President Joe Biden on March 21, 2022, warned that Russian cyberattacks on U.S. targets are likely, though the government has not identified a specific threat. Biden urged: “Harden your cyber defenses immediately.”
It is a costly fact of modern life that organizations are vulnerable to cyberattacks, and the threat of cyberattacks from Russia and other nations makes a bad situation worse. Individuals, too, are at risk from the current threat.
Local governments, like schools and hospitals, are particularly enticing “soft targets” – organizations that lack the resources to defend themselves against routine cyberattacks. For those attacking such targets, the goal is not necessarily financial reward but disrupting society at the local level.
The services provided by local governments entail an intimate and ongoing daily relationship with citizens and businesses. Disrupting their operations disrupts the heart of U.S. society by shaking confidence in local government and potentially endangering citizens.
In the crosshairs
Local governments have suffered successful cyberattacks on targets ranging from 911 call centers to public school systems. The consequences of a successful cyberattack against local government can be devastating.
A poll of local government chief security officers revealed that nearly one-third of U.S. local governments would be unable to tell if they were under attack in cyberspace.
Lack of sound IT practices and effective cybersecurity measures can make successful cyberattacks even more debilitating. Almost half of U.S. local governments reported that their IT policies and procedures were not in line with industry best practices.
A cybersecurity challenge is found where local governments struggle in hiring and retaining the necessary numbers of qualified IT and cybersecurity staff with wages and workplace cultures that compare with those of the private sector or federal government.
Additionally, local governments are limited by the need to comply with state policies, the political considerations of elected officials and the usual perils of government bureaucracy. Challenges like these can hamper effective preparation for, and responses to, cybersecurity problems – especially when it comes to funding.
Large local governments are better positioned to address cybersecurity concerns than smaller local governments. Unfortunately, like other soft targets in cyberspace, small local governments are much more constrained.
Getting the basics right
Local governments in the U.S. are enticing targets. Artificial intelligence hacking tools and vulnerabilities introduced by the spread of smart devices and the growing interest in creating “smart cities” put local governments even more at risk.
There’s no quick or foolproof fix to eliminate all cybersecurity problems, but one of the most important steps local governments can take is clear: Implement basic cybersecurity. Emulating the National Institute of Standards and Technology’s national cybersecurity framework or other industry accepted best practices is a good start.
Summarized from www.theconversation.com