It has been reported that cyberattacks towards local governments in 2020 have been increased by fifty percent since 2017. Moreover, the cyberattacks by malicious behavior like an intrusion into systems or organizations. Or fraudulent activity and hacker-induced damage. Analysts reported that since many attacks are undetected, the %50 rise in attacks could be a significant reality.
Cyberattacks towards local governments in 2020 caused by many things. The biggest deficiency of the state and municipal governments is the relative absence of safety measures to inform and regulate users and the lack of basic cyber security policies for their platforms and data sources. In addition, federal agencies buy their insurance packages because of regular operational principles. Hackers know the system very well and attack these bodies being aware of their insurance. So, they know insurance is going to pay the ransomware anyway.
1. Ransomware
Cyberattacks towards local governments in 2020 mostly caused by ransomware. Ransomware has risen dramatically because of the frequency of attacks against governments. The rise in the ransom demands of hackers is also important. In the past few years, attackers usually demanded amounts between $20,000-$40,000. But now, the number goes up to a million dollars. The results of not paying the ransom are also very concerning. It is a known case that municipalities spent millions of dollars on recovery.
Smaller municipalities believe that they’re not really under threat because of their nature. But they don’t know that attackers are approaching them because they are not adequately equipped in cyber protection services.
2. Phishing
Phishing is another main attack method used by attackers for cyberattacks towards local governments in 2020. It is a type of social manipulation to trick people through the traps of the attacker. Attackers expect people to click email attachments or links that install malware that allows attackers access to the device in phishing scams. The findings show that typosquatting was the key explanation of why consumers were fooled. When using the typosquatting technique attackers use fake domains that look like the real one to trick people into clicking a link. After clicking on the link, they expect users to log in to the fake site. For example, they use “turnblr.com” rather than “tumblr.com.” After the attackers get the credentials, they use it according to their needs.
In advance of the elections, governments will also need to organize and establish an effective data protection policies for cyberattacks towards local governments in 2020.
Here are some very important recommendations that can make governments and municipalities cyber-secure if they want to protect their data.
- Enforcing solid passwords and using password security practices.
- Trying to improve remote access systems.
- Making sure your remote devices shut down immediately after you use them.
- Using two-factor authentication when it is possible.
- Using two-factor authentication for every device that has remote access.
- Making sure your passwords are unique and have at least 14 characters.
- Using a Password Manager application to save all your long passwords in one place.
Here are the actions you can take against cyberattacks towards local governments in 2020.
- Use our cyber security training to educate your employees.
- Organize fake phishing test for the employees to make sure they are prepared
- To protect both important and confidential data, try using the 3-2-1 backup system.
- Control your staff with data security policies.
- Educate the team on how to use the Password Master.
- To avoid phishing attacks using a similar domain name, adopt the correct Internet protocol.
- Record your domain name to prevent attackers from using your domain.
Following these guidelines is a good start in developing a solid defense for every kind of threat.
“This post is originally published at www.phishing.org.uk”
Teknoloji Haberleri