Arizonian’s personal information such as social security numbers and health information was recently revealed to be insecure as auditors were able to access confidential information while testing the state’s Department of Economic Security networks, a new report by the auditor general reveals.
This isn’t unusual, with Michigan’s IT infrastructure also recently revealed to be insufficient. These reports are emerging alongside several statewide, high-profile hacking incidents.
There is no doubt that network hacking attacks and hacktivism are on the rise. And with budgets tight there are several steps local governments can take to keep network hacking incidents from happening to them, according to analyst Jack Gold of analyst firm J. Gold Associates.
“My experience is that most government agencies don’t have those things in place, especially when it’s not mainline city, county or state government running it,” says Gold. “What agencies really need to do is to assess what the risks are — the truth is that, today, everybody is at risk, there are no non-risk agencies — and then decide whether they have the budgets to put these tools in place to arm themselves with as much security management as possible.”
1. Look to Keep Hackers on the Outside
Typically, a hacker will gain the credentials of someone that has a legitimate way of logging into the system, Gold says, which means the first line of defense is to keep end users from engaging in phishing schemes.
“This is not easy to do because we all get messages and are tempted to click on links,” Gold notes.
A city can, however, aim to train employees to recognize phishing schemes. The city of Los Angeles, for example, has been running phishing exercises for its employees to see who could use a bit more cybersecurity education, StateScoop reports.
2. Make Effective Use of Network Monitoring Tools
Invariably, hackers will find their way into some systems, and once inside, the agency should have tools in place to prevent someone from modifying the code.
“There is no easy way to do it. The best way to do it is to monitor everything going on in your system and then have a software in place that can identify not only who is in the system, but whether they are doing something appropriate,” says Gold.
He spotlights ways to ensure technologies put in place remain effective.
- Ensure your system has up-to-date security suites, like McAfee, Symantec and Cylance, so that if someone is trying to break into your PC or terminal, it is more difficult.
- An effective network interface that monitors traffic and flags suspicious entries is key. Gold flags RSA NetWitness and tools from Cisco as effective software to monitor traffic.
- Make sure that whatever operating system you’re running has the latest patches and updates.
3. Evolving Cyberthreats Mean Evolving Systems
Once a security system is in place, it is important not to assume that it will last for the next 10 years.
“Threats keep getting updated, operating systems are changing, etc., and you have to be aware that you have to keep up and change with the times. It takes continuous monitoring and continuous investment,” says Gold.
4. When It Comes to Cybersecurity, Sharing Is Caring
Gold notes that while most agencies are hesitant to share that they have been breached, after an attack, sharing data with other agencies and other city governments is valuable to everyone.
“Don’t be afraid to go out and tell people what you have found so they can look to prevent it from happening to them, and learn from other people as well,” he says. Gold notes that while most agencies are hesitant to share that they have been breached, after an attack, sharing data with other agencies and other city governments is valuable to everyone.
“Don’t be afraid to go out and tell people what you have found so they can look to prevent it from happening to them, and learn from other people as well,” he says.