It isn’t a surprise that another local government has been the victim of a cyber attack. It happens much too often. As we talked about last week with the Kroger breach as a result of using Accellion file transfer software, we are almost becoming accustomed to it. Almost.
While Frankfort city officials are being careful not to publicly disclose too much information in an effort to protect the investigation, they are reassuring citizens that they are working to help remediate and investigate the incident. They are also working with federal law enforcement and its insurance provider.
Despite their efforts to protect the information on the hack, it seems safe to say that, although the official statement is that it was an IT incident, this indeed was a cyber attack. First, the involvement of federal law enforcement is a clear indication that this is criminal and crosses a minimum threshold. Not to mention that anonymous sources reported that the city is being held ransom.
One saving grace is the assurances that public safety systems and police, fire, and EMS services (including 911 dispatch) have continued operating without disruption. Additionally, city officials say there is “no evidence that any information has been misused”.
Last year, the city of Paducah was hit with a cyber attack that definitely was ransomware and had to pay $30,000 to regain access to their data. In comparison to other ransomware attacks, that was a relatively low ransom.
Should other cities in the Commonwealth of Kentucky be concerned? No, they don’t need to be concerned. They should be terrified!
While Paducah and Frankfort and two of the higher-profile cities in the state, other municipalities have been hit as well, not all of them known. In order to prevent a similar fate, city and county agencies should be proactive.
Do not assume that you are too small to be attacked. Also, do not assume that your IT team is handling your cyber security. This is a common misperception. IT brings value to your organization. Cyber security protects it. The two are complementary but are different.
Whether you call Commonwealth Sentinel or another cyber security firm, you MUST protect your systems before it’s too late. Have an independent vulnerability assessment conducted to determine where your gaps are. Implement those fixes and ensure you have on-going, continuous monitoring of your systems. Lastly, like Frankfort, be sure to have an incident response plan in place to know who you will call and what you will do in the event of an attack.