https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Commentaries


Image by Pete Linforth from Pixabay

Commentary

Key steps governments can take to guard against malware attacks

Key steps governments can take to guard against malware attacks

  • Written by Ashley Lukehart
  • 8th March 2021

2020 saw governments globally report more than 100 significant cyberattacks. In the United States, a major cyber-offensive was launched against multiple government agencies, including the Department of Homeland Security, with the extent of the attack and damage still unknown.

These statistics show that government agencies, even the most sophisticated ones, are not immune to cyberattacks, including malware attacks.

What is a malware attack?

A malware attack is a catch-all term that describes any cyberattack using harmful programs like viruses, trojans and worms to damage a single computer, server or network.

In general, any software whose intended purpose is to harm is considered malware, regardless of which technique it uses to cause harm, whether ransomware, keyloggers, adware, rootkits or cryptojacking.

Governments and government agencies are increasingly becoming malware attack targets owing to the vast amount of data they collect. In 2018, 1.2 billion government records were breached, accounting for 95 percent of all breached records, alongside the retail and technology industries.

Recent government malware attacks in the United States

  • February 2020: The U.S. Defense Information Systems Agency suffers a data breach exposing an unspecified number of individuals’ personal information.
  • April 2020: Amidst the COVID-19 pandemic, a surge of attacks hit U.S. pharmaceutical manufacturers, health-care providers and the U.S. Department of Health and Human Services.
  • May 2020: Hackers attempt to steal U.S. research into a coronavirus vaccine
  • September 2020: Universal Health Systems, an American health care firm, sustains a ransomware attack forcing it to revert to manual backups, reschedule surgeries and divert ambulances.
  • October 2020: Hackers target the U.S. Census Bureau in a possible attempt to compromise census infrastructure, alter registration information, conduct DoS attacks or collect bulk data.

As one of the hardest-hit sectors, city and county governments should take a firmer cybersecurity stance to prepare for potential malware attacks. Here are five steps city and county governments can take to avert potential malware attacks and protect their data and infrastructure.

1) Perform regular backups

Backups offer the best means of recovering from an attack. If a ransomware attack occurs, infected files can be quickly deleted and back files restored. For effective backups, consider maintaining an offline/offsite hard drive backup or use a cloud backup solution specifically designed to withstand malware attacks like ransomware (through multiple redundancies/mirror sites, for example).

2) Stop malware from spreading

When malware spreads easily, it can infect hundreds or even thousands of computers, servers and networks within minutes. Just like a virus affecting humans, preventing malware from spreading is the best way to disarm it. Use mail filters, intercepting proxies, security gateways and safe browsing lists to limit malware spread within your organization and from your organization to others.

3) Initiate device-level protection

Malware is software, so it requires permission to execute on a device. Use device-level protection to limit device privileges and restrict what programs can run and what apps or software can be installed. Device-level protection also works by restricting scripting environments and macros and disabling autorun for any mounted devices, including peripheral devices like mice and keyboards.

4) Have an incident plan

Preparation is the best form of defense. Create an incident plan that maps out all critical assets, determining what impact an attack would have on them. In the plan, anticipate an attack, no matter how unlikely, and identify communication strategies and steps to take in case of an attack. Make sure to run periodic drills of the incident plan to ensure everyone understands what to do.

5) Educate and train your staff

Most malware attacks rely on human error and complicit cybersecurity behaviors. You might have the best plan in place, but it will not work if your team does not follow the guidelines. Add training and sensitization at the top of your malware attack prevention plan to ensure employees do not become the weakest link in an otherwise robust security protocol chain.

Malware attacks continue to grow in number each year. While criminals are becoming more targeted and precise, the probability of an attack will continue to rise. Government agency leaders must remain vigilant and follow their enterprise counterparts’ cues—not taking cybersecurity for granted.

While it might be impossible to avert an attack, it is possible to blunt its effect, and following the steps above is one way to ensure your government agency bounces back unharmed.

 

Ashley Lukehart has been writing about the impact of technology and IT security on businesses since starting Parachute in 2005. Her goal has always been to provide factual information and an experienced viewpoint so that business leaders are empowered to make the right IT decisions for their organizations. By offering both the upsides and downsides to every IT solution and consideration, expectations are managed and the transparency yields better results.

Tags: homepage-featured-3 Smart Cities & Technology Commentaries Administration Commentaries Commentary

Most Recent


  • MSPs
    The MSP downstream cyberthreat paradox: Understanding the city and county connection
    Recently the Cybersecurity and Infrastructure Security Agency (CISA) along with the FBI, NSA, and international cyber authorities issued a cybersecurity advisory aimed at protecting managed service providers (MSPs) and their customers. This high-level advisory has been gestating for some time ever since the SolarWinds and Kaseya supply chain cyber-attacks. A software supply chain attack occurs […]
  • As ransomware threat increases, a shift in minimum cyber insurance standards is hardening digital defenses
    In the last decade, the threat of ransomware and other cyberactivity has increased dramatically—more than ever, targeted organizations are paying the criminal perpetrators to have their information restored.  “Over the last year there has been an almost threefold increase in the proportion of victims paying ransoms of $1 million or more: up from 4 percent in 2020 […]
  • EV chargers
    Cities steadily adding more EV chargers for public to use
    Local governments are making headway as they develop their electric vehicle (EV) infrastructure. “Progress varies depending on what stage governments are at in the electrification strategy and funding availability,” says Brandon Branham, assistant city manager and chief technology officer for Peachtree Corners, Ga., which is part of the Atlanta metro. Its 2022 population is estimated […]
  • infrastructure
    The road to America’s infrastructure overhaul is paved in technology
    When it comes to infrastructure construction and maintenance, the road we took to get here will not lead us where we need to go tomorrow. An influx of government funding including the Bipartisan Infrastructure Law, American Rescue Plan Act (ARPA) and various coronavirus recovery programs provides a generational opportunity to invest in roads, bridges, airports […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Lessons from your friendly neighborhood public service employees
  • Harris County deploys next-generation security in 150 public buildings
  • How local governments can get ahead of the infrastructure wave: Strategies to mitigate risk
  • Prioritizing rapid restore leads to stronger ransomware attack recovery

Twitter


AmerCityCounty

Amid shifting workplace expectations, local government employers must adapt dlvr.it/SQm2RT

20th May 2022
AmerCityCounty

Smart911 emergency profiles provide first responders with more information, faster dlvr.it/SQh9gl

19th May 2022
AmerCityCounty

Minor league baseball is helping cities hit a revitalization home run dlvr.it/SQc5N4

18th May 2022
AmerCityCounty

Sustainable Purchasing Leadership Council can help governments get up to speed on sustainable buys dlvr.it/SQbwqL

18th May 2022
AmerCityCounty

The MSP downstream cyberthreat paradox: Understanding the city and county connection dlvr.it/SQYVjs

17th May 2022
AmerCityCounty

Philanthropic group to launch assistance portal for local admins navigating federal bureaucracy dlvr.it/SQY16G

17th May 2022
AmerCityCounty

Report: Nearly 95 percent of America’s mayors face harassment, threats and violence dlvr.it/SQTn2z

16th May 2022
AmerCityCounty

The PIO’s Ultimate Guide to Social Media dlvr.it/SQTdCK

16th May 2022

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X