Cyber Security Update Work SessionCopyrighted
May 3, 2021
City of Dubuque Work Session - Top # 1.
City Council Meeting
ITEM TITLE: 5:00 PM - Cyber Security Update
SUMMARY: Information Services Manager Chris Kohlmann will provide a cyber
security update.
SUGGESTED
DISPOSITION:
ATTACHMENTS:
Description Type
Cyber Security Update Work Session-MVM Memo City Manager Memo
Work Session Cyber Security Update Memo to the Staff Memo
City Manager
THE C
DUUB-.-*.-TE
Masterpiece on the Mississippi
TO: The Honorable Mayor and City Council Members
FROM: Michael C. Van Milligen, City Manager
SUBJECT: Work Session on Cyber Security Update
DATE: April 29, 2021
Dubuque
*Amrin Cia
2007-2012.2013
2017*2019
Information Services Manager Chris Kohlmann is transmitting information for the Cyber
Security Update Work Session and will be making a presentation.
Mic ael C. Van Milligen
MCVM:jh
Attachment
cc: Crenna Brumwell, City Attorney
Cori Burbach, Assistant City Manager
Chris Kohlmann, Information Services Manager
THE CITY OF
DUB E
Masterpiece on the Mississippi
TO: Michael C. Van Milligen, City Manager
FROM: Kohlmann, Information Services Manager
SUBJECT: Work Session Cyber Security Update
DATE: April 29, 2021
BACKGROUND
Dubuque
ul-Ameriw Cif
2007-2012.2013
2017*2019
In 2015 in his January State of the Union address, President Obama called for a strong
bipartisan effort to address cybersecurity challenges nationwide, touching on such
issues as student privacy, breach notification and information sharing. Many applauded
the president's proposals and welcomed the widespread exposure for these urgent
issues as this was one of the first efforts to address the issues of cybersecurity as a
critical nationwide challenge.
Six years later, the issues of cybersecurity remain a clear threat to all levels of public
and private sectors. While the federal government works on big -picture solutions, state
and local government agencies are under tremendous pressure to secure critical data,
infrastructure, and services.
The past year of the pandemic has pushed government leaders at all levels to
accelerate digital transformation efforts and bolster cybersecurity protections of their
networks, information systems and websites. The American people, now more than
ever, are relying on government websites for critical digital services and authoritative
information — from COVID-19 vaccines to finding polling locations for elections. With
rampant misinformation, disinformation and spoofing campaigns often conducted by
sophisticated nation-state actors, government technology especially at the city and
county level, remain incredibly vulnerable and targeted by threats.
The City of Dubuque has taken a multi -pronged approach to cybersecurity for our
networks, users, infrastructure, data, and resident access to information including
policy, best practices, training, threat mitigation and response.
DISCUSSION
During the Cyber Security Update Work Session, I would request to review the following
points with an outcome of a better understanding of the current cybersecurity landscape
and best practices/action steps that can be done by individuals and the city organization
to minimize the occurrence along with addressing threats.
I. Summary of the Current Threat Landscape for Local Government
11. Anatomy of a Cyber Attack
111. Best Practices in Addressing Current Threats
IV. Equity Impact on Vulnerable Communities
V. Action Steps Going Forward
The Work Session will have time for questions. This will be a high-level review that
gives a snapshot of the problem, strategy, and solutions.
ACTION STEP
This is a very complex problem that impacts our staff, our elected officials, our
organization, and our residents. I appreciate the opportunity to share this information
with the Mayor and City Council. Please let me know if there are any questions.
DUBUQUE CITY
COUNCIL WORK
SESSION
Cybersecurity Update
May 3, 2021
Digital technology should be treated like water
and cybersecurity as the foundation for
keeping it clean.
“A National Cybersecurity Agenda for Resilient Digital Infrastructure” Aspen Institute
December 2020
https://www.aspeninstitute.org/longform/a-national-cybersecurity-agenda-for-resilient-
digital-infrastructure/
Threat Landscape -In the News
•SolarWinds
•A very targeted spear phishing attack
•A vulnerability in third-party software that was not patched
•Credential compromise of a few specific users
•Oldsmar Florida Water Treatment Facility
•Old computer running an outdated Windows 7 operating system.
•Staff all utilized the same password for remote access via the TeamViewer application.
•The plant’s computers appeared to be connected directly to the Internet without any type of
firewall protection installed.
•City of Baltimore experienced downtime for many systems for over a month with cost
estimates of over $18 million dollars to recover.
•City of Atlanta estimates their ransomware recovery costs at over $17 million.
Threat
Landscape -
Statistics
Nearly 85% of all emails are spam
Scams and fraud comprise only 2.5% of all spam email;
however, phishing statistics indicate that identity theft makes
up 73% of this figure
As many as 85% of all organizations have been targeted by
phishing scams in 2020
Microsoft accounts are the most popular targets of phishing
emails, accounting for 43% of all phishing attempts
Fake invoice incidents more than doubled in the first part of
2020.
