Key steps governments can take to guard against malware attacks

2020 saw governments globally report more than 100 significant cyberattacks. In the United States, a major cyber-offensive was launched against multiple government agencies, including the Department of Homeland Security, with the extent of the attack and damage still unknown.

These statistics show that government agencies, even the most sophisticated ones, are not immune to cyberattacks, including malware attacks.

What is a malware attack?

A malware attack is a catch-all term that describes any cyberattack using harmful programs like viruses, trojans and worms to damage a single computer, server or network.

In general, any software whose intended purpose is to harm is considered malware, regardless of which technique it uses to cause harm, whether ransomware, keyloggers, adware, rootkits or cryptojacking.

Governments and government agencies are increasingly becoming malware attack targets owing to the vast amount of data they collect. In 2018, 1.2 billion government records were breached, accounting for 95 percent of all breached records, alongside the retail and technology industries.

Recent government malware attacks in the United States

• February 2020: The U.S. Defense Information Systems Agency suffers a data breach exposing an unspecified number of individuals’ personal information.
• April 2020: Amidst the COVID-19 pandemic, a surge of attacks hit U.S. pharmaceutical manufacturers, health-care providers and the U.S. Department of Health and Human Services.
• May 2020: Hackers attempt to steal U.S. research into a coronavirus vaccine
• September 2020: Universal Health Systems, an American health care firm, sustains a ransomware attack forcing it to revert to manual backups, reschedule surgeries and divert ambulances.
• October 2020: Hackers target the U.S. Census Bureau in a possible attempt to compromise census infrastructure, alter registration information, conduct DoS attacks or collect bulk data.

As one of the hardest-hit sectors, city and county governments should take a firmer cybersecurity stance to prepare for potential malware attacks. Here are five steps city and county governments can take to avert potential malware attacks and protect their data and infrastructure.

1) Perform regular backups

Backups offer the best means of recovering from an attack. If a ransomware attack occurs, infected files can be quickly deleted and back files restored. For effective backups, consider maintaining an offline/offsite hard drive backup or use a cloud backup solution specifically designed to withstand malware attacks like ransomware (through multiple redundancies/mirror sites, for example).

2) Stop malware from spreading

When malware spreads easily, it can infect hundreds or even thousands of computers, servers and networks within minutes. Just like a virus affecting humans, preventing malware from spreading is the best way to disarm it. Use mail filters, intercepting proxies, security gateways and safe browsing lists to limit malware spread within your organization and from your organization to others.

3) Initiate device-level protection

Malware is software, so it requires permission to execute on a device. Use device-level protection to limit device privileges and restrict what programs can run and what apps or software can be installed. Device-level protection also works by restricting scripting environments and macros and disabling autorun for any mounted devices, including peripheral devices like mice and keyboards.

4) Have an incident plan

Preparation is the best form of defense. Create an incident plan that maps out all critical assets, determining what impact an attack would have on them. In the plan, anticipate an attack, no matter how unlikely, and identify communication strategies and steps to take in case of an attack. Make sure to run periodic drills of the incident plan to ensure everyone understands what to do.

5) Educate and train your staff

Most malware attacks rely on human error and complicit cybersecurity behaviors. You might have the best plan in place, but it will not work if your team does not follow the guidelines. Add training and sensitization at the top of your malware attack prevention plan to ensure employees do not become the weakest link in an otherwise robust security protocol chain.

Malware attacks continue to grow in number each year. While criminals are becoming more targeted and precise, the probability of an attack will continue to rise. Government agency leaders must remain vigilant and follow their enterprise counterparts’ cues—not taking cybersecurity for granted.

While it might be impossible to avert an attack, it is possible to blunt its effect, and following the steps above is one way to ensure your government agency bounces back unharmed.

Ashley Lukehart has been writing about the impact of technology and IT security on businesses since starting Parachute in 2005. Her goal has always been to provide factual information and an experienced viewpoint so that business leaders are empowered to make the right IT decisions for their organizations. By offering both the upsides and downsides to every IT solution and consideration, expectations are managed and the transparency yields better results.