Cyberattacks Target State and Local Government Infrastructure
The recent spike in global ransomware attacks underscores the urgency for state and local governments to apply for federal cyber grants and bolster their critical infrastructure defenses. The FBI, the Cybersecurity and Infrastructure Security Agency and the National Security Agency collectively reported cyber incidents involving ransomware against 14 of the 16 U.S. critical infrastructure sectors. Those categories include the defense industrial base, emergency services, food and agriculture, government facilities, and IT sectors.
Unfortunately, state and local governments continue to face cybersecurity challenges. A 2022 report from Stanford Law School’s Center for Internet and Society revealed that nearly one-third of local governments in the United States would be unable to tell if they fell victim to a cyberattack. Beyond that, nearly half of local governments that did know they were under attack were being attacked at least daily.
President Joe Biden highlighted this reality in his 2022 National Security Strategy. The Biden administration wants to ensure that new and upgraded state and local infrastructure is “built to endure, meeting modern standards of safety and security, which includes cyber protections.”
EXPLORE: Why visibility is vital for government IT network security.
Agency Resilience and Recovery Plans Focus on Data Protection
Funding is only part of the equation. Departments need to know what to do with those dollars and where to deploy them most effectively. That includes instituting a resilience and recovery plan for use in the event of an attack. There’s a baseline minimum of cybersecurity capabilities that governments must adopt to make their data more recoverable and their systems more resilient.
This starts with establishing a broad protection platform. State and local governments increasingly keep their data on a mix of IT infrastructures ranging from cloud to on-premises and even virtualized systems. This means that any data plan must account for those different locations while also being scalable to changing resources and technology needs. The ability to instantly and securely back up data is central to recovery after an attack.
To ensure that data remains secure and usable in the event of an attack, state and local government IT teams must verify the data integrity of any backups at the moment they are saved. This requires verifying data backup quality and making it immutable.
Some experts recommend following the “3-2-1-1-0” backup rule. This calls for at least three copies of important data on at least two different types of media, with at least one of these copies stored offsite and one offline. Finally, there must be zero errors following automated backup testing and recoverability verification.
Finally, organizations need a process to fend off data exfiltration. Though immutable data backups are crucial, end-to-end encryption and classic cyber hygiene practices still must be deployed to help guard against data exfiltration or alteration by an attacker. That means using unique passwords for every login source, employing strong multifactor authentication, and removing unused devices, applications and non-essential programs.
LEARN ABOUT: Why strong asset management is necessary for successful continuous monitoring.
Ultimate State and Local Cybersecurity Requires Partnerships
Even with a funding boost, state and local governments cannot take on cyberattacks against critical infrastructure alone. It is incumbent upon the federal government, along with its private sector partners, to continue aiding these smaller governments in their fight against a decentralized army of private citizens and nation-state actors.
Our connected world has brought many advantages for state and local governments. From simply being able to share information with other jurisdictions to working together on projects that improve the quality of life for residents, we live in an exciting time of breakthroughs and discoveries.
With that great power comes the responsibility to make sure networks and the data that travels through them are secure. Cybercriminals have not been shy about exploiting local governments’ quest to bring modern infrastructure to their citizens. State and local governments need support to make their visions a reality without compromising security.