Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
2/28/2019
1
#HackedHow safe is your city?
Mike Sturm, IT Director, City of San Marcos
Beth Ann Unger, IS Manager, City of Frisco
How frequently are local governments under cyberattack?
Source – 2016 Survey by International City/County Managers Association (ICMA) and University of Maryland, Baltimore County (UMBC)
0
10
20
30
40
50
60
70
Hourly or more At least once a day Less than daily Don't know
Attacks Incidents Breaches
2/28/2019
2
How well prepared are local governments to respond to cyberthreats?
0 20 40 60 80 100 120
Detect attacksDetect incidents
Prevent breachesRecover from breaches
Detect exfiltrationPrevent exfiltration
Recover from exfiltrationRecover from ransomware
Very Good / Excellent Good Poor / Fair Don't KnowSource – 2016 Survey by International City/County Managers Association (ICMA) and University of Maryland, Baltimore County (UMBC)
Are Cities Really a Target?
"Government organizations, in particular city governments, are prime targets; they not only process a lot of citizen and business data, but are also less secure as tighter budgets severely limit what IT updates they can carry out," Bittner said. "Bad actors have no doubt put the 89,000 local governments across the country in their cross-hairs. It is just a matter of time before many of these governments realize they’ve been hacked.“Mike Bittner, Digital Security & Operations manager at The Media Trust
2/28/2019
3
In the News
https://securitytoday.com/articles/2019/01/15/ransomware-attack-closes-down-texas-town.aspx
In the News
https://abc13.com/technology/houston-city-systems-were-hacked-twice/4925202/
2/28/2019
4
https://www.wired.com/story/atlanta-spent-26m-recover-from-ransomware-scare/
In the News
https://www.nbcnews.com/news/us-news/baltimore-s-911-emergency-system-hit-cyberattack-n860876
In the News
2/28/2019
5
In the News
https://www.kbtx.com/content/news/City-of-Bryan--506137221.html
In the News
https://www.houstonchronicle.com/news/houston-texas/houston/article/Harris-County-looks-to-boost-cyber-security-after-
12524738.php
2/28/2019
6
https://www.nytimes.com/2017/04/08/us/dallas-emergency-sirens-hacking.html
In the News
https://www.denverpost.com/2018/04/05/samsam-ransomware-cdot-cost/
In the News
2/28/2019
7
This map issued by the Justice Department reveals the scope of the ransomware attack that struck the city of Atlanta government computers and more than 200 victims across the country, including hospitals, local governments and public institutions. SOURCE: U.S. Justice Department (The Atlanta Journal-Constitution)
https://patch.com/colorado/denver/feds-indict-iranian-hackers-samsam-ransomware-cdot-others
Two People Responsible for SamSam
2/28/2019
8
This map issued by the Justice Department reveals the scope of the ransomware attack that struck the city of Atlanta government computers and more than 200 victims across the country, including hospitals, local governments and public institutions. SOURCE: U.S. Justice Department (The Atlanta Journal-Constitution)
Common Threats
2/28/2019
9
Single Layer of Deterrents
Invaders
2/28/2019
10
14 BillionSpam messages aresent on a daily basis
Hackers Work FastUnfortunately, hackers work fast, too. According to May 2017 research by the Federal Trade Commission,it took only nine minutes before the hackers tried to access the information from a fake data breach. –Melanie Lockert , Credit Krama Inc
2/28/2019
11
According to industry analysts, cybercrimes are expected to cost $6 trillion annually worldwide by
2021... and 2019 could be the worst year yet for cyberbreaches. - Texas Government Insider, Strategic Partnerships, Inc.
Categories of Phishing Messages
Vishing
Smishing
Search Engine PhishingSpear Phishing
Whaling
PHARMING
2/28/2019
12
Strong Foundation
CJIS
HIPAA
SCADAPCI
FinancialPayroll
Homeland Security
State and Federal regulations
Human FactorCrypto locker
Financial Phishing Scams
W-2 Phishing Scam
Cloud Services – Denial of Services
Financial Fraud
2/28/2019
13
Smart Initiatives
Layered Defense
2/28/2019
14
What’s the current status of the cybersecurity program in your local government?
Developed security awareness training
for workers and contractors
64%
Created a cultureof information
security in yourgovernment
63%
Acquired and implemented continuous
vulnerability moni-toring capabilities
57%
Obtainedcyber
insurance
54%
Established trusted partnerships for
information sharing and response
50%
Adopted a cybersecurity
framework, based on national standards
and guidelines
42%
Adopted a cybersecurity strategic plan
35%Developed a
cyberresponse plan
27%
Used metrics and testing to
documentprogram
effectiveness
25%In July-August 2018 PTI conducted a survey of local government I.T. executives representing cities and counties across the U.S.
How Safe is Your City?
Have your city adopted security policies that define acceptable behaviors and practices?
Resources:• TML Risk Pool – city login required to access eRiskHub
• https://www.sans.org/security-resources/policies/general
2/28/2019
15
How Safe is Your City?
Does your city provide regular security awareness training?
Resources:• www.knowbe4.com
• www.sans.org
• TML Risk Pool – city login required to access eRiskHub
How Safe is Your City?
Does your city conduct regular security assessment or audits?
Resources:• Department of Homeland Security Services Catalog
• Texas Department of Information Resources Managed Security Services
2/28/2019
16
How Safe is Your City?
Does your city have Cyber Liability Insurance Coverage?
Resources:• TML Risk Pool – provides coverage to Risk Pool members.
Additional coverage available for a modest additional fee.
It’s Not a Matter of If, but When
• Security Can be Inconvenient - Empower your Information Technology (IT) staff to help protect you
• If you don’t have internal IT resources, procure managed security services
• Department of Homeland Security Services Catalog
• Texas Department of Information Resources Managed Security Services
• No amount of money or resources will guarantee your security
• Identify your resources and have a plan before an incident occurs
2/28/2019
17
Additional Free Resources for IT Staff
Center for Information Security (CIS) https://www.cisecurity.org/
• CIS 20 Critical Controls: https://www.cisecurity.org/controls/
• Benchmarks: Secure Configurations for 100+ Operating Systems and software
• Hardened Images: https://www.cisecurity.org/hardened-images/
• CIS SecureSuite: https://www.cisecurity.org/cis-securesuite/
• Free Tools and Resources
•CIS-CAT Pro – Vulnerability & Benchmark scanning tool
Additional Free Resources for IT Staff
MS-ISAC: https://www.cisecurity.org/ms-isac/
• 24/7 Security Operation Center
• Incident Response Services
• Cybersecurity Advisories and Notifications
• Malicious Code Analysis Platform (MCAP)
• Access to Cybersecurity Table-top Exercises
• Vulnerability Management Program
• Nationwide Cyber Security Review (NCSR)
• Awareness and Education Materials
2/28/2019
18
Additional Free Resources for IT Staff• Cyber Training
• Federal Virtual Training Environment (FedVTE)
• (https://niccs.us-cert.gov/training/federal-virtual-training-environment-fedvte)
• Texas Engineering Extension Service (TEEX)
• (https://teex.org/Pages/Program.aspx?catID=607&courseTitle=Cybersecurity)
• DHS Catalog of free services: https://www.us-cert.gov/sites/default/files/c3vp/sltt/SLTT_Hands_On_Support.pdf
#HackedHow safe is your city?
Mike Sturm, IT Director, City of San Marcus
Beth Ann Unger, IS Manager, City of Frisco