SLTT government face a unique threat with their cybersecurity. They control and maintain much of the critical infrastructure that runs our communities as well as hold personal identifiable information including names, addresses, social security numbers etc. This means that local governments must know what these threats mean for their communities and how to combat them.
One of the biggest obstacles to cybersecurity education are the various terms and definitions that may not be common knowledge to some.
Below are some common terms that SLTT’s need to know to protect your local government from bad actors.
Malware: Malicious software or malware, is a form of software that is downloaded on a device that blocks user access, steals data, downloads viruses, etc. Malware can also be used to encrypt files in ransomware attacks.
Ransomware: Ransomware is a tactic used by cyber criminals to financially exploit organizations. A hacker group may install malware on a system to encrypt and steal that organizations data and then hold it for ransom. That organization won't receive the decryption key unless they pay up and sometimes they may not receive it at all.
Phishing: A form of social engineering, phishing is a tactic used by cyber criminals to gain a foothold into an organization's IT systems. Phishing often comes in the form of an email sent to an employee with some sort of call to action. The email may ask the user to click on this link, download this file, or just give up information right there. If the user falls for this is could lead to a larger data breach.
Spear Phishing: Spear phishing is a much more targeted form of phishing where bad actors research the the organization, gather information on their target, and send a highly specific phishing email that looks legitimate.
Brute-force: Brute force attacks are often used to try and crack login credentials through the process of trying over and over again to force their way into the organizations systems. Many people use short, personal, and easy to remember passwords that hackers can brute force within a matter of seconds. If these passwords are used across multiple applications then they now have access to all of those accounts.
Direct Denial of service: An attack that overwhelms a server by sending thousands of connection requests and traffic to crash an IT system.
While these terms aren't all encompassing they are some of the most common threats that your SLTT’s need to know and may face in the coming years. Security awareness training is essential in order to educate users on the threats that await them on the internet and when they login for work.
CorpInfoTech can make sure your local government is prepared in the event of a cyber attack!
CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. CorpInfoTech can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.