Are Middle Georgia governments ready for a cyberattack?
Macon-Bibb County escaped serious issues when a group known as the Turkish Cyber Army defaced some government websites by hacking onto them in January.
The outcome — not having important information compromised — was much better than some other places, such as Atlanta and Baltimore, where instances of cyberattacks severely disrupted city operations. For governments like Macon-Bibb, it’s an around-the-clock effort to try to slow down network security breaches.
How extensive can those attempts be for a local government of roughly 1,800 employees?
During a recent 90-day period, Macon-Bibb County was able to block 3.4 million malicious emails, according to the Information Technology Department.
While the strength of the network system is important, so is the educational component.
Cybersecurity involves training, testing, developing policies and teaching employees how to detect various types of malware like bots, bugs and viruses that can infect electronic devices and spread to others, officials said.
One of the people working on the front line of cybersecurity for Macon-Bibb is Don Moody, the systems and network manager for the IT Department.
“Your weakest link in cybersecurity is between the keyboard and the seat,” he said. “Your people are the weakest link because they get in a hurry. People have work to do and they’re trying to process that work so fast, they get an email and just immediately click on it.”
Starting in July, the IT department will test employees’ abilities to spot suspicious emails by sending out internal emails randomly to staff, said Brett Lavender, chief information officer for the IT Department.
An attack on Savannah government in 2018 is believed to have started when an employee opened an email that had a virus that infiltrated other computers, according to WSAV.com.
“Some of these phishing attempts we see now are very targeted, because they’ll acquire your name and figure out if you have an association with someone else and they’ll use that information to trick you into entering information or passwords,” Lavender said.
Some of the keys to cybersecurity are continuously updating software and limiting the type of access employees have based on their job responsibilities, Lavender said.
Even something as simple as frequently changing passwords can thwart some threats, he said.
The county is also a part of the Multi-State Information Sharing and Analysis Center that provides in-depth analysis of cybersecurity issues across the world.
“It helps us concentrate our focus on certain areas where most attacks occur,” Moody said.
Cyberattacks are increasing
Hackers are becoming more sophisticated, and the depths of cybercrimes are becoming more widespread and in some instances posing national security threats.
Several national news outlets reported this week that the U.S. launched a cyberattack against Iran in response to a drone being shot down.
And within the span of a year, hackers attempted to extort bitcoin, a type of electronic cash, by striking Atlanta and Baltimore’s network systems.
Atlanta’s cyberattack in 2018 had a widespread impact ranging from damaging City Hall and court computers, to wiping out some of the Atlanta police dash cam videos and preventing people from paying water bills online. The cost to recover from the breach was projected at $17 million, the Atlanta Journal-Constitution reported.
Meanwhile, Baltimore government is continuing to rebound after May’s ransomware attack froze about 10,000 government computers, according to the Wall Street Journal.
Also, in Middle Georgia, the personal information of Navicent Health patients may have been compromised by hackers, the hospital announced in March.
Even the most proactive security measures may not be enough to fend off cyberattackers, according to the 2019 Verizon Data Breach Investigations Report.
The public sector accounted for 16% of organizations whose data was breached, the study found.
“Regardless of the type or amount of your organization’s data, there is someone out there who is trying to steal it,” the report said. “Having a sound understanding of the threats you and your peer organizations face, how they have evolved over time, and which tactics are most likely to be utilized can prepare you to manage these risks more effectively and efficiently.”
How to stay safe from cybercrimes while on summer vacation
- Be sure to update your electronic devices so that new security measures are put in place;
- Have a password of at least six numbers and a swipe pattern in order to unlock the screen on your smartphone. Laptop passwords should be at least 8 characters with a variation of upper and lower case letters, numbers and special characters;
- The device should automatically go to a lock screen after a certain period of time of inactivity;
- Make sure to use reputable websites when doing activities like booking a summer vacation;
- Verify the of public Wi-Fi networks and refrain from logging into personal accounts while using them.