Cyber attacks against state and local governments have been dramatically increasing. In 2019 alone, there were 140 ransomware attacks – an average of 3 per day – targeting public, state and local government and healthcare providers. This is up 65% from the previous year.
Just in the past month, four cities in the US were hit with ransomware infections. These cities, including New Orleans and Pensacola, Florida, all had essential government services sabotaged or halted. After the ransomware attack on New Orleans, the mayor was forced to declare a state of emergency. In Pensacola, the sanitation department lost email and telephone systems, internet servers and their online payment system.
Earlier in 2019, when an encrypting ransomware attack took Baltimore’s IT systems hostage, the attack froze thousands of government computers and disrupted everything from real estate sales to water bill payments. Even with the help of FBI, Secret Service and cybersecurity experts, the cost to the city will be astronomical at an estimated $18 million.
Cyber attacks against state and local governments show no sign of slowing in 2020. In fact, the Cybersecurity and Infrastructure Security Agency (CISA), a division of the Department of Homeland Security, recently released a statement urging vigilance against cyber attacks and encouraging the adoption of better cybersecurity practices.
That warning proved to be extremely timely. Over the past few days, the Texas Department of Information Resources has faced a spike in attempted cyber attacks, with 10,000 attempts to probe their systems occurring every minute.
What can state and local governments do to rise to meet this challenge? IT teams working for local agencies are often already making do with too few personnel and a stretched budget. So, while an improved cybersecurity posture is essential in the face of recent threats, it can be hard to figure out where to start.
So, start by protecting the most critical assets. Government entities frequently have access to a lot of personally identifiable information and other types of data that would be disastrous if an attacker got their hands on it. If privileged access to this data is kept safe, even in the case of a network breach, the most vital information would stay secure.
Privileged access is the gateway to these critical assets, and compromised privileged credentials have played a central role in almost every major targeted attack. That makes it a perfect starting place when it comes to securing state and local government systems against an ongoing tide of cyber attackers. This is why the Center for Internet Security (CIS) has controlled use of administrative privileges as the fourth Basic CIS Control, only behind inventory and control of hardware and software assets and continuous vulnerability management.
Here is how a typical attack works: The cyber attacker starts by establishing a beachhead on the endpoint of the organization that they are aiming to breach. After gaining initial access and establishing persistence, the attacker escalates privileges to gain access to another system that brings them one step closer to their target. From there, the attacker can continue to move laterally until the target is reached, data is stolen, and operations are disrupted – or completely taken over.
By protecting the privileged credentials cyber attackers need, Privileged Access Management (PAM) provides security where it’s needed most. In the face of an onslaught of cyber attacks, state and local governments need more than ever to establish a proactive, sustainable cybersecurity program. Instead of getting overwhelmed, start with Privileged Access Management and keep the most vital assets protected.
It’s time to learn more about Privileged Access Management and staying safe from cyber attacks.