Within the past few weeks, two large American cities learned that their information systems were hacked. First, Atlanta revealed that it had been the victim of a ransomware attack that took many of the city’s services offline for nearly a week, forcing police to revert to taking written case notes, hampering the Atlanta’s court system and preventing residents from paying water bills online. Then, Baltimore’s 311 and 911 dispatch systems were taken offline for more than 17 hours, forcing dispatchers to log and process requests manually. Both attacks could have been prevented. And they are more evidence of the poor, if not appalling, state of local government cybersecurity in the United States.
Today’s cities are on the frontline of crime and terrorism. While some of them are clearly more at risk than others, all of them are vulnerable. Not surprisingly, cities are experimenting with innovative approaches to preventing crime and countering extremism.
Buried in the avalanche of recent cyber attacks, there is good news and bad. Ransomware attacks, which paralysed many organisations — from parts of the UK’s National Health Service to the German railway and major manufacturers — illustrate how acting on good threat intelligence and sensible advice, such as updating and patching software, can avoid major damage.
Let me start with a non-technology related analogy.
Over the last twenty years the increasing number of cars on our motorways/highways has caused a surprising environmental problem. Cars driving at speed create a wind-tunnel effect, which in turn can pick up seeds and spores from plants, spreading them to places where they would normally not have grown. In one British case, a seaside plant which used to be native to coastal areas is now commonplace on motorway central reservations up to 100 miles inland.