TEWKSBURY — Leaders from over a dozen local communities and municipal organizations came together in Tewksbury last month to discuss the threat of cybercrime. Hosted by the Town of Tewksbury, the forum was the first of its kind collaboration between municipalities and cyber professionals.
The day long meeting was an opportunity to discuss vulnerabilities that cities and towns in Massachusetts, and across the country, face. Ransomware, killware, and access to resident data were all part of the discussion.
Select Board member James Mackey, a cyber professional, moderated the discussion which was held at the Tewksbury Public Library with support from Leicester Cyber Solutions and Lowell 5 bank.
Topics such as election security, network security, threat detection, and internal processes for cities and towns were covered. Municipal leaders were encouraged to not only evaluate their current status, but to start to evaluate weaknesses and strategize ways to address them.
Mackey said, “I see this as just a first step on the long road to tackling the problem of municipal cybersecurity. This event was designed to introduce municipal senior management to some of the core concepts of cybersecurity. While they are not expected to be subject matter experts, they do need to be able to meet their technical staff half way”.
During the session, engineers and cyber operations experts introduced resources that are available to communities to use as part of an implementation plan for cybersecurity. First and foremost, managers were encouraged to create a roadmap for a cybersecurity program, involving department heads and IT departments within the city or town government.
Even if there is no strong process in place, there were immediate process changes that could be made, such as changing passwords to non-common, non-obvious choices.
Strategies from the National Institute of Standards and Technology were discussed. NIST is a government agency focused on science and technology and has created a framework for assessing and addressing cybersecurity risks for business and government.
Threat detection and management was broken down into several categories: identify, protect, detect, respond and recover. According to the framework, which was established in 2014, “The national and economic security of the United States depends on the reliable functioning of critical infrastructure. Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing the Nation’s security, economy, and public safety and health at risk.”
The net of this strategy is to minimize risk.
Managers were encouraged to embark on an inventory of software and hardware in their organizations. Passwords were cited as a common point of weakness for networks, along with users not being able to recognize phishing emails and potentially opening spam email that might launch spyware or malware designed to harm an infrastructure system.
Backing up data was also discussed and highlighted as a key vulnerability. The presenters stated that if routine backups are scheduled then restoration of data becomes easier and the municipality will be in a stronger position should an attack occur. Emphasis was also placed on alerting surrounding communities should a cyberattack happen as a means to stop any type of serial intrusion.
During the session, a demonstration of hacker attempts was shown on the screen. Using a secure server and a simple domain, presenters were able to demonstrate how attempts to penetrate a password-protected site were happening around the clock from locations around the globe. During one discussion, over 10,000 attempts were logged, emanating from countries such as China, Russia, and even from within the United States.
Mackey said, “We wanted to start the discussion, educate and empower senior leaders, and build relationships for tackling this problem. While there is much Tewksbury can do to improve our cyber security protection measures, detection and response capabilities are costly. Hopefully as Tewksbury and our neighbors mature, we can look at partnerships to help resource the critical detection and response capabilities.”