Between the COVID-19 pandemic and widespread political unrest, cities across America are busier and unfortunately, more distracted, than ever. Cyber criminals know this all too well and are taking full advantage of an already-bad situation to carry out their dastardly deeds. These include malicious, and oftentimes costly, ransomware attacks on state and local governments.
Take the City of Knoxville, Tennessee, for example. It’s the latest in a string of ransomware attacks this year. On June 11, 2020, hackers accessed the City’s computer systems/data, disrupted normal operations, and made a bitcoin ransom demand. According to SmartCitiesDive, the ransomware attack led to “technical issues” among the Knoxville Police Department that prevented officers from responding to most traffic crashes (chiefly non-injury ones). These issues were not resolved until June 30th.
As of this writing, it does not appear the City of Knoxville will pay the undisclosed ransom demand unlike other cities that have been hacked and held hostage (so to speak). Among them are Florence, Alabama, which paid the DoppelPaymer ransomware gang nearly $300,000 to prevent its data from being published.
DoppelPaymer is an emerging type of ransomware that not only locks companies out of their own computer systems by encrypting files—the hallmark of typical ransomware—but also can exfiltrate company data and use it as collateral.
So, while your city continues its work to protect its people during the pandemic, let it also remember to protect its cyber assets from cyber criminals. The following measures can help in these uncertain times and well into the future.
– Purchase and use the latest antivirus/antispyware software
– Keep your operating systems and applications current
– Adopt a formal internet/email policy
– Train employees in general cybersecurity principles
– Make cybersecurity a key element of your city’s Emergency Operations (EOP) and/or Continuity of Operations (COOP) plan
– Conduct a cybersecurity exercise when possible
In the meantime, stay safe and stay aware!
BOLDplanning provides expert consultative services and leading-edge, online software for the development, maintenance, and exercising of continuity, emergency, and hazard mitigation plans for public and private sector organizations nationwide.