure
    The road to America’s infrastructure overhaul is paved in technology
    When it comes to infrastructure construction and maintenance, the road we took to get here will not lead us where we need to go tomorrow. An influx of government funding including the Bipartisan Infrastructure Law, American Rescue Plan Act (ARPA) and various coronavirus recovery programs provides a generational opportunity to invest in roads, bridges, airports […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • What “smart city” means for 2021: How digital twins, AI and other innovations drive smart transformation
  • 10 reasons why local governments should outsource all IT: Post pandemic view
  • MS-ISAC members get free access to Deloitte’s Cyber Detect and Respond Portal to help respond to cyber threats
  • North Texas alliance partners with Marketplace.city on smart government solutions

Twitter


AmerCityCounty

Minor league baseball is helping cities hit a revitalization home run dlvr.it/SQc5N4

18th May 2022
AmerCityCounty

Sustainable Purchasing Leadership Council can help governments get up to speed on sustainable buys dlvr.it/SQbwqL

18th May 2022
AmerCityCounty

The MSP downstream cyberthreat paradox: Understanding the city and county connection dlvr.it/SQYVjs

17th May 2022
AmerCityCounty

Philanthropic group to launch assistance portal for local admins navigating federal bureaucracy dlvr.it/SQY16G

17th May 2022
AmerCityCounty

Report: Nearly 95 percent of America’s mayors face harassment, threats and violence dlvr.it/SQTn2z

16th May 2022
AmerCityCounty

The PIO’s Ultimate Guide to Social Media dlvr.it/SQTdCK

16th May 2022
AmerCityCounty

Gain Greater Visibility Into Your Public Works Fleet dlvr.it/SQSqXG

16th May 2022
AmerCityCounty

Report: Almost half of public sector retirees don’t touch their retirement plans for a decade dlvr.it/SQKMjp

13th May 2022

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X