Source What’s On the Other Side of Your Inbox –20 SPAM
Statistics for 2021
1.Reconnaissance
•How easy is the site to Hack
•Which Users are Most “Hackable”
•What information is easily available
•Credentials
•Phone numbers
•E-mail addresses
•Forms
2.Attack
•The actual attack
•Fake Accounts or altered accounts with administrative
capabilities are set up
•Information is harvested for sale or use
3.Expansion
•Embed of malicious programs to maintain their
control of the network maintain their control of the
network
4.Obfuscation
•Mask the origins of the attack in order to avoid
becoming detected.
Motive of a
Cyber-Threat
The criminal is trying to steal
something
•Money
•Information
To Do Something
•Gain Money
•Reputation
•Sell Information
•Vulnerability
Best Practices -Prevention
◦Understanding the Motive
◦Financial Gain
◦Direct Financial Gain from Scams
◦Indirect Financial gain through Stealing
of Information –Ransom
◦Damaging an individual’s or organization’s
reputation
◦Spreading Fear
◦Causing distraction from other activity
Best Practices –
Public Wi-Fi
◦Do not connect to unsecure
wireless networks when doing
“work-related” activities
◦Do Not Open Wi-Fi
connections that isn’t password-
protected.
◦Do Adjust your device settings
so you don’t auto-connect to
networks.
Best Practices –Phish Response
◦Understand the Signs of a Phish –if it looks like a phish it
probably is one!
◦The following features generally indicate a phishing email:
•Spelling or grammar errors
•The lack of a personal greeting
•A questionable email address or subject line
•URLs and email domains that appear legit but are one letter off
•Sub-domains that aren’t officially owned by trusted brands and
companies
◦Verify the legitimacy of the email over the phone or in person
◦Be cautious about clicking links or giving out personal information.
Best Practices How to Spot a Scam
◦May look like they’re from a company you know or trust. As Why am
I getting this notification via e-mail?
◦Phishing emails and text messages often tell a story to trick you into
clicking on a link or opening an attachment.
◦Say they’ve noticed some suspicious activity or log-in attempts
◦Claim there’s a problem with your account or your payment information
◦Say you must confirm some personal information
◦Include a fake invoice
◦Want you to click on a link to make a payment
◦Say you’re eligible to register for a government refund
◦Offer a coupon for free stuff
Best Practices –Information Sharing
◦Share information securely
◦Never share personally identifiable information (PII )via e-
mail
◦DOB, SSN, Bank Account Numbers, Driver License
Information
◦Do use the City’s ftp site or other encrypted means to
share personally identifiable information
◦Never Share Passwords
Best Practices –Data and Device Sharing
◦Practice Good Storage Habits
◦Don’t Store sensitive data on a personal hard drive
◦Don’t upload work-related files to personal storage
◦Protect data to vulnerable to identity theft and data breaches
◦Work From Home
◦Be as responsible working from home as you would be working in an office.
◦Keep work and personal devices separate and use each for their respective
purposes.
◦Mobile Devices
◦Don’t share work devices
◦Keep your device with you in public places
Equity Impact
by Age
◦Older Adults
◦Older adults were the least likely of any age
group to report losing money to scams
◦But when older consumers experience
consumer fraud, their reported financial losses
were greater than what younger consumers
reported.
◦Even though older consumers are less likely to
report losing money to scams, certain scams are
more likely to strike them
◦Young Adults
◦By number this is the largest group falling
victim to cybercrime
◦Targeted through social media
Cybersecurity and Race
◦Communities of Color are disproportionately affected by
cyberattacks that target critical infrastructure
◦Disinformation and misinformation campaigns at home and
abroad targeting communities of color
◦As an industry –Cybersecurity professionals’ understanding of
cultural nuances of technology use and access is integral to
building policies and technical solutions that secure systems and
serve people
◦Changing the language of Cybersecurity
Addressing the Risk
FISCAL YEAR 2021
Action Steps
•Cybersecurity
◦Network Assessment and
Testing
◦Increased Emphasis on
Cybersecurity Awareness
◦Enhanced security
◦Multi-factor Authentication
◦Strong Passwords
◦Exception Reporting
Project FY 21 Cost Total Cost
City-Wide Computer & Printer
Replacements $678,609 $3,260,290
Network Security Risk Assessment $22,000 $67,000
Layer 2 Redundant Network Switch $74,000 $149,229
Ransomware Defender & File Recovery $47,400 $50,610
Enterprise Firewall Security Gateway
Cluster
$37,955 $37,955
FY 21 CAPITAL IMPROVEMENT PROJECTS
Having Cybersecurity Impact
Information Services Department
Project FY 22 Cost Total Cost
City-Wide Computer & Printer
Replacements $855,262 $2,669,025
Data Vault $200,000 $200,000
Network Security Risk Assessment $15,000 $30,000
Layer 2 Redundant Network Switch $75,229 $75,229
Upgrade Isilon Disk Storage System $250,000 $250,000
FY 22 CAPITAL IMPROVEMENT PROJECTS
Having Cybersecurity Impact
Information Services Department
THANK YOU