As the COVID-19 pandemic sweeps across the nation, local governments are scrambling to find the resources—in time, money, supplies, and people—to protect their employees’ and constituents’ health and safety. Unfortunately, the looming threat of a COVID-19 outbreak requires undivided attention from local governments, which means they could be susceptible to another type of disaster: a cyber-attack. Cybersecurity researchers have seen cyber-attacks on local governments rise as much as 667% during the outbreak, and both the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued warnings in April 2020 describing a spike in hackers exploiting the pandemic.
A 2019 cyber-attack on the City of New Orleans was so severe that Mayor LaToya Cantrell was forced to declare a state of emergency. The attackers deployed a ransomware attack that affected more than 3,000 city-owned computers and servers and left the city with more than $7 million in damage. According to city officials, the attack could have been much more severe and the costs to restore the city’s infrastructure could have been millions more had the city not detected the attacker’s suspicious activity early on in the attack. Officials believe a type of Russian ransomware was responsible for the attack. In March 2020, Durham City and the County of Durham were victimized by the same Russian ransomware, and although Durham escaped the attack without having to pay any ransom to restore its infrastructure, around 80 servers must now be rebuilt and over 1,000 computers will require re-imaging.
The latest attack has arrived on the shores of South Africa. Swartland municipality has been hacked with a severe impact on service delivery, communication and data-loss.
As they are focusing on the recovery phase, other municipalities should focus their attention on prevention.....it will be much cheaper than the cure.
In this training NSA tries to expand the base knowledge around these events. We cover three critical issues:
- The most common types of cyber attacks.
- The role of risk management and internal audit as part of the three lines model.
- A focus on key issues and questions that can be asked right now.
Watch the three videos to as a basis for determining the potential likelihood and impact.
The course material will be updated on an ongoing basis, once registered you will have access for the next 6 months.