Cyberattacks on cities and communities: Is this the new norm?
The current attack on the city of Atlanta in the USA has paralyzed much of the administration and city government. This is one of the most sustained and effective cyberattacks ever committed against a major American city. Atlanta is one of the largest metropolitan regions in the US with about six million citizens.
Among other things, system-relevant digital data was encrypted during the attack. For the time being, it is not certain whether this data can be restored by backups. Applications were also suspended by the crypto Trojan. As a result, residents of the region were unable to pay their water bills or fines. Legal proceedings for persons who are not in police custody have been adjourned until the computer systems are working properly again. The city government worked hard to keep the processes and services, and consequently the government apparatus, running.
Cybersecurity and its significance for cities and communities were also an issue at this year's RSA in San Francisco, one of the largest IT security shows. The question was whether this type of attack and its effects would be the new norm? How should cities prepare for such an attack?
Why cities and municipalities?
Cities and municipalities have found themselves in a situation where they are an ideal target for attacks due to considerable failures in cybersecurity. They have failed to invest in cybersecurity in line with the increasing threat and risk landscape in recent years. A ransomware attack in corresponding major regions is therefore a worthwhile target for cybercriminals, because the pressure to pay ransom money here is great due to the loss of the ability to act. The attack on computers in Atlanta is an illustrative example of the dangers faced by local governments around the world in the Internet age. They are considered more vulnerable than private companies, both in their technology and in their limited ability to tolerate system failures and downtime.
What is to be done?
Protection mechanisms for phishing and ransomware are well known. However, there is often a lack of financing and well thought-out implementation due to a lack of appropriate IT architectures. The use of cloud-based security services is helpful, but it requires a coherent and comprehensive strategy for configuration and implementation. Local governments in particular consist of a patchwork of network structures and many different people have extended access to them. Here, a coherent system must first be created at the base that offers cybercriminals fewer loopholes.
What do recommendations look like?
Local governments often work with outdated systems, tight budgets and IT staff. "According to a 2016 U.S. survey, 38 percent of local governments rely on technology that is at least one generation outdated. Less than half had taken out cybersecurity insurance that can help cover the cost of responding to a major attack." It is therefore time to take action here.
In addition, an adjustment of the Windows monoculture should be considered. In 2017, WannaCry and NotPetya found that the loss of access to Windows computers means the loss of access to critical documents as well as to faulty systems and processes. Your organization has a functional problem if the systems on which 90% of your business processes depend cannot be reached. Of course, switching from Windows to another operating system is not an option. Rather, a certain diversity or mixed culture makes sense. These may include Mac and Linux servers, Mac-based laptops, Chromebooks, iOS tablets and Android tablets. Allocating these resources throughout the organization could be critical to maintaining operations in future attacks.
This use of mixed cultures can also be seen in the example of Browser in the Box. Surfing the Internet is one of the biggest loopholes for e.g. ransomware attacks. Browser in the Box makes Internet access secure by ensuring that the virtualized browser runs in a Linux environment, among other things. The surface to be attacked is thus considerably reduced. Find out more about Browser in the Box here.