In 2019, public administrations have suffered a great deal at the hands of cybercriminals. In January, the city hall of Del Rio, Texas, suffered a ransomware attack that forced its employees to carry out their work with pen and paper. This incident was first in a wave of ransomware attacks on public administrations all over the world, which is still affecting organizations.
In the United States, the list of victims hasn’t stopped growing: Greenville, Baltimore, Jackson County, Rivera Beach… And these attacks have now also arrived in Europe. Halfway through September, several city halls in Spain were hit by a series of ransomware attacks. In several institutions in the Basque Country, there were at least four reports of alleged cybercrimes, while the Jerez Municipal Government announced that it had been attacked by a ransomware called Ryuk.
Councils under attack in the United Kingdom
The intensity of the cyberattacks on public administrations in 2019 has become clear in the United Kingdom. According to the insurance company Gallagher, in the first half of the year, British councils received 800 cyberthreats every hour—a total of 263 million attack in this period. However, this figure would probably have been higher if it included the councils that did not respond to Gallagher’s freedom of information request.
A total of 203 councils in the United Kingdom responded to this request. Of these organizations, 49% had been attacked since the start of 2017, while 37% had experienced an attack in the first half of this year.
In spite of the intensity of these attack attempts, the majority of councils are well protected against cybercriminals: only 17 of the cyberattacks reported resulted in the loss of money or data. However, despite this apparently relatively low success rate, one of the incidents led to cybercriminals stealing £2 million (2.324.200€).
Only one threat needs to get in…
This last example serves to highlight the fact that, even if an organization manages to block 99.99% of attempted cyberattacks, that 0.01% can cause a lot of problems. “Councils are facing an unprecedented number of cyber-attacks on daily basis,” explained Tim Devine, managing director of Public Sector & Education at Gallagher. “While the majority of these are fended off, it only takes one to get through to cause a significant financial deficit.”
Stop any threat from getting into your organization
Most of the attacks in the report are likely to be “automated probing and discovery tools”—in other words, cybercriminals investigating networks in search of weak points, and not real attempted attacks. However, they are a useful reminder of the intensity of the cybercriminal activity that we are currently experiencing.
To protect against this activity, it is essential that the attack surface is reduced as much as possible, and that all possible points of entry for cybercrime are closed. To do this, it is a good idea to follow a series of guidelines.
1.- Search for and protect weak points in the system. These weak points are exactly what cybercriminals are after when they break onto a network, and therefore need to be protected. To ensure that they are not used as an entry vector for an attack, an in-depth analysis of the whole IT system must be carried out in order to locate them.
2.- Employee training. It is often repeated, but the fact remains that the employees of a company or organization are usually the weakest link in the cybersecurity chain. This is why it is so vital to insist on the importance of being cautious when opening emails and their attachments, clicking on suspicious links, or even plugging in flash drives.
3.- Advanced cybersecurity. To guarantee total security, organizations must have advanced cybersecurity solutions. Panda Adaptive Defense, which not only acts against possible cyberattacks that are already underway, but also does prior work, cataloging existing threats and analyzing new trends. Thanks to a combination of all these factors, it is able to automatically predict new threats.