https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
    • Latest videos
    • Product Guides
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
    • Product Guides
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE Expo
    • Calendar of Events
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Commentaries


Image by Pete Linforth from Pixabay

Commentary

Key steps governments can take to guard against malware attacks

Key steps governments can take to guard against malware attacks

  • Written by Ashley Lukehart
  • 8th March 2021

2020 saw governments globally report more than 100 significant cyberattacks. In the United States, a major cyber-offensive was launched against multiple government agencies, including the Department of Homeland Security, with the extent of the attack and damage still unknown.

These statistics show that government agencies, even the most sophisticated ones, are not immune to cyberattacks, including malware attacks.

What is a malware attack?

A malware attack is a catch-all term that describes any cyberattack using harmful programs like viruses, trojans and worms to damage a single computer, server or network.

In general, any software whose intended purpose is to harm is considered malware, regardless of which technique it uses to cause harm, whether ransomware, keyloggers, adware, rootkits or cryptojacking.

Governments and government agencies are increasingly becoming malware attack targets owing to the vast amount of data they collect. In 2018, 1.2 billion government records were breached, accounting for 95 percent of all breached records, alongside the retail and technology industries.

Recent government malware attacks in the United States

  • February 2020: The U.S. Defense Information Systems Agency suffers a data breach exposing an unspecified number of individuals’ personal information.
  • April 2020: Amidst the COVID-19 pandemic, a surge of attacks hit U.S. pharmaceutical manufacturers, health-care providers and the U.S. Department of Health and Human Services.
  • May 2020: Hackers attempt to steal U.S. research into a coronavirus vaccine
  • September 2020: Universal Health Systems, an American health care firm, sustains a ransomware attack forcing it to revert to manual backups, reschedule surgeries and divert ambulances.
  • October 2020: Hackers target the U.S. Census Bureau in a possible attempt to compromise census infrastructure, alter registration information, conduct DoS attacks or collect bulk data.

As one of the hardest-hit sectors, city and county governments should take a firmer cybersecurity stance to prepare for potential malware attacks. Here are five steps city and county governments can take to avert potential malware attacks and protect their data and infrastructure.

1) Perform regular backups

Backups offer the best means of recovering from an attack. If a ransomware attack occurs, infected files can be quickly deleted and back files restored. For effective backups, consider maintaining an offline/offsite hard drive backup or use a cloud backup solution specifically designed to withstand malware attacks like ransomware (through multiple redundancies/mirror sites, for example).

2) Stop malware from spreading

When malware spreads easily, it can infect hundreds or even thousands of computers, servers and networks within minutes. Just like a virus affecting humans, preventing malware from spreading is the best way to disarm it. Use mail filters, intercepting proxies, security gateways and safe browsing lists to limit malware spread within your organization and from your organization to others.

3) Initiate device-level protection

Malware is software, so it requires permission to execute on a device. Use device-level protection to limit device privileges and restrict what programs can run and what apps or software can be installed. Device-level protection also works by restricting scripting environments and macros and disabling autorun for any mounted devices, including peripheral devices like mice and keyboards.

4) Have an incident plan

Preparation is the best form of defense. Create an incident plan that maps out all critical assets, determining what impact an attack would have on them. In the plan, anticipate an attack, no matter how unlikely, and identify communication strategies and steps to take in case of an attack. Make sure to run periodic drills of the incident plan to ensure everyone understands what to do.

5) Educate and train your staff

Most malware attacks rely on human error and complicit cybersecurity behaviors. You might have the best plan in place, but it will not work if your team does not follow the guidelines. Add training and sensitization at the top of your malware attack prevention plan to ensure employees do not become the weakest link in an otherwise robust security protocol chain.

Malware attacks continue to grow in number each year. While criminals are becoming more targeted and precise, the probability of an attack will continue to rise. Government agency leaders must remain vigilant and follow their enterprise counterparts’ cues—not taking cybersecurity for granted.

While it might be impossible to avert an attack, it is possible to blunt its effect, and following the steps above is one way to ensure your government agency bounces back unharmed.

