Arlington’s cybersecurity division is staffing up and training county employees in preparation for a growing wave of cyber attacks.
The Security, Privacy, Records and Regulatory Affairs division of the county’s Department of Technology Services reportedly blocked 90,000 virus and malware attacks last year, according to next year’s budget proposal.
The department said the number of attacks is expected to rise to 150,000 this year and continue to 200,000 by next year.
“The increase in viruses and malware blocked is due to increased detection efforts by additional security platforms… and an overall increase in security attacks,” the document read.
“We’re in a risk-reduction activity,” Richard Archambault, who helms the division, told ARLnow in a phone interview this week, “We’re not in a risk-elimination activity. We can’t prevent these things from happening. Someday everybody gets hacked.”
The department has asked for $60,000 to train all county employees in security best practices, especially how to avoid clicking on phishing emails which can introduce malware.
“The reason this cadence [of training] is so important is that these emails get more and more sophisticated every month,” Archambault said during a March presentation at the Metropolitan Washington Council of Governments.
“If we’re not constantly bringing people up to speed on where the threat actors are, we’re behind,” he added.
Archambault also added a new senior engineering role that junior staff can rise to: a bid to help with retention in an area hungry for cybersecurity professionals.
“One great part about working with a governmental entity is access to professional development across the region,” he said of Arlington’s location. “In most private sector companies, outsiders are competitors or customers. In government, there is a tremendous amount of cooperation and shared learning. This is fertile ground for growth as a cybersecurity practitioner.”
Local governments nationwide are also sharing lessons learned from a type of malware called “ransomware” that can hold data hostage until a “ransom” is paid, usually in bitcoin.
Ransomware attacks locked down Atlanta’s public computers, online bill payments, and airport wifi last year last year, and other hackers gained access to Dallas’ tornado sirens. All told, out of 2,216 security breaches found by a 2018 Verizon report, 304 affected public entities.
“Some of the basic things that they should have been doing to be prepared to recover were not done,” Archambault said of Atlanta. “In the most recent instance their backups were accessible to the hackers — so the hackers ransomed their primary data and their backups.”
Archambault said he was unable to share details about Arlington’s preparations for security reasons, and also said he was unable to comment on whether the county had ever been ransomed.
He did say the county purchases cybersecurity insurance.
After the attacks in Atlanta, Arlington’s then-chief information security officer David Jordan said “it’s going to be even more important that local governments look for the no-cost/low-cost, but start considering cybersecurity on the same level as public safety.”
“A smart local government will have fire, police and cybersecurity at the same level,” Jordan added.
Archambault told ARLnow that one of his “key priorities” since joining the office five months ago has been to create “an umbrella Privacy Policy for the County,” to “harmonize” the county’s many department’s policies with one another.
County spokeswoman Shannon Whalen McDaniel said Arlington is planning awareness events in October, which is National Cyber Security Awareness Month.
In the meantime, the division offered a few security tips for residents wanting to keep their own data safe from hackers:
- “Ensure your devices are setup to automatically install software updates and security patches. You may have bad memories of patches that were recalled or rolled back by various vendors. Those mistakes are far less frequent and the additional benefits of frequent patching now outweigh the drawbacks of the occasional bad patch.”
- “Don’t place your Wi-Fi router somewhere it can be seen easily from a window. Anyone peeking in might see your network name and password and then – they’re in. Change your Wi-Fi network password from time to time, but keep using strong passwords!”
- “Use a password locker application. We often tell people not to use the same username and password across different websites, but we don’t always do a good job telling people how to keep all the resulting username and password data organized (pro tip: not on paper and not on your desk!) There are great password locker applications that will automatically memorize your passwords and even autofill password forms on web pages.”
Photo via Flickr user Blogtrepreneur