Keeper Security is thrilled to announce the appointment of Paul Aronhime as Senior Vice President of Federal Sector. Paul is a seasoned industry leader with a
Cyber attacks at government organizations are prevalent in 2024, as the government continues to be one of the most targeted sectors. Research by IT Governance has found that in January alone there have been 183 incidents in the public sector, including both ransomware attacks and data breaches. Cybercriminals target government agencies because they store valuable personal data and perform critical functions and services. Additionally, the public sector is often viewed as a more vulnerable target compared to other industries due to limitations in IT staffing and resources.
Although not every network breach makes the news, there have been several recent high-profile cyber attacks in the sector worth noting.
Fulton County, Georgia
Fulton County in Georgia is still dealing with damage to its government offices by a January cyber attack. Phone lines were shut down and many systems were taken offline for weeks, hindering everything from vehicle registrations and marriage licenses to property tax payments. The ransomware group LockBit 3.0 took credit for the attack and threatened to release residents’ personal information online.
Although Lockbit has set two separate deadlines for ransom payments, the county has stated that no ransom has been paid, and they’re not currently aware of any data released on the dark web.
Bucks County, Pennsylvania
Bucks County in Pennsylvania experienced a cybersecurity incident in January that knocked out their Emergency Communications’ Department’s computer-aided dispatch (CAD) system, which is used by the local fire department, police department and emergency services. The system was down for nine days, forcing dispatchers to use pen and paper while receiving and dispatching 911 calls.
Officials believe the ransomware group “Akira” is behind the attack. The latest update from the county’s website notes that this incident remains under county, state and federal investigation.
Kansas City Area Transportation Authority
The Kansas City Area Transportation Authority (KCATA) disclosed a January ransomware attack resulting in ongoing communication disruptions. That agency stated that regional RideKC call centers and KCATA landlines are still unable to receive calls. KCATA is run by officials in Kansas and Missouri and typically provides around 40,000 rides per day.
The Medusa ransomware group claimed responsibility for the attack and has reportedly added the KCATA to its Tor leak site and published samples of the alleged stolen data as proof of the data breach. The latest update from the KCATA website notes that the organization is “working around the clock with our outside cyber professionals and will have systems back up and running as soon as possible.”
Oakley, California
The City of Oakley in California declared a state of emergency after a February ransomware attack. Several systems have been taken offline, causing delays in non-emergency government services from the city. The city is developing a response plan and actively working to safely secure and restore services.
The nearby city of Pleasant Hill, California also experienced a cyber attack in February. The city stated that their IT teams detected and responded to a cyber intrusion targeting the city’s computer services, but the intrusion was quickly isolated to minimize damage. The incident is currently under investigation.
Business Email Compromise (BEC) attacks
A hacking group known as TA4903 has been impersonating US government agencies, including the Department of Transportation, Department of Agriculture and Small Business Administration. Their goal is to trick targets into opening malicious files using QR codes in PDF attachments that are designed to resemble the spoofed organization. The QR codes lead to phishing sites mimicking the government agencies’ legitimate portals, and visitors are prompted to enter their credentials.
Government agencies have been urged to implement multi-layered security protocols and employee cybersecurity training to protect against this threat.
Safeguard against ransomware attacks with Keeper Security Government Cloud
Keeper Security Government Cloud (KSGC) password manager and privileged access manager protects organizations of all sizes against cyber attacks. Mitigate risks and combat cyber attacks with a cybersecurity platform that is quickly deployed and easily adopted by all users.
KSGC utilizes a zero-trust and zero-knowledge security architecture, along with delegated administration and role-based enforcement policies, to provide system administrators complete visibility and control over identity security and risks within their organization.
To learn more about how KSGC can protect your organization against ransomware and cyber threats, request a demo today.