 

Ashley Lukehart has been writing about the impact of technology and IT security on businesses since starting Parachute in 2005. Her goal has always been to provide factual information and an experienced viewpoint so that business leaders are empowered to make the right IT decisions for their organizations. By offering both the upsides and downsides to every IT solution and consideration, expectations are managed and the transparency yields better results.

Tags: homepage-featured-3 Smart Cities & Technology Commentaries Administration Commentaries Commentary

Most Recent


  • digital
    How to leverage digital tools to drive innovation in government
    The rapid evolution of digital technologies transformed the way governments function, making them more efficient, transparent and citizen-friendly. Rather than relying on crystal trophies, governments can leverage digital tools to drive innovation and streamline processes, benefiting the population they serve. Open data and crowdsourcing Open data refers to making government data available to the public, […]
  • Broadband
    Oversight committee addresses NTIA reauthorization, FCC broadband map ahead of BEAD Program funding allocations
    As technological advancements continue to roll out at a breakneck pace, from artificial intelligence to high speed broadband connectivity, investment in digital infrastructure has become a defining theme of the modern era. Rep. Cathy McMorris Rodgers, (R-Wash.), chair of the House Energy and Commerce Committee, stressed the importance of this charge in opening remarks at […]
  • zero trust
    Zero trust is a great strategy but a terrible name
    The monthly town hall meeting was going well until they got to the agenda item called “zero trust.” What was to be a routine request for additional funding to implement a zero-trust environment quickly became one of confusion and misunderstanding. Trust in government at all levels has continued its downward spiral over the years. So, […]
  • ransomware
    Dallas ransomware attack shuts down systems, forces public safety to use backup communication protocols
    For the last week, information technology administrators in Dallas have been working around the clock to mitigate the impact of a widespread ransomware attack that disrupted business, caused first responders to impliment backup communication protocols, and took public-facing digital infrastructure offline. Since the early morning hours of last Wednesday, when ransomware was discovered in the […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Lessons from your friendly neighborhood public service employees
  • Harris County deploys next-generation security in 150 public buildings
  • How local governments can get ahead of the infrastructure wave: Strategies to mitigate risk
  • Prioritizing rapid restore leads to stronger ransomware attack recovery

WHITE PAPERS


5 reasons why Plan Examiners need Objective Trapeze

30th May 2023

7 Permitting & Licensing Fails Slowing Community Growth

24th May 2023

The Secret Ingredient to Local Government Employee Retention

23rd May 2023
view all

Webinars


How to Centralize and Build a Grants Management Process at your Organization

24th May 2023

Making Permitting Easier: What We’ve Learned Helping America’s Largest Cities Improve Their Permitting Process

16th May 2023

Digital Property Tax Collection: Tales from the Trenches of Modernization

16th May 2023
view all

Podcast


Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020

Young Leaders Episode 2 – Christian Williams – Development Services Planner, Goodyear, Ariz.

1st July 2020
view all

GALLERIES


Gallery: Annual index ranks America’s top performing cities; most are in the West

30th May 2023

Gallery: Top 10 American cities for seasonal and summer jobs

25th May 2023

Gallery: 10 of America’s most affordable cities

9th May 2023
view all

Twitter


AmerCityCounty

5 reasons why Plan Examiners need Objective Trapeze dlvr.it/Sptl5z

30th May 2023
AmerCityCounty

Navigating crises with confidence: Five ways strategic plans support crisis response dlvr.it/SptVKN

30th May 2023
AmerCityCounty

Gallery: Annual index ranks America’s top performing cities; most are in the West dlvr.it/SpszdK

30th May 2023
AmerCityCounty

2022 Crown Communities Award winner: Miami-Dade County Clerk of Courts’ jury selection system dlvr.it/SphCBk

26th May 2023
AmerCityCounty

Gallery: Top 10 American cities for seasonal and summer jobs dlvr.it/SpdFWy

25th May 2023
AmerCityCounty

How to leverage digital tools to drive innovation in government dlvr.it/Spcktb

25th May 2023
AmerCityCounty

With many cities facing a fiscal cliff as ARPA funding ends, debt ceiling debate continues on Capitol Hill dlvr.it/SpZLph

24th May 2023
AmerCityCounty

7 Permitting & Licensing Fails Slowing Community Growth dlvr.it/SpYqBS

24th May 2023

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.