The city of Grass Valley, California suffered a data breach exposing employee and citizen information. A statement from the city council previously confirmed that it had experienced “unauthorized access” to its systems between April 13 and July 1, 2021. Around this time the issue was generally downplayed by the city authorities.
However, exactly what happened with the incident and how widespread the incident has only recently been made clear.
An investigation has now determined the extent of the attack, revealing that the malicious actor had transferred files outside of the city’s network, including the financial and personal information of “individuals associated with Grass Valley.”
Looking at the issue for Digital Journal is Matt Sanders, Director of Security at LogRhythm.
Sanders explains that we should not be surprised that a city wide attack took place, focusing on public infrastructure: “Local, state and federal governments continue to be sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged, and the often-inferior defenses that allow easy exploitation.”
The inferiority is a combination of a lack of funding and insufficient resources to maintain systems correctly.
With this latter point, Sanders finds: “There is a shortage of people, process, and technology in most city governments and their agencies, which is leading to more vulnerabilities and increased risk and susceptibility to cyberattacks and data breaches.”
Returning to the news about the Grass Valley, California incident, Sanders states that the ramifications are serious: “Now that hacker(s) are armed with a high volume of personally identifiable information (PII), city employees and citizens are at risk of additional cyberattacks and other forms of fraud at the hands of threat actors.”
As Grass Valley attempts to deal with the fallout, Sanders has some general advice for the state sector. This is: “Government entities need to recognize that the possibility of a data breach is only increasing with time and take pivotal steps to successfully prepare for a breach or cyberattack and ensure continued, uninterrupted support to U.S. citizens.”
Sanders recommends that: “To prepare, organizations must patch aggressively, limit privileged access, create backups, prepare a response plan, prioritize educational training and consider cyber insurance. Above all, cybersecurity needs to be properly funded to prevent breaches and attacks on governments as they are a matter of when, not if.”
Sanders’ final comment is about the important of planning: “As with anything in life it’s about how you can respond to these attacks and that’s not something organizations want to do without practice and a plan.”