Clickability tracking pixel

Massachusetts Town Navigates Cyberthreats Amid Remote Work

The move toward a remote workforce has complicated the daily operations of city government in Danvers, Mass., especially where IT is concerned. New efforts are helping officials and employees navigate the situation.

by Ethan Forman, The Salem News / August 24, 2020
Shutterstock

(TNS) — The town operates a complex information technology system it needs to protect from hackers beyond the regular business of municipal government.

That's because the town also runs an employee credit union and municipal utility, as well as a state-of-the-art emergency dispatch center at the police station.

So, when the pandemic hit in March, the challenge became how to keep these networks secure while town employees worked remotely.

"The biggest challenge is maintaining accessibility for people, getting everything they are used to getting internal to our network when they are external to the network and also maintaining our security," said Danvers IT Director Colby Cousens.

Partly in response to this dilemma and partly as a result of work that has been in progress, the Massachusetts Technology Collaborative began holding virtual Cybersecurity Incident Response Planning Workshops for every city and town in the state, with the first one held for the Northeast Homeland Security Regional Advisory Council toward the end of July.

The workshops aim to have cities and towns create or update their cybersecurity response plans, with followup workshops scheduled for the fall.

Stephanie Helm, a retired Navy captain and the director of the Massachusetts Cybersecurity Center at Massachusetts Technology Collaborative, and Candy Alexander, who works part-time as chief information security officer for Haverhill, recently spoke about how cities and towns can keep from getting hacked.

In recent years, Helm said a big threat from cyberhackers has been ransomware attacks, which involve paying a hacker to unlock data they've obtained and encrypted.

"So, municipalities have really become kind of a target for these hackers to go after," Helm said.

As part of a cybersecurity resiliency working group, they dedicated a working group on municipality cybersecurity so that cities and towns could better resist such attacks and recover from them. The workshops were designed to help cities come up with response plans.

"And then the COVID hit and there was some discussion about whether or not we should do the workshops at all," Helm said.

But what they found was hackers were focusing on municipalities and using terminology for COVID-19 and the pandemic to get users to click on bad links containing malware. They decided to hold the workshops virtually.

"Even though ... cities and towns were stressed trying to respond to the health crisis, this cybercrisis was still continuing," she said.

Like many organizations, cities and towns were left scrambling. Their first priority was to make sure people could work remotely, and then figure out the security threats.

Cousens said there is no foolproof network protection, so they depend on a layered approach, called "security fabric", which involves different components of cybersecurity being interwoven.

That takes the form of a firewall, a dedicated computer hardware appliance that sits in between an internal network and the Internet that aims to let in the good traffic and keep out the bad.

The firewall integrates with security programs, such as antivirus software, on employees' devices. Security Information and Event Management software can also alert the town's IT staff to anomalies on the network.

In Danvers, the shift to working from home meant town employees needed outside access to data that had been protected inside the town's network. The town had to be careful about the use of personal devices, which were checked to make sure they were patched and had the correct antivirus software on them.

"The COVID response ... created a different IT architecture than what the town designed," Helm said of what communities faced with employees using their own computers or printers, not government-issued equipment, at home.

"So all of that does present a challenge for the security person to try and address," she said.

Alexander said employees need to pay close attention to their emails.

"If you get an email from somebody you don't know, be very cautious, and when you open that email, don't click on anything," Alexander said.

Cousens said Danvers recently won a grant from the state to offer an online education platform containing four cybersecurity modules to help workers spot an attack.

In the end, the network still has to be available so people can do their work remotely, Cousens said.

"That's a huge piece of it, a major piece of it. There are only so many things you can block, you still need people to do work."

©2020 The Salem News, Distributed by Tribune Content Agency, LLC.

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

E.REPUBLIC Platforms & Programs