Cyberattack 2022: How One Incident Created a Country-Wide Ripple Effect
July 2022 – Florida based software vendor Geographic Solutions Inc. suffered a major cyberattack, leaving tens of thousands across the country unable to file and receive their unemployment benefits and job-seeking assistance. Florida, Iowa, Tennessee, Louisiana, Washington D.C., and Nebraska were just some of the states affected by this incident. The organization discovered some malicious activity on their servers, immediately taking the system offline to prevent escalation. According to company officials, “no personal data was accessed and no data was removed from its network operations center”.
The nature of the attack is still unknown – although it is speculated to be ransomware. A thorough investigation was launched to discover the full extent and possible damage caused by the attack.
This is one of the biggest ripple-effect cyberattacks seen this year. Here, we will discuss its impact on different states, Florida in particular, and what lessons government agencies and local governments can learn from cybercrimes like these.
How states have been impacted
Geographic Solutions Inc. is a software vendor that is responsible for running and operating several job-seeking websites. With more than 35 states and territories as clients, heavy impacts were seen across the country. For starters, Tennesseeans couldn’t access the website to file their claims, preventing 12,000 dependents from receiving unemployment benefits in the middle of a recession.
Furthermore, some state-run websites were also shut down temporarily. In Louisiana, people were pointed to a call center to file their claims in place of the usual website. Texas opened up new job-seeking sites with links connecting people to popular websites like LinkedIn. However, in Nebraska, no tentative arrangements were made. Job-seeking websites were shut down temporarily — leaving dependents stranded until they went back online.
The impact on Florida and the state’s response
The state of Florida took swift actions in response to the incident. For example, the Department of Economic Opportunity (DEO) severed the link between websites, like Employ Florida, and the state unemployment portal, CONNECT. This meant that citizens could not access, log in, or file any claims. As a result, DEO had to remove the prerequisite job-searching requirement to be able to seek unemployment benefits. However, despite the new arrangements, applicants still experienced massive delays and issues to submit their claims and inquiries. This set thousands across the state from completing payments for their monthly bills, housing, personal requirements, and so on.
Employ Florida was offline for two weeks before it became fully operational again. Due to this incident and numerous others, the Floridian government laid down some new rules and regulations to better prevent and protect against cyberattacks in the future. On July 1st, bill HB7055 was signed, with several provisions against government ransomware attacks, and paying ransomware attackers – all of which carry the penalty of fines.
Furthermore, the government invested $15.6 million in IT education and training for students, both in college and high school. This was done for two reasons: first, to prepare and raise awareness of the dangers, types, and progression of cybercrimes; secondly, this is an ideal way to steer young minds into the vast world of cybersecurity, and potentially direct them to take up jobs in this field.
How local governments can grow from these incidents
The rate of cybercrimes in the US has seriously surged in the last few years, with the pandemic opening up new possibilities for cyberattackers. Cybercriminals are persistent and are constantly developing new or improved attack methods and tools. Oftentimes, governments lack the necessary funding, insight, skills, and protections needed to ensure that their systems and networks are safe from breaches.
Here are some steps that could help build a better cybersecurity network around the data and organizational processes:
- Educate your employees on the various kinds of cyberattacks, the dangers that come with them, the tools by which they can be executed, as well as their impact on organizational data and systems. Furthermore, organize training sessions and workshops on how to watch out or respond in the case of suspicious online activity.
- Implement security controls like antivirus, antimalware, firewalls, encryption, and multi-factor authentication to ensure that all municipal devices are secure from security breaches. Regularly audit and update all software, applications, and programs to the latest requirements to eliminate any vulnerabilities. Employ endpoint security programs and solutions to ensure added security on government devices.
- While third-party organizations offer great assistance and solutions, organizations should not be heavily dependent on them. You must maintain a proper inventory of third-party solutions and vendors, restrict their access to sensitive and critical data, regularly audit them, set up an efficient and centralized oversight monitoring system, and, finally, only work with third-party vendors that comply with industry regulations.
- Since government networks and systems contain a lot of critical and personal data, they should be stored on secure platforms with limited access given only to trusted employees on a need-to-know basis.
- Set aside an annual cybersecurity budget that you can allocate to different sections of your IT arsenal. Conduct yearly checks to determine which areas you have to delegate more or less funding to.
- Regularly back up government files and systems to an alternate and secure location. This practice helps restore operations quickly in the event of a data breach. It’s safest to set up offline backups that are disconnected from your network. Furthermore, carefully monitor user activity on all systems and networks to ensure that there is no suspicious activity.
- Government bodies are a favorite target for many cybercriminals. As such, invest in a strong cyber insurance policy to cover any liabilities in the event of a security breach.