Wondering if your organisation could withstand a ransomware attack? Or whether it would be able to recover quickly, should the worst occur?
For many of Australia’s 562 local councils, the answer to both questions is likely to be no.
Cyber-security is the second biggest risk to the sector after financial sustainability, according to 2019 research conducted by JLT, on behalf of Local Government Professionals Australia.
As councils struggle to balance the books while continuing to deliver the services ratepayers expect, investing in high tech protection has slid down the priority list.
“Most of the IT departments are explaining that they’re dealing with a lot of old and legacy systems and that the cost to upskill their staff and upgrade their systems to ensure adequate cyber preparedness and security is beyond the capacity of the current budget,” LGPA CEO Clare Sullivan commented upon launch of the JLT Public Sector Risk Report 2019.
Real and rising danger
And then along came COVID and upped the ante. The onset of the pandemic saw a surge in malicious cyber-activity, as hackers and cyber criminals sought to cash in on the fear and uncertainty generated by the pandemic to scam individuals and organisations.
More worrying, however, was the announcement in June 2020 by Prime Minister Scott Morrison that the country’s public and private sectors were under sustained attack, from a sophisticated, state based cyber actor.
“This activity is targeting Australian organisations across a range of sectors, including all levels of government,” Morrison stated.
So, how can local councils prepare themselves for the very real prospect of attack and ensure they’re well placed to mitigate the damage, should the worst occur?
Address your vulnerabilities
Attending to the housekeeping is a good first step. A sizeable proportion of ransomware attacks are caused by unpatched software so implementing a rigorous patching protocol should be top of the To Do list.
Employees represent another potential vulnerability. They can’t be patched but they can be educated – about how to spot and avoid phishing emails and social engineering gambits. These are both common catalysts for ransomware attacks and your defence will be hardened if your workforce is on high alert.
Lock down access
Configuring your high tech infrastructure more securely is also critical. The fewer the number of applications a user can access, the less opportunity a hacker has to take control of core systems, having used them to gain an ‘in’.
That’s why providing access privileges on an ‘as needed’ basis and not providing administrative privileges to remote users can make it harder for attacker to wreak widespread havoc or cripple your entire array of applications with ransomware.
Embracing a zero trust security methodology is another way you can make your attack surface more difficult for adversaries to penetrate.
The term ‘zero trust’ was coined by Forrester in 2009 and is used to refer to a philosophy that calls for individuals and devices to provide proof of their identity, each and every time they log on to the corporate network.
A zero trust model requires all users and devices to be furnished with a unique identity, thus improving visibility of the network and making it easier to contain incidents and prevent the spread of malicious software.
Back up thoroughly
Back-ups are the key to fast recovery but to ensure your organisation is able to restore normal service after an attack, you need to do more than just run them frequently. Back-up tapes need to be stored offline and offsite, so they can’t be encrypted, as it’s unfortunately all too possible for files that are automatically backed up to the network or cloud to be.
Continuing to serve Australia’s local communities
In 2021, cyber-attack is an unfortunate fact of life, for businesses and organisations of all stripes, and Australia’s local councils are far from immune. Acting now to strengthen your security posture will see you better placed to prevent and recover from incidents, should your organisation fall into the crosshairs.