https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
    • Latest videos
    • Product Guides
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
    • Product Guides
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

News


Pixabay

News

Leading up to the holiday weekend, federal agencies warn of cyberattacks

Leading up to the holiday weekend, federal agencies warn of cyberattacks

  • Written by Andy Castillo
  • 1st September 2021

Ahead of Labor Day, federal agencies are warning local governments about an increased risk of cyberattacks. Historically, holiday weekends pose an opportunity for cybercriminals because many people aren’t working and networks are vulnerable. 

An advisory published Tuesday by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) notes that municipalities should take preemptive defense measures. In general, administrators should be “especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures and cyberattacks over holidays and weekends during the past few months.”

Specifically, the advisory notes a ransomware attack that crippled the Colonial Pipeline’s digital infrastructure just before Mother’s Day, halting much of the United States’ oil supply chain for about a week. A short while later, a Memorial Day attack on JBS SA, the world’s largest meat company, forced a shutdown of all U.S. beef plants—impacting almost a quarter of America’s beef supply.

During the Independence Day weekend, the Miami-based IT and software security company Kayesa was targeted by a sweeping ransomware attack impacting between 800 and 1,500 small- to medium-sized businesses. It was one of the largest cyberattacks ever recorded.

In light of the increased risk, CISA and the FBI recommend “threat hunting” measures, or searching for signs of criminal activity to prevent an attack before it materializes—and to minimize damage if it does.

“Threat actors can be present on a victim network long before they lock down a system, alerting the victim to the ransomware attack,” the advisory says. Before revealing themselves on the server, perpetrators will “often search through a network to find and compromise the most critical or lucrative targets. Many will exfiltrate large amounts of data.”

To that end, establishing a baseline of a server’s normal activity can help administrators identify future anomalies and suspicious traffic patterns. Additionally, reviewing historic data logs can reveal clues like “numerous failed file modifications, increased CPU and disk activity, inability to access certain files and unusual network communications,” the advisory says.

Other indicators to watch out for include: Unusual inbound and outbound network traffic; compromise of administrator privileges or escalation of the permissions on an account; theft of login and password credentials; a substantial increase in database read volume; geographical irregularities in access and login patterns; attempted user activity during anomalous logon times; attempts to access folders on a server that are not linked to the HTML within the pages of the web server; and baseline deviations in the type of outbound encrypted traffic since advanced persistent threat actors frequently encrypt exfiltration.

“Ransomware continues to be a national security threat and a critical challenge, but it is not insurmountable,” said Eric Goldstein, CISA’s executive assistant director for cybersecurity in a statement. “All organizations must continue to be vigilant against this ongoing threat.” 

In recent years, the frequency of cyberattacks targeting government organizations has increased. Last Wednesday, ransomware temporarily crippled the Boston Public Library’s servers. In a statement, officials noted that while there’s “no evidence that sensitive employee or patron data has been disclosed,” the attack took down “public computer and public printing services, as well as some online resources. Affected systems were taken offline immediately, and proactive steps were taken to isolate the problem and shutdown network communication.”

As of Tuesday, the library said it’s “continuing to rebuild and securely restore our systems, assisted by an expert team of consultants.” 

Notably, CISA and the FBI recommend that victims shouldn’t pay ransoms. There’s no guarantee that payment will prompt the perpetrators to release the information, and “Payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of malware, and/or fund illicit activities,” the advisory says. 

Other mitigation measures that can be taken include backing up data to an offline server; limiting access to resources over internal networks; monitoring remote access logs; and making sure software is properly configured and updated. strongly discourage paying a ransom to criminal actors. Payment does not guarantee files will be recovered, nor does it ensure protection from future breaches.

Tags: homepage-featured-3 homepage-featured-4 News Smart Cities & Technology News Smart Cities & Technology News

Most Recent


  • Amid spike, federal transportation department launches initiative to curb traffic-related deaths
    While stay-at-home orders might be a thing of the past, the pandemic’s impact is still felt daily through expectations to socially distance, the prevalence of masks in high risk areas like hospitals, and the stubbornly high annual rate of traffic-related deaths. Traffic fatalities hit a 16-year high in 2021, and preliminary data points to a […]
  • Report: Some public employees face financial hardship; comprehensive pay packages proved 'a pathway toward economic security'
    Many who work in public service, in professions that center around helping others, are themselves struggling to make ends meet and face financial hardship. Addressing these needs, the public employers they work for are well positioned to help them out, according to a report published Thursday by the MissionSquare Research Institute, “Examining the Financial Wellbeing […]
  • These 10 American cities are well prepared for a tech-based future
    From smart devices to electric vehicles, the success of technological advancements rely on municipal grids and infrastructure. Some cities are better equipped for the future than others. A new analysis from the tech company ProptechOS ranks the top 10 American cities best positioned for a “smart city future.” “But new technologies can only support us […]
  • public health
    How public health can build a “one health” infrastructure for the future
    Public health challenges—like antibiotic resistance, vector-borne disease and a global pandemic—have eluded traditional public health tools and frameworks. As a result, public health leaders focus more and more on the intersection between the environment and human health. Searching for a better framework to understand emerging threats to human health, many in public health circles have […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Tech giants pledge billions, commit to bolstering public cyber defenses
  • Cybersecurity legislation included in infrastructure plan sets aside $1 billion for local governments
  • Cybersecurity questions every local government should ask its vendors
  • Defending and understanding city and county digital infrastructure—Congress takes a serious look

White papers


Modernizing government services for today’s resident expectations

24th January 2023

Preparing Your Community Now for the Next Generation of Older Adults

18th October 2022

Helping Government Fleets Achieve Their Goals

30th September 2022
view all

Webinars


How To: Evaluate Digital Government Service Delivery Technologies

23rd January 2023

Using Technology to Enhance Communications

29th November 2022

Learn the benefits of transforming and automating your Contract Management process

4th November 2022
view all

PODCAST


Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020

Young Leaders Episode 2 – Christian Williams – Development Services Planner, Goodyear, Ariz.

1st July 2020
view all

GALLERIES


These 10 American cities are well prepared for a tech-based future

1st February 2023

Report: While remote work is causing offices to empty out, walkable cities are still in high demand

26th January 2023

10 American cities with a great downtown

24th January 2023
view all

Twitter


AmerCityCounty

Amid spike, federal transportation department launches initiative to curb traffic-related deaths dlvr.it/Shvs31

3rd February 2023
AmerCityCounty

Engaging businesses to strengthen your community dlvr.it/ShvZn0

3rd February 2023
AmerCityCounty

Report: Some public employees face financial hardship; comprehensive pay packages proved ‘a pathway toward economic… twitter.com/i/web/status/1…

2nd February 2023
AmerCityCounty

Strategic Budgeting for Modern Government dlvr.it/ShrHmD

2nd February 2023
AmerCityCounty

These 10 American cities are well prepared for a tech-based future dlvr.it/Shp7sH

1st February 2023
AmerCityCounty

How public health can build a “one health” infrastructure for the future dlvr.it/ShnlKm

1st February 2023
AmerCityCounty

Four Steps to Better Municipal Fleet Fuel Purchasing dlvr.it/ShnbWP

1st February 2023
AmerCityCounty

Report: With increase popularity of e-bikes and e-scooters, there’s a need for ‘safe and connected infrastructure’ dlvr.it/ShlKmJ

31st January 2023

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.