Hackers continue to make more frequent and sophisticated attempts to infiltrate municipalities and government computer systems. In the past month, Augusta, Georgia, and Dallas, Texas, are among the cities who have seen system breaches. Some of the unauthorized access is simply people clicking on a wrong link while others are premeditated attempts to steal data through the breach.
They aren’t easy to defend, but everyone, including individuals, governments and businesses, need to be vigilant with their protocols and security.
Michael Nowatkowski is the head of the cyber program of study in the School of Computer and Cyber Sciences at Augusta University and knows there are a lot of bad actors out there.
“There’s potential, if they are able to get onto your system, that it would be something like ransomware, where they would prevent you from using your data,” said Nowatkowski.
He added it might not be just for monetary gain. They could simply eavesdrop and collect data without anyone’s knowledge.
“You want to find them as quickly as possible so they can’t perform these malicious activities or sit in a dormant state just collecting data for a long period of time,” he added.
When it comes to attacks on cities, Nowatkowski said the bad actors may just want to discredit the city or agency by defacing their webpages. In other cases, they may force a ransomware attack to get money out of the city to re-access their data.
He added it’s a challenge to prepare and defend for the attacks, as you never know what the attack vector is going to be.
“For cities to defend, they always have to be vigilant. They should try to encourage their users to use the systems responsibly. User education is a very big step and is a proactive step in defending your networks,” said Nowatkowski.
He also said, if an attack did happen, it’s important to look for ways to prevent future attacks, try to figure out the root cause of how the attack happened and put measures into place to prevent them from happening in the future. This may include having a third party come in and do an assessment of the network to look for vulnerabilities.