ur society is dependable of information networks. Cyberattacks against cities and municipalities have come alarmingly everyday incidents. In USA there were more 100 ransomware attacks against public administrations (schools and local governments)1. The cost of a single attack can be very high. Georgia city’s computer network was struck in March 2018 causing loss of services like its traffic tickets and water bill payment systems2. According to the city officials no random was payed but after massive recovery efforts the total bill was reported to reach $17 million3. These kind of attacks cripple a network’s key services and functions. They require long term cleaning and recovery work affecting the normal life.
The question is why municipalities are on a line of fire. There are several reasons for this. Quite often, the critical infrastructure is developed or more precisely developing gradually. It is not planned it is and has been evolved. It might be that the underlying technologies running their critical infrastructure are outdated. Funding is always challenging and not enough money is allocated to upgrade the system or hire personnel with skills to do it. This leads to the situation that the picture and command to the overall understanding and command for the critical infrastructure is not clear.
In Finland, series of cyberattacks were launched during 2019. The most serious of them was against Lahti4 but also other cities (Pori, Espoo and Siuntio) reported similar attacks. The bill of the attack was closing 1M€. According to Traficom (Finnish Transport and Communication Agency) it is unclear what it the cybersecurity readiness level in municipalities. Many municipalities do not know their information systems although this is essential for anticipation. When you know your system, you know also its strengths and weaknesses. Already good command on basics on cybersecurity like strong passwords and properly configured firewalls can help.
To stop municipalities to become an easy target for cybercriminals we propose a situational awareness solution that is meant for small- to medium-sized IT infrastructures of local public administrations (LPAs) in both technological realisation and business/market strategy. Advanced features like cybersecurity related information sharing, cyber- incident detection or self-healing capabilities can be provided based on situational awareness. Based on these recent incidents the value of this work is crowing.5
Juha Röning Professor and director of Biomimetics and Intelligent Systems (BISG) research group (http://www.oulu.fi/bisg/) Coordinator of CS-AWARE (https://cs-aware.com/)
1 https://www.recordedfuture.com/state-local-government-ransomware-attacks-2019/
2 https://www.businessinsider.com/atlanta-cyberattack-cripples-city-operations-2018-3?r=US&IR=T
3 https://www.ajc.com/news/confidential-report-atlanta-cyber-attack-could-hit-million/GAljmndAF3EQdVWlMcXS0K/
4 https://yle.fi/uutiset/3-11121273 5 A Cybersecurity Situational Awareness and Information-Sharing Solution for Local Public Administrations based on Advanced Big Data Analysis: The CS-AWARE Project Schaberreiter, Thomas and Röning, Juha and Quirchmayr, Gerald and Kupfersberger, Veronika and Wills, Christopher C. and Bregonzio, Matteo and Koumpis, Adamantios and Sales, Juliano Efson and Vasiliu, Laurentiu and Gammelgaard, Kim and Papanikolaou, Alexandros and Rantos, Konstantinos and Spyros, Arnolt In: Challenges in Cybersecurity and Privacy – the European Research Landscape. RIVER PUBLISHERS SERIES IN SECURITY AND DIGITAL FORENSICS River Publishers, Netherlands, pp. 149-180 ISBN 978-87-7022-088-0 (Hardback); 978-87-7022-087-3 (Ebook) (2019
CS-AWARE blog: Juha Röning 1