Cyberattacks Against Municipalities
Cyberattacks Against Municipalities
Schools, libraries, hospitals, and cities are being targeted by ransom attacks in increasing numbers. State and local government agencies are also reporting a rising number of cyberattacks. For instance, in 2019 hacking of government entities rose 65% and averaged 3 attacks a week. Then in 2020, research showed that 44% of global ransomware attacks, roughly 133,496,000, targeted municipalities. Ransomware is not new, but recent examples are more sophisticated and more alarming. It’s time to understand the gravity of the impact that cyberattacks can have on municipal entities.
I’m going to feature two recent cyberattacks on public sector institutions and how these breaches could have been prevented.
New York New York
The first breach comes from New York City on April 20, 2021, as the MTA was breached by hackers. The safety of the public was never threatened however, the system-level access acquired by the hackers certainly drew attention. 18 systems were impacted. Control of the train system and other safety mechanisms of the system were at risk. Since the attack, the MTA says it implemented the federally recommended fixes and is adding more layers of protection to its system. 5% of the MTA’s employees and contractors were mandated to change their passwords and switch to different VPN’s.
Neal Bridges, Chief Content Officer for INE, said that "The biggest takeaway that we will see ... is the need for more cybersecurity focus on our critical infrastructure." Focusing on server security infrastructure is becoming more critical. Too long have public sectors gone without proper cybersecurity. Hacks of this magnitude give the public a glimpse on how easily our municipalities can be manipulated.
The Lone Star State
Everything is bigger in Texas, even the data breaches! Our second attack is out of the city of Borger, TX on August 16, 2021. The city of Borger was taken hostage for days. The city was forced to operate their water supply system manually while printers were bombarded with demands for payment. The hack began at a firm who provides technology services to local governments. The hackers began branching through screen-sharing software and remote administration to seize control of the networks of some of the company's clients. This Texas firm was infiltrated, and it soon became clear that the police station was not the only client affected. Within hours, Gov. Greg Abbott declared it a cyber disaster and the Texas National Guard Cyber Specialists were activated to resolve the issue.
Yes, cyber specialists were called in to resolve the breach, retrieve stolen information, and boot the hackers out of the system. But what could have possibly prevented the breach? The third-party firm was a trusted partner that the hackers compromised to find a pathway into the government systems. Vendors like these serve customers around the globe and require a clear set of expectations with consistent assessment and risk monitoring. Monitoring who has access to what can be the first step in learning to identify and respond to potential points of entry for hackers.
Cyberattacks are not limited to commercial institutions. The major concern with breaches at municipalities is that it puts everyone at risk. Schools will have to be locked down, hospital records could be leaked, and train systems can stop running. Our well-oiled machine of municipal entities can come crashing down which is why cybersecurity is a real issue in need of real solutions.