Cyberattacks on cities and communities: Is this the new norm?

Cyberattacks on cities and communities: Is this the new norm?

The current attack on the city of Atlanta in the USA has paralyzed much of the administration and city government. This is one of the most sustained and effective cyberattacks ever committed against a major American city. Atlanta is one of the largest metropolitan regions in the US with about six million citizens.

Among other things, system-relevant digital data was encrypted during the attack. For the time being, it is not certain whether this data can be restored by backups. Applications were also suspended by the crypto Trojan. As a result, residents of the region were unable to pay their water bills or fines. Legal proceedings for persons who are not in police custody have been adjourned until the computer systems are working properly again. The city government worked hard to keep the processes and services, and consequently the government apparatus, running.

Cybersecurity and its significance for cities and communities were also an issue at this year's RSA in San Francisco, one of the largest IT security shows. The question was whether this type of attack and its effects would be the new norm? How should cities prepare for such an attack?

Why cities and municipalities?

Cities and municipalities have found themselves in a situation where they are an ideal target for attacks due to considerable failures in cybersecurity. They have failed to invest in cybersecurity in line with the increasing threat and risk landscape in recent years. A ransomware attack in corresponding major regions is therefore a worthwhile target for cybercriminals, because the pressure to pay ransom money here is great due to the loss of the ability to act. The attack on computers in Atlanta is an illustrative example of the dangers faced by local governments around the world in the Internet age. They are considered more vulnerable than private companies, both in their technology and in their limited ability to tolerate system failures and downtime.

What is to be done?

Protection mechanisms for phishing and ransomware are well known. However, there is often a lack of financing and well thought-out implementation due to a lack of appropriate IT architectures. The use of cloud-based security services is helpful, but it requires a coherent and comprehensive strategy for configuration and implementation. Local governments in particular consist of a patchwork of network structures and many different people have extended access to them. Here, a coherent system must first be created at the base that offers cybercriminals fewer loopholes.

What do recommendations look like?

Local governments often work with outdated systems, tight budgets and IT staff. "According to a 2016 U.S. survey, 38 percent of local governments rely on technology that is at least one generation outdated. Less than half had taken out cybersecurity insurance that can help cover the cost of responding to a major attack." It is therefore time to take action here.

In addition, an adjustment of the Windows monoculture should be considered. In 2017, WannaCry and NotPetya found that the loss of access to Windows computers means the loss of access to critical documents as well as to faulty systems and processes. Your organization has a functional problem if the systems on which 90% of your business processes depend cannot be reached. Of course, switching from Windows to another operating system is not an option. Rather, a certain diversity or mixed culture makes sense. These may include Mac and Linux servers, Mac-based laptops, Chromebooks, iOS tablets and Android tablets. Allocating these resources throughout the organization could be critical to maintaining operations in future attacks.

This use of mixed cultures can also be seen in the example of Browser in the Box. Surfing the Internet is one of the biggest loopholes for e.g. ransomware attacks. Browser in the Box makes Internet access secure by ensuring that the virtualized browser runs in a Linux environment, among other things. The surface to be attacked is thus considerably reduced.

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Marketing permission

I want to receive information from Rohde & Schwarz via

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to news@rohde-schwarz.com. Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.