Cyberattacks on cities and communities: Is this the new norm?

Cyberattacks on cities and communities: Is this the new norm?

The current attack on the city of Atlanta in the USA has paralyzed much of the administration and city government. This is one of the most sustained and effective cyberattacks ever committed against a major American city. Atlanta is one of the largest metropolitan regions in the US with about six million citizens.

Among other things, system-relevant digital data was encrypted during the attack. For the time being, it is not certain whether this data can be restored by backups. Applications were also suspended by the crypto Trojan. As a result, residents of the region were unable to pay their water bills or fines. Legal proceedings for persons who are not in police custody have been adjourned until the computer systems are working properly again. The city government worked hard to keep the processes and services, and consequently the government apparatus, running.

Cybersecurity and its significance for cities and communities were also an issue at this year's RSA in San Francisco, one of the largest IT security shows. The question was whether this type of attack and its effects would be the new norm? How should cities prepare for such an attack?

Why cities and municipalities?

Cities and municipalities have found themselves in a situation where they are an ideal target for attacks due to considerable failures in cybersecurity. They have failed to invest in cybersecurity in line with the increasing threat and risk landscape in recent years. A ransomware attack in corresponding major regions is therefore a worthwhile target for cybercriminals, because the pressure to pay ransom money here is great due to the loss of the ability to act. The attack on computers in Atlanta is an illustrative example of the dangers faced by local governments around the world in the Internet age. They are considered more vulnerable than private companies, both in their technology and in their limited ability to tolerate system failures and downtime.

What is to be done?

Protection mechanisms for phishing and ransomware are well known. However, there is often a lack of financing and well thought-out implementation due to a lack of appropriate IT architectures. The use of cloud-based security services is helpful, but it requires a coherent and comprehensive strategy for configuration and implementation. Local governments in particular consist of a patchwork of network structures and many different people have extended access to them. Here, a coherent system must first be created at the base that offers cybercriminals fewer loopholes.

What do recommendations look like?

Local governments often work with outdated systems, tight budgets and IT staff. "According to a 2016 U.S. survey, 38 percent of local governments rely on technology that is at least one generation outdated. Less than half had taken out cybersecurity insurance that can help cover the cost of responding to a major attack." It is therefore time to take action here.

In addition, an adjustment of the Windows monoculture should be considered. In 2017, WannaCry and NotPetya found that the loss of access to Windows computers means the loss of access to critical documents as well as to faulty systems and processes. Your organization has a functional problem if the systems on which 90% of your business processes depend cannot be reached. Of course, switching from Windows to another operating system is not an option. Rather, a certain diversity or mixed culture makes sense. These may include Mac and Linux servers, Mac-based laptops, Chromebooks, iOS tablets and Android tablets. Allocating these resources throughout the organization could be critical to maintaining operations in future attacks.

This use of mixed cultures can also be seen in the example of Browser in the Box. Surfing the Internet is one of the biggest loopholes for e.g. ransomware attacks. Browser in the Box makes Internet access secure by ensuring that the virtualized browser runs in a Linux environment, among other things. The surface to be attacked is thus considerably reduced.

Informationen anfordern

Haben Sie Fragen oder benötigen Sie weitere Informationen? Nutzen Sie hierzu einfach unser Kontaktformular und wir setzen uns umgehend mit Ihnen in Verbindung.

Ich möchte Informationen von Rohde & Schwarz erhalten per

Marketing-Einverständniserklärung

Was bedeutet das im Einzelnen?

Ich bin damit einverstanden, dass die ROHDE & SCHWARZ GmbH & Co. KG und die im Impressum dieser Website genannte, ROHDE & SCHWARZ zugehörige Gesellschaft oder Niederlassung, mich über den gewählten Kommunikationskanal (E-Mail oder Post) zu Marketing- und Werbezwecken kontaktiert (z.B. zur Übersendung von Informationen über Sonderangebote und Rabattaktionen), die in Zusammenhang mit Produkten und Lösungen aus den Bereichen Messtechnik, sichere Kommunikation, Monitoring and Network Testing, Rundfunk- und Medientechnik sowie Cybersicherheit stehen, aber nicht auf diese beschränkt sind.

Ihre Rechte

Diese Einverständniserklärung kann jederzeit durch Senden einer E-Mail, in deren Betreffzeile "Unsubscribe" steht, an news@rohde-schwarz.com, widerrufen werden. Darüber hinaus enthält jede von uns versandte E-Mail einen Link, durch den das Abbestellen zukünftiger Werbung per E-Mail möglich ist. Weitere Einzelheiten zur Verarbeitung personenbezogener Daten und zum Widerrufsverfahren finden sich in unserer Datenschutzerklärung..

Ihre Anfrage wurde erfolgreich versendet. Wir nehmen in Kürze Kontakt mit Ihnen auf.
An error is occurred, please try it again later.