Thirty-nine years ago, long before cyber threats and warfare, the video arcade industry blew up over Atari’s release of Missile Command. For a Soviet-jittery American public, Missile Command was a product of its time. The player’s mission: defend six cities from thermonuclear attack by intercepting each missile. Fast-forward to today, however, and there’s a new threat facing America’s cities in some sense no less severe: cybersecurity data breaches.
The trouble is, while the hazard is being reported in the news, the cyber threat level has not yet resonated with the viewing, listening, tweeting, or Instagram posting/Facebook sharing public. As Americans close out the second decade of the 21st century, the menace isn’t bombing, it’s bits – and bytes. And the millions of lines of computer code necessary to complete a successful cybersecurity breach.
A New Type of War Requires a New Type of Defense
Unlike Missile Command, malware and ransomware are not a game. And, it’s no laughing matter either. In the last few weeks alone, a slew of cities has been attacked. There is no smoke; there is no fire. And, thankfully, there no nuclear fallout.
But cybersecurity attacks have a fallout of their own: loss of data privacy, loss of productivity, loss of community confidence and civic pride, and the potential breakdown of government services, leading to disorder at a minimum, or chaos and loss of lives at worst. Baltimore, Tallahassee, Newark, Atlanta, and Philadelphia are just some of the latest victims. These cities are home to more than 3 million Americans combined, not including their larger metropolitan areas.
Discover some of the cities under siege:
- Baltimore – On May 7, 2019, the Baltimore city government was the victim of a ransomware attack. Using a hacking tool developed by the National Security Agency (NSA), criminals deployed ransomware called RobinHood, which effectively shut down essential city services like obtaining permits, to closing home sales and processing water bills. For most of May, Baltimore’s city offices ground to a halt, costing the city upwards of $18 million. And, all of it in the demand of a $76,000 Bitcoin ransom.
- Tallahassee – In April 2019, Florida’s capital city found itself half a million dollars poorer after cybercriminals hacked the city database. Incredibly, this is the second attack in a month in which the city’s computer system fell victim to an attack. The weakness? Likely the fact that Tallahassee uses an out-of-state, third-party vendor to host the city’s payroll services. As a result of the attack, direct deposit paychecks were redirected.
- Newark – In April 2017, two Iranian hackers broke into Newark, New Jersey’s computer system as part of a ransomware scheme demanding $30,000 in Bitcoin. As of the latest reporting from NJ.com, both hackers remain at large. As is the case in other cities, the money lost to ransom is trivial in comparison to the losses incurred by the cyber threat. Overall, it is estimated that the attack cost victims (in attacks beyond Newark) more than $6 million in ransom payments and more than $30 million in losses due to a lack of access to data.
- Atlanta – In March 2018, SamSam malware was unleashed on Atlanta’s computer systems violating the Computer Fraud and Abuse Act, allegedly perpetrated by the same two Iranian’s involved in Newark’s data breach. After more than a week, municipal courts were unable to retrieve files, residents were unable to pay bills, and police officers had to process and book inmates by hand. The asking price for the ransom attack? Fifty-one thousand, also in Bitcoin.
- Philadelphia – Last month, in May 2019, Philadelphia’s court system was released from all human control. While a computer virus was found on only a limited number of computers, city officials took precautionary measures to shut down court websites and related computer programs. As of this blog’s writing the online shutdown continues, 21 days and counting. Although data related to civil and criminal cases are both being affected, civil cases will feel a more significant impact as criminal files can be accessed on a statewide system.
Simple Solutions for a Cyber Threat
As evidenced from above, cities across America face a growing threat. Many of them have already been attacked. But in returning to the Missile Command era analogy, there is an irony in the vulnerability in our twin technological moments.
In 1980, launching and thwarting a thermonuclear attack required the most sophisticated technological preparedness and response. Launching an intercontinental exchange necessitated the use of the most potent weapons ever conceived, guided by advanced computer systems initially developed for landing on the moon. Likewise, successfully defending against an attack required mass civil awareness, public bomb shelters, stockpiled food, clothing, lighting, fuel, water, and medical supplies.
Compared to 1980, solutions to 2019 cyber threats seem almost quaint. Too often data breaches have occurred not because of some super technology, or super criminal, but rather is the result of super carelessness – the digital equivalent of leaving the keys in the getaway car. In fact, employing the most elemental cybersecurity checklist could have prevented or mitigated many of the above cyber threats.
Follow these preventative measures to combat a potential cyber threat:
- Maintain a security threat mindset and never believe it can’t happen to your city.
- Beware of suspicious emails as part of phishing expeditions. If an email has an unknown address or looks “off,” don’t open it and certainly don’t click on any attachments.
- Comply with password management standards. Use a password manager and/or create a long password of 20+ characters. And, don’t use the same password for multiple access.
- Avoid visiting unknown websites and, as with email, downloading unknown software.
- Update all computer and application software regularly. Make sure there is someone to oversee this process and remind employees to do their part.
- Keep smartphones and tablets on your person. Close laptop screens when not in use. Log off or lock your computer when away from your desk.
- Remove all personal sensitive data off your work computer.
- And always, always, always, always, back up your data. Consider cloud storage or a remote server for your information and have a disaster recovery plan.
Attain The Next-Level Cyber Threat Protection
Keep these simple cybersecurity tips in mind and you should significantly reduce the chances of your next data breach. Of course, advanced security protocols are an important step, too. And third-party experts best provide that next-level protection. Why? Because only dedicated cybersecurity providers have the budget and the expertise to deliver what governments increasingly require. Fortunately, the team at Sentribit is here to help.
Backed by 30+ years of experience in the IT industry, Sentribit, a leader in cybersecurity defense, utilizes a comprehensive approach to security that spans people, process, facilities, and technology. By assessing and measuring risk to identify the likelihood and impact of a cyber event, Sentribit prepares organizations with a complete and versatile threat strategy.
Contact us today at (908) 232-2060, and one of our cybersecurity experts will help you get started. Failure to adopt these measures – and others – to prevent the next cyber threat could have your city government, its employees, and your citizens going “ballistic.”