Government agencies are becoming prime targets for cyber attackers, they hold data for ransom. Whatever the rationale of the cyber attackers, it is imperative that government agencies need to pull up their socks to understand the gravity of the situation, Take the Baltimore data breach which occurred twice in less than a year. Large corporations and government agencies, US municipalities need to take a look at their existing IT infrastructure to avoid any future cyber-attacks and look to plug the holes soon.
A recent study by cyber security research firm Recorded Future finds surge in state and local government ransom ware attacks targeting essential infrastructure and processes. The study revealed that reported attacks on state and local government skyrocketed by 39 percent in the US in 2018, and that many of these attacks were opportunistic: in most cases, attackers “stumbled” upon public-sector entities when looking for vulnerable targets.
Though there is no ideal solution, but few suggestive measures that can be considered to avoid a data breach:
- Have a proper maintenance of perimeter security software and infrastructure and test it periodically.
- Backup all critical data
- Beware of phishing
- Remove local admin privileges to contain and block attacks -have a combination of least privilege and application control policies on endpoints and servers as part of a larger Zero Trust approach, to mitigate the risk of attack
- Latest versions of software with regular updates and systems must be in place
- Plug holes in the existing legacy devices during transition to newer systems
- Faster budgetary approvals to purchase security tools.
- Look at providing a cloud-based services to avoid costs and increase security
- Have a proper cyber insurance in place
- Have a proper MSSP who can work provide end point detection and response, security information and event management (SIEM) and other managed services
- Make that transformation change in IT systems and security polices
It is time that organizations and government agencies start getting educated on the risks of these data breaches and take appropriate measure to plug it, as these attacks and data breaches will be on the rise — agility and best security practices must be in place to avoid your next breach.
