Be Ready When (Not If) You're Hit with a Cyber Attack.

• Author: Bertolini, Phil

Our world today can be a scary place, especially when we look at the role of technology in our everyday lives. People use technology for just about everything today, including managing their finances, protecting their property, or simply starting their car. There is an app for everything, or so they say, but are the apps secure enough to make sure that no one steals our identities or our hard-earned money? Will our personal information be protected, or are we willing to accept the risk in order to have an easier way of life?

These questions are top of mind for most people--and governments have these same questions, coupled with the necessity of managing technologies that provide services for the betterment of their citizens. Many of these services, like those provided by law enforcement, are crucial to saving lives every day. Governments rely on technology, but they also have limited funding for developing these technologies. Funding priorities do not always put cybersecurity at the top of the list, prompting the "bad actors" of the world to prey on those that are less protected. The harsh reality is that the battle against cyber criminals may change over and over, but it will never end.

The Latest Scourge

The latest scourge on government technology is the emboldened process of locking up technology resources and forcing governments to pay a ransom, better known as ransomware. The criminals harvest information from unsuspecting government workers by using phishing scams or by simply providing inviting but malicious links. They prey on the technically weak because they can. Local governments have moved up the list of organizations targeted by criminals because in many cases they are the weak and because of their lack of funding coupled with limited cyber protections.

These criminals are often characterized as misguided 16-year-olds working out of their parents' basements when in reality, they are part of organized crime and/or nation-states that see cybercrime as a way to crush the finances of their enemies. They often use mechanized attacks that pound on government systems relentlessly, sometimes reaching into the millions of attempts. They look for holes left as governments frequently change their systems to keep up with the needs of the organization. In fact, the ransomware phenomena represents an estimated $7.5 billion enterprise, making criminals wealthy beyond belief. Data published by the MIT Technology Review illustrates the level of impact ransomware is having on governments across the nation. The study estimates that approximately 966 government agencies were affected in 2019, along with 89 universities and 1,233 individual schools.

"Most American local governments do a poor job practicing cybersecurity," according to a study by the University of Maryland. This study also found that a little more than one-third of governments did not know how frequently security incidents occurred, and that approximately two-thirds of governments did not know how often their systems were breached. A cyber criminal could in fact be buried within a target's systems for hundreds of days before striking. The lack of awareness by government is exactly what the criminals count on and is why it is not "if' a government will be successfully attacked, but "when."

Fast and Furious

These attacks are coming at a rate so fast and furious that...