Cyber attacks are not only weakening private businesses but also hampering administrative and executive work. Several municipalities and government offices worldwide have reported a loss of data and documents due to municipal cyber attacks. In the year 2020 alone, 44% of cyber-attacks targeted municipal offices.
Government offices store various information on citizens for their day-to-day activities as part of welfare and administrative work. As governments move into the age of computerization, government databases are also being digitized rapidly. So, the data stored by the government is a potential and attractive target for cybercriminals. The stakes are high because the stolen information can lead to fraud or crimes on a large scale.
The most significant drawback with software and equipment used by the government is that they are usually out of date. Municipal offices are more vulnerable to cybercrimes because their IT systems are not updated regularly like a private company’s. Even though they are insured against such crimes, data loss can still lead to a public outcry and damage personal reputation or property.
Municipal Cyber Attacks around the World
Several instances of municipal cyber-attacks globally have raised concerns among citizens concerning the technological capabilities and security of large volumes of information stored by the government. Cybersecurity breaches like these hamper the working of the government and threaten the integrity of private information. Here are a few examples of municipal cybercrimes that have occurred in the past few years:
Canadian Municipal Offices: The CBC reported the loss of confidential information from Canadian government offices at several levels. The estimated losses incurred by the government were between 3 and 5 billion dollars.
Baltimore City ransomware: The city of Baltimore faced a ransomware attack. The attack derailed several administrative operations of the town and resulted in backlogs.
Cockrell Hill, Texas A city in Texas with about 4,000 residents was also the victim of cyber-crimes; the hackers got away with police department files. On being denied a ransom of four thousand dollars, the hackers erased the data, resulting in the loss of sensitive information related to crimes and criminals.
Pimpri-Chinchwad ransomware: The cyberattack on the municipality’s smart servers led to a loss of approximately six hundred thousand dollars. Even though there was no data loss or ransom, the attacks alone signify the government’s need to enhance its data management and security.
How to Avoid Municipal Cyber Attacks
Cyber-attacks on municipal servers and databases have far greater repercussions than they do on an individual company’s IT assets. The attack is indirectly on the whole community. Such cybercrimes can be fought by high-level, in-depth testing and maturity assessments at regular intervals. The several compliance standards enacted will also guarantee the safeguarding of personal and confidential data. Here are a few standards explained in brief:
ITAR Compliance: The ITAR, which stands for International Traffic in Arms Regulations, is a system to secure information about military technologies and arms deals. The use of ITARregulatory practices can protect municipal databases.
The AICPA (American Institute of CPAs) developed SOC 2, a voluntary compliance standard for service organizations that describes how firms maintain client data. The trust principles and the checklist combined can result in a robust system that would help combat ransomware and cyber-attacks. Simulated attacks for testing systems are also ideal in preparing for cyber-attacks.
NIST SP800-115: The NIST is a cybersecurity framework that can analyze and mitigate cyber threats. The SP800-115 system offers a step-by-step path to robust cybersecurity through holistic testing and assessment. By adopting this standard, cybersecurity staff can secure government systems, making it difficult for attackers to penetrate these systems.
The Need for Action
The alarming statistics for municipal cyber attacks are a sure sign of how ease of storage can become a problem if the stored information is not adequately protected. The implications of a cyber-attack on a government office, such as a municipality, are often more harmful than they might seem on the surface. So, information security is a matter of great importance and should become a part of all governmental policies globally.