Cyber security leaders of U.S. cities and states must protect their systems and data from nation-state attackers, including Russian hackers.
President Biden has warned of potential Russian cyberattacks against the U.S. as part of Russia’s ongoing conflict with Ukraine. In addition to alerting U.S. companies and critical infrastructure providers, President Biden has also warned state and local governments, saying they too must immediately harden their cyber defenses.
Specifically, the President sent letters to each governor asking them to increase oversight of their states’ critical infrastructure and offering assistance from the federal government to help each state shore up their cybersecurity defenses. The letter referenced the May 2021 Executive Order on Improving the Nation’s Cybersecurity, which established a set of essential, baseline standards for federal agencies to adopt, and urged state leaders to implement the same standards to secure their state’s computer systems and critical infrastructure. These standards include conducting exercises to plan and prepare for cyberattacks, and ensuring that systems are patched and up to date to protect against vulnerability exploits.
Malicious cyber actors, whether related to Russia’s attack on Ukraine or not, will continue to strike, especially when targets are distracted or unprepared. Fortifying cyber defenses does not happen overnight, but there are strategies state and local governments can employ to make their systems more secure against nation-state threats.
- Invest in risk-based vulnerability management: The rise of nation state cyber threats makes it imperative for state and local governments to prioritize cybersecurity efforts where they are needed most rather than trying to find and patch every vulnerability. Risk-based VM scans help prioritize the vulnerabilities that pose the biggest risk to state and local government entities if they’re exploited by attackers. Leveraging risk-based VM, state and local governments can protect their citizens, data and systems from cyber attacks.
- Safeguard state and local critical infrastructure: As IT/OT environments converge, cyber attack landscapes expand rapidly. Government entities must employ tools to proactively identify IT/OT weaknesses and protect critical infrastructure from cyber attacks. Visibility, threat tracking and situational awareness are essential to securing critical infrastructure.
- Implement a zero-trust strategy: Take a ‘trust no one’ policy to disrupt attack paths and secure state and local governments against cyber attacks. Verifying everything before granting access to various networks and systems prevents attacks that leverage misconfigurations, and continuously assesses which resources are susceptible to a breach.
- Secure your Active Directory: As the master key to an organization’s system and network privileges, Active Directory is a prime target for attackers looking to gain administrator privileges and engage in lateral movement. To keep AD safe and secure, state and local governments should enforce local administrator password solutions (LAPS) and privileged access management (PAM), and promote cybersecurity best practices such as multi-factor authentication and strong password policies.
For state and local governments facing mounting risks of cyber attacks to their information systems and critical infrastructure, the strategies laid out above are a great way to get started, but by no means a comprehensive list. Do not be caught off guard, Tenable can help you remain vigilant of cyber threats.
Find out how state and local governments can defend against ransomware.