The password is not disappearing. However, passwordless authentication is gaining popularity. In...
Cyberattacks are Unprepared by Public Safety Groups
Public safety organizations are frequently targeted by cyberattacks, but according to a recent survey by Verizon, only 15% of these organizations feel that they are adequately prepared to defend against them. This survey coincides with a report from Resecurity, which highlights a rise in a malicious activity specifically targeting law enforcement agencies during the second quarter of 2022.
The potential impact of any incident on community welfare and public safety cannot be overlooked. However, the challenge lies in improving security with limited public budgets. Fortunately, implementing a few straightforward tactics can significantly enhance security measures.
Not Well Organized in Cyberattacks
The Verizon study indicates that less than 50% of respondents believe that their agency is adequately prepared to handle a cyberattack. Additionally, only 15% of respondents feel that their agency is “very prepared” to tackle such an attack.
Law enforcement agencies appear to be more confident in their security measures. In the case of a cyberattack, 58% of police departments feel that they are somewhat prepared, and 20% feel very prepared. However, EMS departments are the least confident, with only 12% feeling very prepared in the event of a cyberattack.
Continued Reports of Cyberattacks
According to the Resecurity report, during the second quarter of 2022, law enforcement email accounts were targeted by malicious actors for illicit reasons. A recent malicious trend involves the sending of counterfeit subpoenas and Emergency Data Requests (EDRs) to businesses in order to obtain confidential information. The threat actors aim to acquire sensitive data such as billing history, addresses, phone call records, and text history, among others, which can be used for extortion purposes.
In May 2022, a notable EMS provider in New York was the victim of a ransomware attack, which led to the compromise of the information of more than 300,000 patients. The attackers employed a typical double-extortion tactic: they extracted files, encrypted systems, and then demanded a ransom, threatening to release the data if their demands were not met.
Even fire departments are not immune to cyberattacks. In September 2022, attackers purportedly stole paychecks from a fire department in South Carolina. Authorities reported that the intruders managed to obtain remote access to the Assistant Chief’s email and employee payroll accounts. Subsequently, the criminals manipulated the direct deposit details of the employees, rerouting the payroll earnings to prepaid debit card accounts controlled by the attackers.
Reducing Risk on a Budget
Certainly, public service organizations operate within a constrained budget. Therefore, what measures can they take to enhance their security stance?
As per CISA, there are particular strategies that can be highly effective in enhancing security without incurring significant costs. Some of the approaches that public safety organizations can adopt to fortify their defenses against cyber-attacks include:
- Multi-factor authentication (MFA): It is recommended to apply this security measure across all department accounts, and there are low-priced or free applications available for this purpose. Enforcing multi-factor authentication (MFA) substantially increases the difficulty for a cyber-criminal to gain unauthorized access to your system.
- Software updates: Make sure to verify and apply any available updates on all essential software, and enable the automatic update feature. This is important for maintaining the security of mission-critical systems.
- Employee training: Most cyber-attacks that are effective commence with a phishing email. It is essential to educate staff members on how to identify phishing attacks and prioritize recurrent training sessions to refresh their knowledge on this topic.
- Utilize robust passwords or a password manager tool to create and save distinctive passwords, which can serve as an additional defense against attacks.
Keeping Public Safety Safe
Cyberattacks targeting police, fire, and EMS departments are particularly alarming due to their potential to disrupt crucial services and result in tangible harm. Therefore, it is crucial that these organizations intensify their measures to prevent cyber incidents.
Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.
For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com