Monday, 22 February 2021 18:26

Soft target: how Australia’s councils can protect themselves from ransomware attacks in 2021

By Simon Howe, LogRhythm
Simon Howe, Vice President Sales Asia Pacific, LogRhythm Simon Howe, Vice President Sales Asia Pacific, LogRhythm

GUEST OPINION by Simon Howe, Vice President Asia Pacific – Sales, LogRhythm:  Legacy systems, lack of awareness and limited resources have left local authorities vulnerable to cyber-attacks but there are steps they can take to strengthen their defences.

Wondering if your organisation could withstand a ransomware attack? Or whether it would be able to recover quickly, should the worst occur?

For many of Australia’s 562 local councils, the answer to both questions is likely to be no.

Cyber-security is the second biggest risk to the sector after financial sustainability, according to 2019 research conducted by JLT, on behalf of Local Government Professionals Australia.

As councils struggle to balance the books while continuing to deliver the services ratepayers expect, investing in high tech protection has slid down the priority list.

“Most of the IT departments are explaining that they’re dealing with a lot of old and legacy systems and that the cost to upskill their staff and upgrade their systems to ensure adequate cyber preparedness and security is beyond the capacity of the current budget,” LGPA CEO Clare Sullivan commented upon launch of the JLT Public Sector Risk Report 2019.

Real and rising danger

And then along came COVID and upped the ante. The onset of the pandemic saw a surge in malicious cyber-activity, as hackers and cyber criminals sought to cash in on the fear and uncertainty generated by the pandemic to scam individuals and organisations.

More worrying, however, was the announcement in June 2020 by Prime Minister Scott Morrison that the country’s public and private sectors were under sustained attack, from a sophisticated, state based cyber actor.

“This activity is targeting Australian organisations across a range of sectors, including all levels of government,” Morrison stated.

So, how can local councils prepare themselves for the very real prospect of attack and ensure they’re well placed to mitigate the damage, should the worst occur?

Address your vulnerabilities

Attending to the housekeeping is a good first step. A sizeable proportion of ransomware attacks are caused by unpatched software so implementing a rigorous patching protocol should be top of the To Do list.

Employees represent another potential vulnerability. They can’t be patched but they can be educated – about how to spot and avoid phishing emails and social engineering gambits. These are both common catalysts for ransomware attacks and your defence will be hardened if your workforce is on high alert.

Lock down access

Configuring your high tech infrastructure more securely is also critical. The fewer the number of applications a user can access, the less opportunity a hacker has to take control of core systems, having used them to gain an ‘in’.

That’s why providing access privileges on an ‘as needed’ basis and not providing administrative privileges to remote users can make it harder for attacker to wreak widespread havoc or cripple your entire array of applications with ransomware.

Embracing a zero trust security methodology is another way you can make your attack surface more difficult for adversaries to penetrate.

The term ‘zero trust’ was coined by Forrester in 2009 and is used to refer to a philosophy that calls for individuals and devices to provide proof of their identity, each and every time they log on to the corporate network.

A zero trust model requires all users and devices to be furnished with a unique identity, thus improving visibility of the network and making it easier to contain incidents and prevent the spread of malicious software.

Back up thoroughly

Back-ups are the key to fast recovery but to ensure your organisation is able to restore normal service after an attack, you need to do more than just run them frequently. Back-up tapes need to be stored offline and offsite, so they can’t be encrypted, as it’s unfortunately all too possible for files that are automatically backed up to the network or cloud to be.

Continuing to serve Australia’s local communities

In 2021, cyber-attack is an unfortunate fact of life, for businesses and organisations of all stripes, and Australia’s local councils are far from immune. Acting now to strengthen your security posture will see you better placed to prevent and recover from incidents, should your organisation fall into the crosshairs.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments