​Governments Under Cyber Siege

Criminals are using sophisticated methods to cash in on vulnerable data on city and state government systems.

Comments Views

​There's trouble down on the Bayou. Last Friday, city officials in New Orleans acted quickly to try to stave off a cyberattack on city government computers. A public address announcement at City Hall ordered city employees to shut down their computers that morning after phishing emails seeking passwords were discovered, the Associated Press reports. So far, the city has not received a ransom demand, but state and federal law enforcement officials are investigating.

Just last month, the governor of Louisiana declared a state of emergency after a ransomware attack on servers at the state's Office of Motor Vehicles. The state responded by shutting down server traffic to neutralize the attack, Business Insider reports. "These protective actions likely saved the state from data loss and weeks of server outages," officials said in a press release.

The attacks in New Orleans and in the state capital in Baton Rouge are reminders that municipal and state governments are prime targets of cyber criminals. A few days before the New Orleans attack, a ransomware attack compromised city government computers in Pensacola, Fla., impacting government services such as online payments. In the past two years, Atlanta and Baltimore suffered similar attacks that severely harmed city government systems and impeded public services.

The Ransomware Threat

Ransomware attacks encrypt data on compromised systems and then demand payment to release it. Phishing emails and malware typically are weapons for spreading ransomware. They are among the most common threat types detected by organizations, according to the 2019 Cybersecurity Report Card from threat-investigation technology company DomainTools.

Ransomware has targeted companies, governments, hospitals, and other organizations. In some cases, organizations have agreed to pay the ransom, although law enforcement officials and security experts advise against doing so. Forrester Research forecasts that ransomware incidents will increase in 2020, as attackers seek to cash in by targeting consumer devices and "demanding ransom from the [device] manufacturer."

Weaponizing Data

Attackers are getting more sophisticated, too. Forrester predicts attackers will "weaponize" data and artificial intelligence in the coming year. With companies compiling ever-more data to gain insights, attackers have greater incentive to go after that data, Forrester notes in its Predictions 2020 report. Moreover, technologies such as the Internet of Things come with fewer controls, expanding access for attacks.

"Simply put, there are more attackers with more sophisticated tools aimed at a larger attack surface," Forrester says. "And those attackers want enterprises to pay."

That financial risk should get the attention of senior executives and boards, as well. That's the focus of a new Committee of Sponsoring Organizations of the Treadway Commission report, Managing Cyber Risk in a Digital Age (PDF). The Deloitte-authored report details how organizations can apply the Enterprise Risk Management–Integrating With Strategy and Performance framework to cyber risk.

Quick Thinking

In New Orleans, city officials decided to shut down systems soon after the city discovered the attack. Officials said the city backs up financial records on a cloud-based system and the city's emergency services were using telephones and radios to operate while systems were down. "We will go back to marker boards. We will go back to paper," Collin Arnold, the city's homeland security director told the Associated Press.

Tim McCollum
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

About the Author

 

 

Tim McCollumTim McCollum<p>​​​​Tim McCollum is <em>Internal Auditor</em> magazine's associate managing editor.​​</p>https://iaonline.theiia.org/authors/Pages/Tim-McCollum.aspx

 

Comment on this article

comments powered by Disqus
  • AuditBoard_Pandemic_May 2020_Premium 1_
  • Galvanize_May 2020_Premium 2
  • IIA CERT-Online Proctering_May 2020_Premium 3