All of #Texas must #prepare for #cyberattacks
A city government on the verge of shutdown, with multiple city departments not able to function because of a massive technology breakdown. A crippled municipal court system that has stopped working. Millions in lost revenue because residents can’t paying water bills, and vital communications like sewer and infrastructure repair requests can’t be processed. Finally, all electronic communication systems for first responders is rendered inoperable for several days. The cause is a powerful computer virus released into a city system by hackers demanding payment.
If this sounds like the newest plot from a Hollywood disaster movie, think again. It’s the reality of a cyber attack that recently hit the city of Atlanta, and is likely the first of many more that American cities, counties and states are likely to face.
Just two weeks ago, Atlanta was hit by a “ransomware” attack known as SamSam, nearly bringing down all city operations. The city continues to be hobbled by the attack, with many of its systems still not fully functional. Atlanta like most major cities was caught flat-footed and unprepared. Attempted ransomware attacks against local governments in the United States have become all too common. A 2016 survey of the International City/County Management Association (ICMA) for jurisdictions across the country found that one-quarter of local governments reported that they were experiencing attacks of one kind or another.
With such an ongoing threat, you would imagine that cyber-security would be a major priority for municipal government. Shockingly, less than half the local governments surveyed said they had a formal cybersecurity policy, and only 34 percent said they had a written strategy to recover from breaches.
Simply put, American cities are unprepared to deal with the reality of cyber-attacks.
Atlanta is certainly not alone with its cyber preparedness issues. Municipalities often have very limited technology budgets, with investments funneled to meet immediate tech needs rather than focusing on cyber defense. With limited money and expertise, implementing the most basic security practices can be challenging, let alone cutting edge defenses in this fast changing and evolving threat. Compounding the problem is that hackers aren’t necessarily attacking cities specifically, but they are simply looking at vulnerable sites with poorly protected governments an easy target.
Houston may be particularly vulnerable for an Atlanta-style attack.
Webroot, an internet security firm, analyzed the malware infection rates for 2016, to evaluate which communities were most vulnerable to cyber attacks. Houston was the No. 1 ranked city with more than 60,000 infected devices, making it potentially the municipality most likely subject to attack in the country.
Against this backdrop, what if anything can be done to keep Houston safe?
Houston has in many ways led on the issue of cyber-security and protection. One of the earliest cities in the country to have a chief information/technology officer, it has since 2013 also had a chief technology Security officer who is tasked with maintaining a consistent and uniform security plan for the city’s technical infrastructure. Houston, unlike many other cities, does maintain a formal cybersecurity policy that is updated on a real time basis.
What’s missing however, is the budgetary flexibility to quickly update systems and software. In today’s world cyber-security is critically important to our daily lives. We need to prioritize software and critical infrastructure updates in the same way we prioritize first responders with the resources to protect us.
The city continues to operate on outdated systems that are vulnerable to cyber-attack. If we don’t update our systems, we could find ourselves in the exact same position as Atlanta.
In the modern era, maintaining a strong cyber security system is as important as making sure we have adequate police and fire protection.
View full post on National Cyber Security Ventures