Richard Stephenson 18 May 2020

Cyber crisis management

No single event to date, other than the very advent of the internet, has changed the cybersecurity landscape more than COVID-19. Along with the severe long-term health and economic consequences, the coronavirus outbreak has increased a variety of security risks to private businesses and the public sector, primarily due to the rapid shift to remote working.

The move to working remotely creates increased risk for local governments, as criminals are exploiting the chinks in cybersecurity armour. This threat is so severe that the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) published a joint advisory notice warning that cybercriminals are targeting organisations with a range of ransomware and malware.

Councils were already under threat, having been hit by more than 263 million cyber-attacks in the first half of 2019 alone according to figures gathered by insurance broker Gallagher using the Freedom of Information (FoI) Act, so it’s clear that urgent action is needed to prevent the further threat. To begin with, local governments must understand what the threats are, and what can be done.

First, the use of online channels and heightened activity on customer-facing networks has increased tremendously as local government employees work from home, and activities ranging from services and collaboration platforms to document storage are moving online. The transfer of more services to the internet as a result of the coronavirus has increased public sector risk exposure to systems penetration and data theft. This is particularly concerning as local governments are often dealing with sensitive/confidential information.

Secondly, remote working has required organisations to widen access rights on personal mobile devices and tools. Off-site devices are not centrally controlled (for network access control or end-point data protection) and are connected to a typically less secure open home WiFi network. Usually, local government offices complement WiFi networks with advanced computer networks such as intranets, VPNs or private clouds - none of which local government employees’ homes are likely to be equipped with. In addition, some users may not have strong multi-factor authentication on personal devices and may transmit data over non-secure and noncontrolled channels which dramatically increases cybersecurity vulnerabilities.

Thirdly, with the creation of new websites to disseminate information for the public and resources to combat the coronavirus, attackers are exploiting the weak security controls on many of these sites and devices to spread malware via drive-by downloads. Once installed, a malicious application can steal a user’s confidential data or gain access to protected systems by tricking legitimate users.

Click through rates for phishing emails and success rates of fake caller agents can also increase if employees bypass asking co-workers about suspicious emails or calls, which they could be liable to do now that this requires a dedicated email or phone call as opposed to an informal chat with the person next to them. In fact, Mimecast Threat Intelligence reports that the company’s email security systems prevented delivery of nearly 24 million suspected coronavirus phishing emails in the week leading up to (and including) March 23rd 2020, equating to 16% of approximately 150 million emails scanned by Mimecast during the period.

As the coronavirus outbreak progresses, cyber attackers will continue their efforts to exploit local government vulnerabilities. To remain vigilant and effective, local authorities should work with their security teams to identify likely cyberattack vectors as a result of more employees working from home and prioritise the protection of their most sensitive information and business-critical applications.

To maintain secure operations, and mitigate risks of remote access to sensitive data, local authorities should ensure all corporately owned or managed devices are equipped with essential security capabilities, extending the same network security best practice to the home. It is essential to implement multifactor authentication, use strong password protection and enforce endpoint protection on devices, including VPN tools with encryption. This is particularly important when there is an increase in virtual meetings and confidential information being shared online.

Eliminating risk events during crises is difficult, but local governments can reduce the risk associated with incident response. The importance of crisis response lies in dedicated crisis management platforms for encrypted communications. Local governments should reiterate to employees their safe remote-working protocols and their procedures for threat identification and escalation. They must ensure that remote-working policies are clear and include easy-to-follow steps that help make employees' remote environments secure.

It is essential that during a crisis, local government leaders play critical roles in securing their organisation and ensuring that they respond to cyber threats by balancing employee protection with business continuity. We should also recognise that our threat environment is not static, which means it's important to keep a close eye on evolving cyberthreats to avoid unnecessary disruptions in a time when we can least afford them.

Richard Stephenson is CEO of YUDU Sentinel

For your free daily news bulletin
Highways jobs

Assistant Prevention Practitioner

Essex County Council
£23456 - £29933 per annum + + 26 Days Leave & Defined Benefit Pension
Assistant Prevention PractitionerPermanent, Full Time£23,456 to £29,933 per annumLocation
Recuriter: Essex County Council

Senior Business Analyst

Royal Borough of Greenwich
£51093 - £54129 per annum
Recuriter: Royal Borough of Greenwich

Head of Finance & Property Services (Deputy Section 151 Officer)

Bassetlaw District Council
Up to £74,377
We are looking for an innovative and positive individual Nottinghamshire
Recuriter: Bassetlaw District Council

Head of Planning and Place

Bassetlaw District Council
Up to £74,377
We are looking for an innovative and positive individual Nottinghamshire
Recuriter: Bassetlaw District Council

Business Support Assistant

West Northamptonshire Council
The primary objective of this role is to deliver confidential administrative assistance to the manager and team, utilizing relevant systems, protocols, and resources. This involves promptly addressing telephone and email inquiries and upholding high stand Northampton
Recuriter: West Northamptonshire Council
Linkedin Banner

Partner Content

Circular highways is a necessity not an aspiration – and it’s within our grasp

Shell is helping power the journey towards a circular paving industry with Shell Bitumen LT R, a new product for roads that uses plastics destined for landfill as part of the additives to make the bitumen.

Support from Effective Energy Group for Local Authorities to Deliver £430m Sustainable Warmth Funded Energy Efficiency Projects

Effective Energy Group is now offering its support to the 40 Local Authorities who have received a share of the £430m to deliver their projects on the ground by surveying properties and installing measures.

Pay.UK – the next step in Bacs’ evolution

Dougie Belmore explains how one of the main interfaces between you and Bacs is about to change.