The current battle in the cyber war front needs immediate attention

• Join the MS-ISAC and the NACo Tech Xchange – Important “county member only” information is being shared through both these venues. Information on national alerts, webinars and calls, as well as providing access to valuable no-cost services.
• Register for the NACo national call on Thursday March 3, to learn more about the current cyber situation and what counties can do immediately and into the near future to shore up their defenses.
• Step Up Your Cyber Defenses – Talk to your CIO, IT director, or IT support. Ask them to verify or implement multi-factor authentication, conduct regular scans of your end user devices and network activity, update software, increase spam filtering and filter network traffic. To help make this an easier conversation, NACo officially released on Feb. 25, a new Cyber Guide for County Leaders. The questions in this guide can help guide the conversation and cyber planning for your county.

One may be asking “why do I need to take the three above steps? Why, as an elected official, should I be concerned? We are at a point in our world where political, socio-economic and catastrophic incidents correlate with a rise in cyber attacks. It is a known fact now that cyber war is a continuous fight of multiple battles. Each battle learns from the one before it and course corrects, using new technologies and techniques while learning from past mistakes. That being said, no matter what battle we are in, there are certain basics that should be in place and tested to verify they are ready for real action. The current cyber landscape is a testament to this fact. The cyber war has been going on for years, with battles rising up along the way. The early battles focused on securing the local physical server fortress. There were few cloud applications and few options to save or store data in the cloud. Today’s battle, while much different, still requires that the basics be in place.

Over the past week and through the weekend, the media shared reports of heightened cyber attacks on Ukraine, with threats now extending to the U.S. government warning companies to shore up their defenses and to do so as quickly as possible. So what does that mean? What is different now than before? I offer the following for your consideration:

What is the same:

• Strong passwords
• Securing the perimeter with strong firewalls
• Blocking foreign network traffic
• Educating end users through cyber videos and “phishing” test emails

What is different (buliding on the above)

• Multi-factor authenticaion is an absolute
• Spam filters need to be increased
• SSL for websites and changing your domain to a DotGOV domain
• 24/7 monitoring of your external perimeter to be a more proactive priority
• Utilizing national resources that are more readily available, including the MS-ISAC, CIS and CISA’s Shields Up

With those basics in mind, CISA and the FBI released an important advisory at the end of February with specific actions to take. They include the following:

• Require multifactor authentication; 
• Set antivirus and anti-malware programs to conduct regular scans;  
• Enable strong spam filters to prevent phishing emails from reaching end users;  
• Update software; and
• Filter network traffic.

Is there more that we as counties can be doing. Of course, there is. These steps are vital and should be a part of county conversations with your IT support. Further, for on-going and up to date information, I would encourage your county IT leadership to get connected with the NACo Tech Xchange, a network of over 760 county IT leaders and NACo staff that dialogue on a daily basis through email concerning important technology topics.

In closing, some may be thinking that although this a serious situation for other countries, the U.S. is sufficiently protected. We have known for quite some time that while the U.S may be more protected than other nations, we are still vulnerable. In 2012, Leon Panetta, former CIA director and secretary of defense, warned of a “cyber-Pearl Harbor” in which an enemy would use a cyberattack to derail passenger trains, contaminate the water supply or shut down parts of the power grid. Panetta worried that such an attack "would paralyze and shock the nation and create a profound new sense of vulnerability.” I would venture to say that we continue to see snapshots of what he referred to. Last year’s attack on a Florida water supply and the JPL pipeline are witness to that. Let’s not wait until it’s too late to be proactive!