https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

News


Pixabay

News

Leading up to the holiday weekend, federal agencies warn of cyberattacks

Leading up to the holiday weekend, federal agencies warn of cyberattacks

  • Written by Andy Castillo
  • 1st September 2021

Ahead of Labor Day, federal agencies are warning local governments about an increased risk of cyberattacks. Historically, holiday weekends pose an opportunity for cybercriminals because many people aren’t working and networks are vulnerable. 

An advisory published Tuesday by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) notes that municipalities should take preemptive defense measures. In general, administrators should be “especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures and cyberattacks over holidays and weekends during the past few months.”

Specifically, the advisory notes a ransomware attack that crippled the Colonial Pipeline’s digital infrastructure just before Mother’s Day, halting much of the United States’ oil supply chain for about a week. A short while later, a Memorial Day attack on JBS SA, the world’s largest meat company, forced a shutdown of all U.S. beef plants—impacting almost a quarter of America’s beef supply.

During the Independence Day weekend, the Miami-based IT and software security company Kayesa was targeted by a sweeping ransomware attack impacting between 800 and 1,500 small- to medium-sized businesses. It was one of the largest cyberattacks ever recorded.

In light of the increased risk, CISA and the FBI recommend “threat hunting” measures, or searching for signs of criminal activity to prevent an attack before it materializes—and to minimize damage if it does.

“Threat actors can be present on a victim network long before they lock down a system, alerting the victim to the ransomware attack,” the advisory says. Before revealing themselves on the server, perpetrators will “often search through a network to find and compromise the most critical or lucrative targets. Many will exfiltrate large amounts of data.”

To that end, establishing a baseline of a server’s normal activity can help administrators identify future anomalies and suspicious traffic patterns. Additionally, reviewing historic data logs can reveal clues like “numerous failed file modifications, increased CPU and disk activity, inability to access certain files and unusual network communications,” the advisory says.

Other indicators to watch out for include: Unusual inbound and outbound network traffic; compromise of administrator privileges or escalation of the permissions on an account; theft of login and password credentials; a substantial increase in database read volume; geographical irregularities in access and login patterns; attempted user activity during anomalous logon times; attempts to access folders on a server that are not linked to the HTML within the pages of the web server; and baseline deviations in the type of outbound encrypted traffic since advanced persistent threat actors frequently encrypt exfiltration.

“Ransomware continues to be a national security threat and a critical challenge, but it is not insurmountable,” said Eric Goldstein, CISA’s executive assistant director for cybersecurity in a statement. “All organizations must continue to be vigilant against this ongoing threat.” 

In recent years, the frequency of cyberattacks targeting government organizations has increased. Last Wednesday, ransomware temporarily crippled the Boston Public Library’s servers. In a statement, officials noted that while there’s “no evidence that sensitive employee or patron data has been disclosed,” the attack took down “public computer and public printing services, as well as some online resources. Affected systems were taken offline immediately, and proactive steps were taken to isolate the problem and shutdown network communication.”

As of Tuesday, the library said it’s “continuing to rebuild and securely restore our systems, assisted by an expert team of consultants.” 

Notably, CISA and the FBI recommend that victims shouldn’t pay ransoms. There’s no guarantee that payment will prompt the perpetrators to release the information, and “Payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of malware, and/or fund illicit activities,” the advisory says. 

Other mitigation measures that can be taken include backing up data to an offline server; limiting access to resources over internal networks; monitoring remote access logs; and making sure software is properly configured and updated. strongly discourage paying a ransom to criminal actors. Payment does not guarantee files will be recovered, nor does it ensure protection from future breaches.

Tags: homepage-featured-3 homepage-featured-4 News Smart Cities & Technology News Smart Cities & Technology News

Most Recent


  • With passage of PACT Act, veterans service officers are preparing for an influx in applicants
    With the recent passage of legislation that expands medical access for veterans exposed to airborne toxins during their time in military service, county veterans service officers are preparing for an influx in applicants who were previously rejected. The Honoring our Promise to Address Comprehensive Toxics (PACT) Act, having passed the Senate after being struck down last […]
  • Chattanooga, Tenn.
    Capitalizing on hybrid work, these 10 cities are ready to take advantage
    Hybrid work is an accelerating trend that’s becoming the norm as attitudes rapidly change. And amid this nationwide shift to work-from-home setups, local governments are moving quickly to capitalize on the emerging opportunities that come with a workforce that’s not physically tied to any particular office building. For administrators seeking to entice remote workers to […]
  • Increase in emergency response time caused by insufficient staffing, traffic congestion
    The pandemic has detrimentally impacted cities and counties in a lot of different ways, including an increase in emergency response time in some cities—a symptom of challenges like congested streets and staffing shortages. In New Orleans, for example, a report from AH Analytics commissioned by the New Orleans City Council found it takes an average […]
  • Report: Staffing shortages, 'extreme drought' driving concerns among water administrators
    Amid yet another heat wave, with water usage restrictions posted in communities across the United States, concerns about the nation’s water supply are at an all-time high. From impacts stemming from climate change like responding to natural disasters, to those related to the pandemic, it’s been a difficult few years for the water sector.  The […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Tech giants pledge billions, commit to bolstering public cyber defenses
  • Cybersecurity legislation included in infrastructure plan sets aside $1 billion for local governments
  • Cybersecurity questions every local government should ask its vendors
  • Defending and understanding city and county digital infrastructure—Congress takes a serious look

White papers


Modern American Perspectives on Law Enforcement

14th July 2022

Reimagine the Employee Experience

12th July 2022

How to Assemble a Rockstar Website Redesign Steering Committee

7th June 2022
view all

Events


PODCAST


Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020

Young Leaders Episode 2 – Christian Williams – Development Services Planner, Goodyear, Ariz.

1st July 2020
view all

Twitter


AmerCityCounty

Partnership launches no-cost wastewater monitoring service for local governments dlvr.it/SW7N74

5th August 2022
AmerCityCounty

Investing in America’s onsite wastewater treatment systems for equity and sustainability dlvr.it/SW4Mb9

4th August 2022
AmerCityCounty

With passage of PACT Act, veterans service officers are preparing for an influx in applicants dlvr.it/SW4KTg

4th August 2022
AmerCityCounty

The 5 Procurement Superpowers Shaping the Future of Public Procurement dlvr.it/SW4DqT

4th August 2022
AmerCityCounty

This exclusive whitepaper presents the most recent nationwide data that give an unbiased view of how residents real… twitter.com/i/web/status/1…

3rd August 2022
AmerCityCounty

Capitalizing on hybrid work, these 10 cities are ready to take advantage dlvr.it/SW0cjT

3rd August 2022
AmerCityCounty

Increase in emergency response time caused by insufficient staffing, traffic congestion dlvr.it/SVxcLn

2nd August 2022
AmerCityCounty

Local governments find document imaging solutions through cooperative contracts dlvr.it/SVxJnL

2nd August 2022

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X