51.5 F
Washington D.C.
Friday, March 1, 2024

Surge in Cyberattacks Targeting State and Local Governments Highlighted in 2023 CIS Report

In a recent revelation by the Center for Internet Security (CIS), a non-profit organisation headquartered in Upstate New York, an unsettling surge in cyberattacks against state and local governments has been exposed, spanning the transition from 2022 to 2023. This revelation is derived from the outcomes of the 2022 Nationwide Cybersecurity Review, an extensive survey encompassing over 3,600 state, local, tribal, and territorial government organisations, meticulously evaluating their cybersecurity readiness.

The report zeroes in on the initial eight months of both 2022 and 2023, where participating government entities reported a conspicuous uptick in various categories of cyber threats. A staggering 148% surge in malware attacks was highlighted, complemented by a 51% increase in ransomware incidents during the opening eight months of 2023 compared to the equivalent period a year prior.

Non-malware cyberattacks, where hackers adeptly utilise existing tools within a device or software to compromise systems, witnessed a discernible uptick of 37%. The report also meticulously documented a substantial 313% surge in incidents linked to endpoint security services, encapsulating data breaches, unauthorised access, and insider threats.

A crucial observation gleaned from the report underscores a prevailing weakness in many state and local government cybersecurity programs – the absence of formalisation and consistent testing. While organisations might have processes in place to address vulnerabilities and formulate response or recovery plans, these activities might not have undergone formalisation or consistent testing, according to insights from the CIS Multi-State Information Sharing and Analysis Center team.

The survey brought to light that organisations without established cybersecurity plans cited challenges such as insufficient funding, the escalating sophistication of cyber threats, the absence of documented processes, the emergence of technologies, and limited access to cybersecurity professionals. These concerns, persistently troubling government entities for the past eight years, serve as formidable barriers to the establishment of robust cybersecurity programmes.

Despite these challenges, the CIS report also sheds light on areas where survey participants have fortifying their cybersecurity posture. This includes noteworthy enhancements in identity management, cybersecurity awareness training, and the implementation of mitigation and recovery strategies in the event of a cyberattack. The report underscores the imperative for ongoing efforts to address vulnerabilities and augment the resilience of state and local government cybersecurity programs.

Matt Seldon
Matt Seldon
Matt Seldon, BSc., is an Editorial Associate with HSToday. He has over 20 years of experience in writing, social media, and analytics. Matt has a degree in Computer Studies from the University of South Wales in the UK. His diverse work experience includes positions at the Department for Work and Pensions and various responsibilities for a wide variety of companies in the private sector. He has been writing and editing various blogs and online content for promotional and educational purposes in his job roles since first entering the workplace. Matt has run various social media campaigns over his career on platforms including Google, Microsoft, Facebook and LinkedIn on topics surrounding promotion and education. His educational campaigns have been on topics including charity volunteering in the public sector and personal finance goals.

Related Articles

Latest Articles