Catch Of The Week: Columbus Cyber Attack

By REBECCA RUTHERFORD
Los Alamos

For the Los Alamos Daily Post

Cyber-attacks can be crippling, especially so when they hit local  governments. Columbus, Ohio is the latest victim of a cyber-attack, details are slim, but they have been hit hard.

City email and other systems have crashed and are unusable, including permitting systems, systems used by law enforcement and first responders, and more.

The issue has been ongoing for more than a week. Their CADS (Computer Aided Dispatch System) is used by first responders and is still impacted by the cyber incident, with no ETA on when it will be fully recovered.

Events unfolding in Columbus mirror events in Cleveland earlier this summer, in June, when that city suffered through a cyber-attack as well. Cleveland remained very sparse with details during the event, but finally confirmed it was indeed a ransomware attack after a local news station published evidence showing this. They obtained screenshots of city computers showing that they were suffering from a ransomware infection from a well-known ransomware gang.

It is unknown whether Cleveland paid a ransom, or whether Columbus has paid or will pay a ransom. Ransomware attacks are awful because even if an organization pays to restore services, there is no guarantee that they will not still suffer a data breach if the stolen data is leaked intentionally or otherwise. The data breach aspect of a ransomware attack can make these even more costly than just downtime.

Interestingly in the article on the Cleveland attack, a “city insider” noted that Cleveland has never required cyber awareness training of their employees. The biggest way attackers get into an organization is by exploiting weaknesses in people, so lacking even a basic cyber awareness program is less than ideal.

The best thing local governments can do to defend against cyber-attacks is to invest in a good cyber awareness program for their employees, and to teach them to watch out for phishing and other social engineering attacks. Additionally, they should maintain a good vulnerability management program to help keep all systems and applications patched and up to date. It’s a rough world, and there are so many attackers out there, a good cybersecurity program is the best defense out there.

Editor’s note: Rebecca Rutherford works in information technology at Los Alamos National Laboratory.

Search
LOS ALAMOS

ladailypost.com website support locally by OviNuppi Systems