Governments today need to be prepared for any sort of attack: terrorists attempting to impact large events, the infiltration of a water supply — and ransomware attacks. October is Cybersecurity Awareness Month, giving agencies the opportunity to bring this important topic front-of-mind.
The 2018 security breach experienced by the city of Atlanta shows that municipalities may not be prepared for hackers who have the savvy to take government information hostage without ever setting foot in the door. With an affected area of around six million people, this was the largest group of individuals impacted by a government breach to date. Communication to prevent and respond to these incidents can be challenging; not just within the organization, but also between affected government entities and the public.
Surprisingly enough, the hackers in the Atlanta incident were only asking for $51,000 in Bitcoin — a paltry sum considering that they effectively held the city hostage for nearly a week. While city officials declined to comment on whether or not the ransom was paid, two weeks after the attack they were still struggling to restore services which suggests the ransom was not paid. Instead, the courts were unable to process online or in-person tickets, hearings had to be rescheduled and employees were unable to access their files and computers. While the city’s 911 service was not affected, it easily could have been a target of the hackers. This isn’t the first time that municipalities have been the target of malicious actors: Dallas had an incident in 2017 where hackers activated tornado sirens during the early hours of the morning, and the Colorado Department of Transportation has also been targeted. Attempting to keep communication flowing during an emergency can be challenging, especially if you’re unable to access key government computer systems.
The amount of confusion in the case of these incidents is extensive: from employees unable to log into their computers systems and clogging up a help desk queue with unanswerable questions to the bewilderment of residents attempting to use city services. If the first government employee to discover the issue was trained to immediately reach the right individuals, a mass communication could be crafted and sent to various constituent groups. It is not uncommon for a cyber-attack to last multiple days — plenty long enough to wreak havoc with government procedures, employees and the public. Fortunately, implementing a mass notification plan specifically for cyber-attacks provides simplified communication for internal constituents as well as the public.
Vital features of a communications strategy include:
Multiple methods for triggering alarms are also important. If the emergency response team in Atlanta’s technology and operations department was only able to access their notification platform via their personal computer, the virus the hackers released would have made the notification platform useless. The ability to launch notifications from a variety of different platforms including mobile phones and via the internet is an important one for today’s complex government organizations. Learn more about how to protect your government entity from this type of infiltration — from internal early warnings for staff to external messaging to residents — with OnSolve’s CodeRED. The CodeRED solution is deeply entwined with the Integrated Public Alert & Warning System (IPAWS), making it the ideal solution for governments and municipalities. Contact OnSolve today at 866-939-0911 or request a free demo online anytime.
Cybercrime is becoming a much more prevalent threat – especially for government entities. With the amount of confidential information and databases stored by various agencies, it’s no wonder they have become targets for online criminals.View the Article